Automated Malware Analysis IOC Report for

Details

Name:	00000007.00000003.1619905404.000000003372B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3372B000
Size:	405504

Signature Hits	Behavior Group	Mitre Attack
Yara detected WebBrowserPassView password recovery tool	Stealing of Sensitive Information
Found strings which match to known social media urls	Networking
SQL strings found in memory and binary data	System Summary
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000007.00000003.2609425448.0000000002B28000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B28000
Size:	102400

Signature Hits	Behavior Group	Mitre Attack
Yara detected Remcos RAT	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
May try to detect the Windows Explorer process (often used for injection)	HIPS / PFW / Operating System Protection Evasion	Process Injection Process Discovery
URLs found in memory or binary data	Networking

Details

Name:	00000007.00000003.1568453447.00000000338AB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	338AB000
Size:	557056

Signature Hits	Behavior Group	Mitre Attack
Yara detected WebBrowserPassView password recovery tool	Stealing of Sensitive Information
Sample file is different than original file name gathered from version info	System Summary
Found strings which match to known social media urls	Networking
SQL strings found in memory and binary data	System Summary
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000007.00000003.1618394416.000000003378E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3378E000
Size:	405504

Signature Hits	Behavior Group	Mitre Attack
Yara detected WebBrowserPassView password recovery tool	Stealing of Sensitive Information
SQL strings found in memory and binary data	System Summary
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000007.00000003.1584946257.0000000033C4D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33C4D000
Size:	700416

Signature Hits	Behavior Group	Mitre Attack
Yara detected WebBrowserPassView password recovery tool	Stealing of Sensitive Information
Sample file is different than original file name gathered from version info	System Summary
SQL strings found in memory and binary data	System Summary
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000000.00000002.1404457055.0000000005078000.00000040.00001000.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	5078000
Size:	10485760

Signature Hits	Behavior Group	Mitre Attack
Yara detected GuLoader	Data Obfuscation

Details

Name:	00000007.00000002.3718042007.0000000002B2C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2B2C000
Size:	65536

Signature Hits	Behavior Group	Mitre Attack
Yara detected Remcos RAT	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
May try to detect the Windows Explorer process (often used for injection)	HIPS / PFW / Operating System Protection Evasion	Process Injection Process Discovery
URLs found in memory or binary data	Networking

Details

Name:	00000007.00000002.3736993360.00000000338B0000.00000040.10000000.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unclassified section
Protect:	page execute and read and write
Base address:	338B0000
Size:	376832

Signature Hits	Behavior Group	Mitre Attack
Yara detected WebBrowserPassView password recovery tool	Stealing of Sensitive Information
SQL strings found in memory and binary data	System Summary
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000007.00000003.1621281718.0000000033B92000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33B92000
Size:	700416

Signature Hits	Behavior Group	Mitre Attack
Yara detected WebBrowserPassView password recovery tool	Stealing of Sensitive Information
Sample file is different than original file name gathered from version info	System Summary
SQL strings found in memory and binary data	System Summary
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000007.00000003.1621614361.000000003394B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3394B000
Size:	700416

Signature Hits	Behavior Group	Mitre Attack
Yara detected WebBrowserPassView password recovery tool	Stealing of Sensitive Information
Sample file is different than original file name gathered from version info	System Summary
SQL strings found in memory and binary data	System Summary
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000007.00000003.1583248844.0000000033A25000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33A25000
Size:	700416

Signature Hits	Behavior Group	Mitre Attack
Yara detected WebBrowserPassView password recovery tool	Stealing of Sensitive Information
Sample file is different than original file name gathered from version info	System Summary
SQL strings found in memory and binary data	System Summary
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000007.00000002.3717875155.0000000002AF2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2AF2000
Size:	221184

Signature Hits	Behavior Group	Mitre Attack
Found malware configuration	AV Detection
Yara detected Remcos RAT	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
URLs found in memory or binary data	Networking

Details

Name:	00000007.00000003.1584269252.0000000033668000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33668000
Size:	401408

Signature Hits	Behavior Group	Mitre Attack
Yara detected WebBrowserPassView password recovery tool	Stealing of Sensitive Information
SQL strings found in memory and binary data	System Summary
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	0000000D.00000002.1616639677.0000000000400000.00000040.80000000.00040000.00000000.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	system
Protect:	page execute and read and write
Base address:	400000
Size:	376832

Signature Hits	Behavior Group	Mitre Attack
Yara detected WebBrowserPassView password recovery tool	Stealing of Sensitive Information
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000007.00000003.1584904820.000000003372A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3372A000
Size:	409600

Signature Hits	Behavior Group	Mitre Attack
Yara detected WebBrowserPassView password recovery tool	Stealing of Sensitive Information
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000007.00000003.1584499429.000000003372A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3372A000
Size:	409600

Signature Hits	Behavior Group	Mitre Attack
Yara detected WebBrowserPassView password recovery tool	Stealing of Sensitive Information
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000007.00000003.1584269252.000000003372A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3372A000
Size:	409600

Signature Hits	Behavior Group	Mitre Attack
Yara detected WebBrowserPassView password recovery tool	Stealing of Sensitive Information

Details

Name:	00000007.00000003.1618558049.000000003372A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3372A000
Size:	409600

Signature Hits	Behavior Group	Mitre Attack
Yara detected WebBrowserPassView password recovery tool	Stealing of Sensitive Information
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000007.00000003.1621737133.0000000033AE3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33AE3000
Size:	700416

Signature Hits	Behavior Group	Mitre Attack
Yara detected WebBrowserPassView password recovery tool	Stealing of Sensitive Information
Sample file is different than original file name gathered from version info	System Summary
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000007.00000003.1621518182.0000000033A2A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33A2A000
Size:	700416

Signature Hits	Behavior Group	Mitre Attack
Yara detected WebBrowserPassView password recovery tool	Stealing of Sensitive Information
Sample file is different than original file name gathered from version info	System Summary
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000007.00000003.1584713771.000000003372A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3372A000
Size:	409600

Signature Hits	Behavior Group	Mitre Attack
Yara detected WebBrowserPassView password recovery tool	Stealing of Sensitive Information

Details

Name:	00000007.00000003.1566327110.00000000336CF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	336CF000
Size:	360448

Signature Hits	Behavior Group	Mitre Attack
Yara detected WebBrowserPassView password recovery tool	Stealing of Sensitive Information
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000007.00000003.1584803753.000000003372A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3372A000
Size:	409600

Signature Hits	Behavior Group	Mitre Attack
Yara detected WebBrowserPassView password recovery tool	Stealing of Sensitive Information

Details

Name:	00000000.00000002.1382674596.000000000464F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	464F000
Size:	8192

Details

Name:	00000000.00000002.1380006625.00000000043D1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	43D1000
Size:	12288

Details

Name:	00000010.00000003.1588981892.00000000031F4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31F4000
Size:	4096

Details

Name:	00000007.00000003.1562710214.0000000033541000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33541000
Size:	12288

Details

Name:	00000000.00000002.1393840534.00000000048D6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	48D6000
Size:	12288

Details

Name:	0000000D.00000002.1616861888.0000000002FDC000.00000004.00000010.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2FDC000
Size:	4096

Details

Name:	00000000.00000002.1382674596.0000000004652000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4652000
Size:	12288

Details

Name:	00000000.00000002.1404057179.0000000004B82000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4B82000
Size:	12288

Details

Name:	0000000D.00000002.1617241829.000000000341E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	341E000
Size:	8192

Details

Name:	00000000.00000002.1383256141.00000000046A0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	46A0000
Size:	12288

Details

Name:	00000000.00000002.1402609640.00000000049F2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	49F2000
Size:	12288

Details

Name:	00000007.00000003.1570973239.000000003363B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3363B000
Size:	16384

Details

Name:	00000007.00000003.1719067758.00000000335FF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335FF000
Size:	24576

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000007.00000002.3736887084.0000000033870000.00000040.00001000.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	33870000
Size:	4096

Details

Name:	0000000D.00000002.1617642705.00000000037AC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	37AC000
Size:	73728

Signature Hits	Behavior Group	Mitre Attack
SQL strings found in memory and binary data	System Summary

Details

Name:	00000000.00000002.1375767396.0000000000615000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	615000
Size:	12288

Details

Name:	00000007.00000003.1569596758.000000003363B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3363B000
Size:	16384

Details

Name:	00000000.00000002.1403460637.0000000004AD7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4AD7000
Size:	8192

Details

Name:	00000000.00000002.1383256141.0000000004676000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4676000
Size:	12288

Details

Name:	00000000.00000002.1394433886.0000000004914000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4914000
Size:	12288

Details

Name:	00000007.00000003.1563531261.00000000335BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335BA000
Size:	8192

Details

Name:	00000000.00000002.1385402191.0000000004724000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4724000
Size:	12288

Details

Name:	00000000.00000002.1403209702.0000000004AB3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4AB3000
Size:	12288

Details

Name:	00000000.00000002.1403460637.0000000004AD3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4AD3000
Size:	12288

Details

Name:	0000000D.00000003.1595546580.0000000005589000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	5589000
Size:	331776

Details

Name:	00000000.00000002.1393376403.000000000483B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	483B000
Size:	12288

Details

Name:	00000000.00000002.1397444212.000000000496E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	496E000
Size:	12288

Details

Name:	0000000D.00000002.1617505226.000000000379D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	379D000
Size:	8192

Details

Name:	00000000.00000002.1376460971.00000000022C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	22C0000
Size:	12288

Details

Name:	00000007.00000003.1620546343.00000000336D3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	336D3000
Size:	4096

Details

Name:	0000000D.00000003.1600491055.00000000037BB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37BB000
Size:	12288

Details

Name:	00000000.00000002.1379577127.0000000002D7A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2D7A000
Size:	143360

Details

Name:	00000000.00000002.1378793298.0000000002CB9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CB9000
Size:	12288

Details

Name:	00000007.00000003.1568569577.000000003362B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3362B000
Size:	4096

Details

Name:	00000000.00000002.1394433886.00000000048F9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	48F9000
Size:	12288

Details

Name:	00000000.00000002.1378235554.0000000002C17000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C17000
Size:	12288

Details

Name:	00000000.00000002.1376627925.0000000002A47000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2A47000
Size:	12288

Details

Name:	0000000D.00000002.1617348716.0000000003480000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3480000
Size:	24576

Details

Name:	00000000.00000002.1402933148.0000000004A47000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A47000
Size:	4096

Details

Name:	00000007.00000003.1565846968.0000000002B43000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B43000
Size:	16384

Details

Name:	00000007.00000003.1568161529.0000000002B4A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4A000
Size:	4096

Details

Name:	00000007.00000003.1568714727.000000003362B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3362B000
Size:	4096

Details

Name:	00000007.00000003.1496958170.0000000002B35000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B35000
Size:	4096

Details

Name:	0000000D.00000002.1617505226.00000000037A0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	37A0000
Size:	16384

Details

Name:	00000000.00000002.1380006625.00000000043A4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	43A4000
Size:	12288

Details

Name:	00000007.00000003.1566195853.0000000002B43000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B43000
Size:	16384

Signature Hits	Behavior Group	Mitre Attack
Found strings which match to known social media urls	Networking

Details

Name:	00000007.00000003.1563077450.00000000335BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335BA000
Size:	8192

Details

Name:	00000007.00000002.3717809161.00000000029F5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	29F5000
Size:	16384

Details

Name:	00000010.00000002.1589337352.0000000003050000.00000004.00000020.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3050000
Size:	24576

Details

Name:	00000007.00000003.1565846968.0000000002B4E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4E000
Size:	4096

Details

Name:	00000007.00000003.1560755751.0000000033623000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33623000
Size:	4096

Details

Name:	00000000.00000002.1379577127.0000000002DB6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2DB6000
Size:	8192

Details

Name:	00000007.00000003.1567088199.0000000033541000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33541000
Size:	16384

Details

Name:	00000007.00000003.1496879057.0000000002B36000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B36000
Size:	8192

Details

Name:	00000000.00000002.1375830718.000000000075E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	75E000
Size:	8192

Details

Name:	00000000.00000002.1376417935.0000000002280000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2280000
Size:	8192

Details

Name:	0000000D.00000003.1594328137.00000000037B5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B5000
Size:	176128

Details

Name:	00000000.00000002.1380946630.000000000444C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	444C000
Size:	12288

Details

Name:	00000000.00000002.1375856360.000000000084E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	84E000
Size:	12288

Details

Name:	00000000.00000002.1394686151.0000000004930000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4930000
Size:	12288

Details

Name:	00000007.00000003.1562767775.0000000033608000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33608000
Size:	86016

Details

Name:	00000007.00000003.1618878598.00000000336DD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	336DD000
Size:	135168

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	00000000.00000002.1380006625.00000000043B7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	43B7000
Size:	12288

Details

Name:	00000007.00000002.3736326046.0000000032CCD000.00000004.00000010.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	32CCD000
Size:	12288

Details

Name:	00000007.00000002.3737204698.0000000033D06000.00000040.00001000.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	33D06000
Size:	8192

Details

Name:	0000000D.00000003.1604066528.00000000037B5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B5000
Size:	8192

Details

Name:	00000000.00000002.1378553847.0000000002C66000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C66000
Size:	4096

Details

Name:	00000000.00000002.1385402191.0000000004720000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4720000
Size:	4096

Details

Name:	00000007.00000002.3718389072.0000000004640000.00000004.00001000.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page read and write
Base address:	4640000
Size:	4096

Details

Name:	00000000.00000002.1382230732.00000000045A3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	45A3000
Size:	12288

Details

Name:	0000000D.00000003.1602494307.00000000037C3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37C3000
Size:	167936

Details

Name:	00000007.00000003.1565743096.0000000033541000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33541000
Size:	12288

Details

Name:	0000000D.00000003.1603667714.00000000037B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B0000
Size:	4096

Details

Name:	00000000.00000002.1375856360.000000000083A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	83A000
Size:	12288

Details

Name:	00000000.00000002.1376447722.00000000022B0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page read and write
Base address:	22B0000
Size:	4096

Details

Name:	0000000D.00000003.1613164577.0000000003834000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3834000
Size:	147456

Details

Name:	0000000D.00000003.1604390630.00000000037B5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B5000
Size:	8192

Details

Name:	00000000.00000002.1402609640.00000000049FE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	49FE000
Size:	8192

Details

Name:	00000007.00000003.1567278053.0000000002B4E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4E000
Size:	4096

Details

Name:	00000000.00000002.1403701946.0000000004B28000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4B28000
Size:	12288

Details

Name:	00000000.00000002.1393376403.0000000004830000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4830000
Size:	8192

Details

Name:	0000000D.00000003.1596460890.00000000055F3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	55F3000
Size:	20480

Details

Name:	00000007.00000003.1620843598.0000000002B6A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B6A000
Size:	86016

Details

Name:	00000000.00000002.1392862285.0000000004804000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4804000
Size:	12288

Details

Name:	00000000.00000002.1380946630.0000000004466000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4466000
Size:	12288

Details

Name:	00000007.00000003.1621884572.000000003362B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3362B000
Size:	4096

Details

Name:	00000000.00000002.1380006625.00000000043B3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	43B3000
Size:	12288

Details

Name:	00000000.00000002.1375136468.0000000000409000.00000004.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	409000
Size:	135168

Details

Name:	00000007.00000003.1566130913.00000000335BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335BA000
Size:	8192

Details

Name:	00000000.00000002.1375856360.0000000000897000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	897000
Size:	32768

Details

Name:	00000007.00000003.1727312296.0000000033716000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33716000
Size:	4096

Details

Name:	0000000D.00000003.1603154661.00000000037C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37C0000
Size:	4096

Details

Name:	0000000D.00000003.1612998554.00000000037C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37C4000
Size:	212992

Details

Name:	00000007.00000003.1568259020.00000000335BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335BA000
Size:	8192

Details

Name:	00000000.00000002.1393376403.0000000004852000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4852000
Size:	12288

Details

Name:	00000007.00000002.3718092621.0000000002B50000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2B50000
Size:	32768

Details

Name:	00000007.00000003.1727312296.0000000033726000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33726000
Size:	4096

Details

Name:	00000000.00000002.1382012236.000000000452A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	452A000
Size:	12288

Details

Name:	0000000D.00000003.1613134600.00000000037C1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37C1000
Size:	12288

Details

Name:	00000000.00000002.1393376403.0000000004824000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4824000
Size:	12288

Details

Name:	00000007.00000003.1563428332.0000000002B4A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4A000
Size:	4096

Details

Name:	00000007.00000003.1563034541.0000000002B4A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4A000
Size:	4096

Details

Name:	00000000.00000002.1376627925.0000000002A9F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2A9F000
Size:	12288

Details

Name:	00000007.00000003.1720237526.0000000002B4F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4F000
Size:	53248

Details

Name:	0000000D.00000003.1596671094.0000000005399000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	5399000
Size:	819200

Details

Name:	00000007.00000003.1468731857.0000000002B32000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B32000
Size:	16384

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	0000000D.00000003.1613840573.00000000037B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B0000
Size:	57344

Details

Name:	0000000D.00000003.1613549626.00000000037C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37C0000
Size:	16384

Details

Name:	00000000.00000002.1379577127.0000000002DC8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2DC8000
Size:	12288

Details

Name:	00000007.00000002.3737069790.0000000033C9C000.00000040.10000000.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unclassified section
Protect:	page execute and read and write
Base address:	33C9C000
Size:	24576

Details

Name:	00000007.00000003.1579194797.0000000033608000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33608000
Size:	86016

Details

Name:	00000000.00000002.1403701946.0000000004B0B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4B0B000
Size:	4096

Details

Name:	0000000D.00000003.1603464031.00000000037B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B0000
Size:	4096

Details

Name:	00000000.00000002.1393840534.00000000048CA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	48CA000
Size:	12288

Details

Name:	00000000.00000002.1379042941.0000000002CF8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CF8000
Size:	12288

Details

Name:	0000000D.00000002.1617136576.0000000003390000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3390000
Size:	4096

Details

Name:	00000007.00000003.1567706944.0000000033541000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33541000
Size:	16384

Details

Name:	00000000.00000002.1385402191.000000000472C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	472C000
Size:	8192

Details

Name:	00000007.00000003.1727477249.0000000002B4E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4E000
Size:	4096

Details

Name:	00000000.00000002.1403460637.0000000004ADE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4ADE000
Size:	12288

Details

Name:	00000000.00000002.1403701946.0000000004B37000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4B37000
Size:	12288

Details

Name:	00000010.00000002.1589980219.000000000528F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	528F000
Size:	4096

Details

Name:	00000007.00000003.1579194797.00000000335FB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335FB000
Size:	16384

Details

Name:	00000000.00000002.1402933148.0000000004A6D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A6D000
Size:	12288

Details

Name:	0000000D.00000002.1617469540.000000000377F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	377F000
Size:	4096

Details

Name:	0000000D.00000003.1604665598.00000000037B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B0000
Size:	8192

Details

Name:	00000007.00000003.1566587749.0000000002B4A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4A000
Size:	4096

Details

Name:	00000007.00000002.3717699817.00000000028BC000.00000004.00000010.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	28BC000
Size:	16384

Details

Name:	00000007.00000003.1564548622.0000000033541000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33541000
Size:	12288

Details

Name:	00000000.00000002.1382436851.00000000045D6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	45D6000
Size:	12288

Details

Name:	0000000D.00000003.1601946042.00000000037C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37C0000
Size:	98304

Details

Name:	00000000.00000002.1378235554.0000000002C1E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C1E000
Size:	8192

Details

Name:	00000007.00000003.1565116473.0000000002B3F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B3F000
Size:	32768

Details

Name:	0000000D.00000003.1600801683.00000000037D2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37D2000
Size:	4096

Details

Name:	00000000.00000002.1386908005.0000000004747000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4747000
Size:	12288

Details

Name:	0000000D.00000003.1605801936.00000000037FD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37FD000
Size:	77824

Details

Name:	00000007.00000003.1560755751.0000000033541000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33541000
Size:	12288

Details

Name:	00000007.00000002.3736593908.00000000335BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	335BA000
Size:	8192

Signature Hits	Behavior Group	Mitre Attack
May try to detect the Windows Explorer process (often used for injection)	HIPS / PFW / Operating System Protection Evasion	Process Injection Process Discovery

Details

Name:	00000007.00000003.1727312296.00000000336FE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	336FE000
Size:	4096

Details

Name:	00000000.00000002.1402609640.0000000004A1A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A1A000
Size:	4096

Details

Name:	00000000.00000002.1374929311.0000000000401000.00000020.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute read
Base address:	401000
Size:	24576

Details

Name:	0000000D.00000003.1598019532.00000000033D4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33D4000
Size:	8192

Details

Name:	00000007.00000003.1566777950.00000000335BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335BA000
Size:	8192

Details

Name:	00000000.00000002.1375856360.0000000000811000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	811000
Size:	12288

Details

Name:	00000007.00000003.1584628119.0000000002B46000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B46000
Size:	4096

Details

Name:	00000010.00000002.1589460254.000000000318E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	318E000
Size:	8192

Details

Name:	0000000D.00000003.1594792301.00000000037B5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B5000
Size:	626688

Details

Name:	0000000D.00000003.1604889429.00000000037B3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B3000
Size:	45056

Details

Name:	00000000.00000002.1393840534.00000000048A8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	48A8000
Size:	4096

Details

Name:	00000000.00000002.1375856360.00000000007E6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7E6000
Size:	49152

Details

Name:	00000000.00000002.1376325771.00000000021F0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	21F0000
Size:	8192

Details

Name:	00000007.00000002.3718092621.0000000002B4E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2B4E000
Size:	4096

Details

Name:	00000000.00000002.1397444212.0000000004990000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4990000
Size:	12288

Details

Name:	00000000.00000002.1380946630.0000000004453000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4453000
Size:	12288

Details

Name:	00000007.00000003.1560684998.0000000002B3F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B3F000
Size:	65536

Details

Name:	00000007.00000003.1569596758.000000003362B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3362B000
Size:	4096

Details

Name:	00000007.00000003.1720237526.0000000002B6A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B6A000
Size:	86016

Details

Name:	00000007.00000003.1560625562.0000000033624000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33624000
Size:	81920

Details

Name:	00000010.00000002.1589315402.0000000003020000.00000004.00000020.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3020000
Size:	4096

Details

Name:	0000000D.00000003.1596525465.00000000037B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B0000
Size:	4096

Details

Name:	00000000.00000002.1403701946.0000000004B0D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4B0D000
Size:	12288

Details

Name:	00000000.00000002.1376391388.0000000002250000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2250000
Size:	4096

Details

Name:	00000000.00000002.1402609640.0000000004A2B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A2B000
Size:	12288

Details

Name:	0000000D.00000002.1617348716.000000000349D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	349D000
Size:	40960

Details

Name:	00000000.00000002.1381768433.000000000451E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	451E000
Size:	8192

Details

Name:	0000000D.00000003.1615235297.0000000003790000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3790000
Size:	4096

Details

Name:	00000010.00000003.1588745508.00000000031F4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31F4000
Size:	4096

Details

Name:	00000007.00000003.1546382965.0000000002B3C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B3C000
Size:	12288

Details

Name:	00000000.00000002.1383256141.0000000004689000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4689000
Size:	12288

Details

Name:	0000000D.00000003.1594430520.00000000037E3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37E3000
Size:	126976

Details

Name:	00000000.00000002.1385402191.000000000470D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	470D000
Size:	12288

Details

Name:	0000000D.00000003.1604066528.00000000037B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B0000
Size:	8192

Details

Name:	00000007.00000002.3736807325.00000000336DE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	336DE000
Size:	4096

Details

Name:	00000000.00000002.1375856360.000000000085E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	85E000
Size:	4096

Details

Name:	0000000D.00000003.1615235297.00000000037A5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37A5000
Size:	8192

Details

Name:	0000000D.00000003.1615198713.00000000038A6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	38A6000
Size:	4096

Details

Name:	00000000.00000002.1382436851.00000000045FC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	45FC000
Size:	12288

Details

Name:	00000010.00000002.1589248333.0000000002D99000.00000004.00000010.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2D99000
Size:	28672

Details

Name:	0000000D.00000003.1613281197.00000000037A9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37A9000
Size:	4096

Details

Name:	00000000.00000002.1403701946.0000000004B19000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4B19000
Size:	4096

Details

Name:	00000000.00000002.1375541890.00000000005AE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	5AE000
Size:	8192

Details

Name:	00000007.00000003.1717953467.000000003372A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3372A000
Size:	4096

Details

Name:	00000000.00000002.1403701946.0000000004B15000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4B15000
Size:	12288

Details

Name:	00000007.00000003.1727989297.00000000335F0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335F0000
Size:	12288

Details

Name:	00000000.00000002.1376627925.0000000002A93000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2A93000
Size:	12288

Details

Name:	00000007.00000003.1568569577.000000003363B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3363B000
Size:	16384

Details

Name:	00000000.00000002.1382436851.00000000045F8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	45F8000
Size:	12288

Details

Name:	00000000.00000002.1382436851.00000000045E5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	45E5000
Size:	12288

Details

Name:	0000000D.00000003.1614024123.00000000037A9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37A9000
Size:	8192

Details

Name:	00000007.00000003.1562995728.0000000033668000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33668000
Size:	344064

Details

Name:	00000000.00000002.1382230732.00000000045AE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	45AE000
Size:	12288

Details

Name:	0000000D.00000003.1615126741.00000000038AD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	38AD000
Size:	8192

Signature Hits	Behavior Group	Mitre Attack
Found strings which match to known social media urls	Networking
URLs found in memory or binary data	Networking

Details

Name:	00000000.00000002.1404309589.0000000004BDB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4BDB000
Size:	12288

Details

Name:	00000007.00000003.1565560934.0000000002B6A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B6A000
Size:	86016

Details

Name:	00000000.00000002.1394686151.0000000004938000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4938000
Size:	8192

Details

Name:	00000000.00000002.1375136468.000000000042F000.00000004.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	42F000
Size:	8192

Details

Name:	00000007.00000003.1566587749.0000000002B4E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4E000
Size:	4096

Details

Name:	00000000.00000002.1402609640.0000000004A28000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A28000
Size:	8192

Details

Name:	00000007.00000003.1618948525.0000000033604000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33604000
Size:	4096

Details

Name:	00000007.00000003.1567777678.0000000002B4A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4A000
Size:	4096

Details

Name:	00000007.00000003.1562837323.0000000002B4F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4F000
Size:	53248

Details

Name:	00000000.00000002.1379307399.0000000002D57000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2D57000
Size:	8192

Details

Name:	00000007.00000002.3736420542.0000000032EAF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	32EAF000
Size:	4096

Details

Name:	00000000.00000002.1389224108.00000000047A4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	47A4000
Size:	12288

Details

Name:	0000000F.00000002.1588011694.000000000045C000.00000040.80000000.00040000.00000000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	system
Protect:	page execute and read and write
Base address:	45C000
Size:	24576

Details

Name:	00000007.00000002.3717875155.0000000002A88000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2A88000
Size:	229376

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery
URLs found in memory or binary data	Networking

Details

Name:	00000000.00000002.1406450364.0000000010000000.00000002.00000001.01000000.00000006.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	10000000
Size:	4096

Details

Name:	00000010.00000003.1587886800.00000000031F4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31F4000
Size:	4096

Details

Name:	00000007.00000003.1618558049.0000000033703000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33703000
Size:	16384

Details

Name:	00000000.00000002.1376627925.0000000002ACC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2ACC000
Size:	184320

Details

Name:	00000007.00000003.1579723994.000000003363B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3363B000
Size:	16384

Details

Name:	00000007.00000003.1579194797.000000003362B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3362B000
Size:	4096

Details

Name:	00000000.00000002.1389224108.00000000047A8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	47A8000
Size:	8192

Details

Name:	00000000.00000002.1402933148.0000000004A66000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A66000
Size:	8192

Details

Name:	0000000D.00000003.1600908047.00000000037A8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37A8000
Size:	53248

Details

Name:	00000007.00000003.1579723994.000000003362B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3362B000
Size:	4096

Details

Name:	00000000.00000002.1378235554.0000000002C35000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C35000
Size:	12288

Details

Name:	00000000.00000002.1376508293.000000000280F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	280F000
Size:	4096

Details

Name:	00000000.00000002.1382674596.0000000004634000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4634000
Size:	12288

Details

Name:	00000000.00000002.1383256141.00000000046A4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	46A4000
Size:	8192

Details

Name:	00000000.00000002.1378235554.0000000002C3D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C3D000
Size:	12288

Details

Name:	0000000D.00000003.1600491055.00000000037C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37C0000
Size:	12288

Details

Name:	00000000.00000002.1403209702.0000000004AAF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4AAF000
Size:	12288

Details

Name:	00000007.00000003.1621018041.0000000033668000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33668000
Size:	192512

Details

Name:	00000000.00000002.1402609640.0000000004A11000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A11000
Size:	4096

Details

Name:	00000000.00000002.1385402191.0000000004733000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4733000
Size:	12288

Details

Name:	00000007.00000003.1618948525.0000000033608000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33608000
Size:	86016

Details

Name:	00000000.00000002.1394686151.0000000004943000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4943000
Size:	12288

Details

Name:	00000000.00000002.1403460637.0000000004ADA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4ADA000
Size:	12288

Details

Name:	00000007.00000003.1566984255.0000000002B4A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4A000
Size:	4096

Details

Name:	00000007.00000002.3736633784.00000000335F7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	335F7000
Size:	8192

Details

Name:	00000000.00000002.1382230732.000000000456C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	456C000
Size:	143360

Details

Name:	00000007.00000003.1565743096.00000000335BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335BA000
Size:	8192

Details

Name:	00000000.00000000.1252168291.0000000000400000.00000002.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	400000
Size:	4096

Details

Name:	00000007.00000000.1367470474.0000000000407000.00000002.00000001.01000000.00000003.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	407000
Size:	8192

Details

Name:	00000007.00000002.3718360506.0000000004630000.00000004.00001000.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page read and write
Base address:	4630000
Size:	4096

Details

Name:	00000000.00000002.1402933148.0000000004A43000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A43000
Size:	4096

Details

Name:	0000000D.00000003.1596410035.00000000037B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B0000
Size:	4096

Details

Name:	00000000.00000002.1378235554.0000000002C0D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C0D000
Size:	4096

Details

Name:	00000000.00000002.1393376403.000000000482C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	482C000
Size:	12288

Details

Name:	00000000.00000002.1389224108.00000000047C6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	47C6000
Size:	12288

Details

Name:	00000000.00000002.1392862285.000000000481F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	481F000
Size:	12288

Details

Name:	0000000D.00000003.1603907966.00000000037AC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37AC000
Size:	8192

Details

Name:	0000000D.00000003.1602137671.00000000037D8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37D8000
Size:	94208

Details

Name:	00000000.00000002.1404057179.0000000004B9D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4B9D000
Size:	8192

Details

Name:	0000000D.00000003.1594374089.00000000037CA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37CA000
Size:	212992

Details

Name:	0000000D.00000003.1604066528.00000000037A1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37A1000
Size:	32768

Details

Name:	00000000.00000002.1394433886.000000000491C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	491C000
Size:	8192

Details

Name:	00000010.00000003.1588630205.00000000031F4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31F4000
Size:	4096

Details

Name:	00000000.00000002.1394433886.0000000004901000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4901000
Size:	12288

Details

Name:	00000000.00000002.1375419797.0000000000448000.00000002.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	448000
Size:	180224

Details

Name:	00000000.00000002.1379307399.0000000002D4B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2D4B000
Size:	12288

Details

Name:	00000007.00000003.1621809486.00000000335BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335BA000
Size:	8192

Details

Name:	0000000D.00000003.1604665598.00000000037B3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B3000
Size:	4096

Details

Name:	00000000.00000002.1403701946.0000000004B33000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4B33000
Size:	12288

Details

Name:	00000000.00000002.1381503098.00000000044BB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	44BB000
Size:	12288

Details

Name:	0000000D.00000003.1594084020.00000000037B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B1000
Size:	24576

Details

Name:	00000000.00000002.1394433886.00000000048EE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	48EE000
Size:	12288

Details

Name:	00000007.00000003.2609301191.00000000335C3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335C3000
Size:	12288

Details

Name:	0000000D.00000003.1599476526.00000000033D5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33D5000
Size:	4096

Details

Name:	0000000D.00000003.1588668020.0000000005481000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	5481000
Size:	65536

Details

Name:	00000000.00000002.1381768433.0000000004514000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4514000
Size:	4096

Details

Name:	00000007.00000003.1464520917.0000000032E30000.00000004.00000400.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	remote allocation
Protect:	page read and write
Base address:	32E30000
Size:	4096

Details

Name:	0000000D.00000003.1614250761.00000000037C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37C0000
Size:	16384

Details

Name:	0000000D.00000003.1601662668.00000000037BC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37BC000
Size:	8192

Details

Name:	0000000D.00000003.1588808212.0000000005580000.00000004.00000800.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5580000
Size:	188416

Details

Name:	00000007.00000003.1569191872.000000003362B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3362B000
Size:	4096

Details

Name:	00000007.00000003.1727750714.00000000335F0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335F0000
Size:	12288

Details

Name:	00000000.00000002.1402609640.0000000004A05000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A05000
Size:	12288

Details

Name:	00000007.00000003.1567150051.0000000002B4E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4E000
Size:	4096

Details

Name:	0000000D.00000003.1613281197.00000000037C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37C0000
Size:	16384

Details

Name:	00000000.00000002.1393376403.0000000004843000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4843000
Size:	8192

Details

Name:	00000000.00000002.1402539951.00000000049B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	49B0000
Size:	266240

Details

Name:	00000000.00000002.1389224108.00000000047B3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	47B3000
Size:	12288

Details

Name:	00000007.00000002.3736887084.0000000033872000.00000040.00001000.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	33872000
Size:	4096

Details

Name:	00000000.00000002.1386908005.0000000004764000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4764000
Size:	4096

Details

Name:	00000000.00000002.1393840534.00000000048C7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	48C7000
Size:	8192

Details

Name:	00000007.00000002.3736516084.0000000033170000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	33170000
Size:	4096

Details

Name:	00000000.00000002.1380946630.000000000446E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	446E000
Size:	12288

Details

Name:	00000000.00000002.1394686151.000000000495A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	495A000
Size:	12288

Details

Name:	00000000.00000002.1382674596.0000000004656000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4656000
Size:	12288

Details

Name:	00000000.00000002.1379896697.0000000002E40000.00000004.00001000.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page read and write
Base address:	2E40000
Size:	4096

Details

Name:	00000007.00000003.1578061660.0000000002B4A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4A000
Size:	4096

Details

Name:	00000007.00000002.3717766494.00000000029C0000.00000004.00000020.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	29C0000
Size:	4096

Details

Name:	00000010.00000002.1589651619.00000000033CF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	33CF000
Size:	4096

Details

Name:	00000007.00000003.1727877592.0000000002B6B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B6B000
Size:	81920

Details

Name:	00000000.00000002.1375843342.0000000000760000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	760000
Size:	4096

Details

Name:	00000007.00000003.1620668600.0000000033604000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33604000
Size:	102400

Details

Name:	00000000.00000002.1382012236.0000000004539000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4539000
Size:	12288

Details

Name:	00000007.00000003.1568003590.0000000002B4A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4A000
Size:	4096

Details

Name:	0000000D.00000003.1600159131.0000000005780000.00000004.00000800.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5780000
Size:	4096

Details

Name:	00000007.00000003.1620105494.000000003372A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3372A000
Size:	4096

Details

Name:	00000000.00000002.1397444212.000000000497A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	497A000
Size:	8192

Details

Name:	00000007.00000003.1584269252.00000000336CE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	336CE000
Size:	69632

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	00000000.00000002.1378235554.0000000002C27000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C27000
Size:	4096

Details

Name:	00000007.00000003.1563776105.00000000336CE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	336CE000
Size:	266240

Details

Name:	00000000.00000002.1376627925.0000000002A79000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2A79000
Size:	4096

Details

Name:	00000000.00000002.1380281494.0000000004406000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4406000
Size:	12288

Details

Name:	00000007.00000002.3736789159.00000000336CE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	336CE000
Size:	4096

Details

Name:	00000000.00000002.1403460637.0000000004AC0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4AC0000
Size:	12288

Details

Name:	00000000.00000002.1383256141.00000000046A8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	46A8000
Size:	8192

Details

Name:	00000007.00000003.1621018041.00000000336CE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	336CE000
Size:	4096

Details

Name:	00000000.00000002.1383256141.000000000467A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	467A000
Size:	12288

Details

Name:	00000000.00000002.1386908005.000000000476D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	476D000
Size:	12288

Details

Name:	0000000D.00000002.1616861888.0000000002FEF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2FEF000
Size:	69632

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000007.00000003.1563209086.0000000002B43000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B43000
Size:	16384

Details

Name:	00000000.00000002.1403209702.0000000004A76000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A76000
Size:	12288

Details

Name:	00000007.00000003.1584548156.0000000033608000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33608000
Size:	86016

Details

Name:	00000007.00000003.1568514235.00000000335BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335BA000
Size:	8192

Details

Name:	00000000.00000002.1397444212.0000000004998000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4998000
Size:	12288

Details

Name:	00000000.00000002.1382674596.0000000004669000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4669000
Size:	12288

Details

Name:	00000000.00000002.1397444212.0000000004985000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4985000
Size:	12288

Details

Name:	00000000.00000002.1385402191.0000000004705000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4705000
Size:	12288

Details

Name:	00000007.00000003.1568332091.0000000002B43000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B43000
Size:	16384

Details

Name:	00000000.00000002.1402933148.0000000004A5E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A5E000
Size:	12288

Details

Name:	0000000F.00000003.1587263498.000000000382C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	382C000
Size:	4096

Details

Name:	00000000.00000002.1381768433.00000000044F0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	44F0000
Size:	12288

Details

Name:	00000000.00000002.1379956484.0000000002E80000.00000004.00001000.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page read and write
Base address:	2E80000
Size:	4096

Details

Name:	00000000.00000002.1378553847.0000000002C46000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C46000
Size:	12288

Details

Name:	00000007.00000003.1566195853.0000000002B4A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4A000
Size:	4096

Details

Name:	00000000.00000002.1376627925.0000000002A08000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2A08000
Size:	8192

Details

Name:	00000007.00000003.1569724602.0000000002B4A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4A000
Size:	4096

Details

Name:	00000000.00000002.1404057179.0000000004B95000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4B95000
Size:	12288

Details

Name:	00000000.00000002.1403701946.0000000004B20000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4B20000
Size:	12288

Details

Name:	00000000.00000002.1376307006.00000000021CE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	21CE000
Size:	8192

Details

Name:	0000000D.00000003.1615392614.00000000037A5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37A5000
Size:	8192

Details

Name:	00000000.00000002.1380281494.000000000440E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	440E000
Size:	8192

Details

Name:	0000000D.00000003.1612482464.00000000037AC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37AC000
Size:	8192

Details

Name:	00000007.00000002.3736306223.0000000032BCD000.00000004.00000010.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	32BCD000
Size:	12288

Details

Name:	00000000.00000002.1379042941.0000000002D04000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2D04000
Size:	12288

Details

Name:	00000000.00000002.1379307399.0000000002D40000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2D40000
Size:	12288

Details

Name:	00000000.00000002.1376627925.0000000002A90000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2A90000
Size:	8192

Details

Name:	0000000D.00000003.1604889429.00000000037C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37C0000
Size:	106496

Details

Name:	00000000.00000002.1403460637.0000000004AEE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4AEE000
Size:	8192

Details

Name:	0000000D.00000003.1596810329.00000000037A4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37A4000
Size:	8192

Details

Name:	00000000.00000002.1380946630.0000000004457000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4457000
Size:	12288

Details

Name:	00000000.00000002.1380946630.0000000004450000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4450000
Size:	8192

Details

Name:	00000007.00000003.1618878598.0000000033702000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33702000
Size:	4096

Details

Name:	00000000.00000002.1397444212.00000000049AB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	49AB000
Size:	12288

Details

Name:	00000000.00000002.1382230732.000000000459B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	459B000
Size:	12288

Details

Name:	00000000.00000002.1402933148.0000000004A62000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A62000
Size:	12288

Details

Name:	00000000.00000002.1379307399.0000000002D47000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2D47000
Size:	12288

Details

Name:	0000000D.00000003.1601808866.00000000037A9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37A9000
Size:	61440

Details

Name:	00000000.00000002.1380281494.0000000004424000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4424000
Size:	12288

Details

Name:	00000007.00000003.1564447487.0000000002B3F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B3F000
Size:	32768

Details

Name:	00000007.00000002.3718305986.0000000004610000.00000004.00001000.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page read and write
Base address:	4610000
Size:	4096

Details

Name:	0000000D.00000003.1602288232.00000000037C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37C0000
Size:	180224

Details

Name:	00000007.00000002.3736498020.000000003313F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3313F000
Size:	4096

Details

Name:	00000007.00000003.1727750714.00000000335DA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335DA000
Size:	86016

Details

Name:	00000000.00000002.1376627925.0000000002A5C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2A5C000
Size:	40960

Details

Name:	0000000D.00000002.1617441400.000000000367F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	367F000
Size:	4096

Details

Name:	0000000D.00000003.1603747807.00000000037A1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37A1000
Size:	28672

Details

Name:	00000000.00000002.1389224108.00000000047CA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	47CA000
Size:	12288

Details

Name:	00000007.00000002.3718528045.0000000004690000.00000004.00001000.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page read and write
Base address:	4690000
Size:	4096

Details

Name:	00000000.00000002.1394433886.0000000004909000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4909000
Size:	8192

Details

Name:	00000000.00000002.1380281494.0000000004415000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4415000
Size:	12288

Details

Name:	00000000.00000002.1374828296.0000000000400000.00000002.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	400000
Size:	4096

Details

Name:	00000007.00000003.1563077450.0000000033541000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33541000
Size:	12288

Details

Name:	0000000D.00000003.1598220914.00000000033D5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33D5000
Size:	4096

Details

Name:	00000007.00000003.1566834706.0000000002B3F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B3F000
Size:	32768

Details

Name:	00000000.00000002.1380281494.000000000443B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	443B000
Size:	12288

Details

Name:	0000000D.00000003.1603907966.00000000037B5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B5000
Size:	8192

Details

Name:	0000000D.00000003.1605418026.00000000037E5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37E5000
Size:	155648

Details

Name:	00000000.00000002.1385402191.0000000004728000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4728000
Size:	8192

Details

Name:	00000007.00000002.3736887084.0000000033841000.00000040.00001000.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	33841000
Size:	167936

Details

Name:	00000000.00000002.1403209702.0000000004A85000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A85000
Size:	12288

Details

Name:	00000007.00000003.1566195853.0000000002B4E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4E000
Size:	4096

Details

Name:	00000000.00000002.1381503098.00000000044AC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	44AC000
Size:	12288

Details

Name:	00000007.00000003.2609301191.00000000335F0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335F0000
Size:	12288

Details

Name:	00000000.00000002.1379042941.0000000002D13000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2D13000
Size:	12288

Details

Name:	00000000.00000002.1397444212.0000000004972000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4972000
Size:	12288

Details

Name:	00000000.00000002.1383256141.00000000046AB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	46AB000
Size:	12288

Details

Name:	0000000F.00000002.1588265932.0000000003460000.00000004.00000020.00020000.00000000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3460000
Size:	24576

Details

Name:	00000007.00000003.1568259020.0000000033541000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33541000
Size:	16384

Details

Name:	00000000.00000002.1380281494.0000000004428000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4428000
Size:	12288

Details

Name:	0000000D.00000003.1594584557.00000000037B5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B5000
Size:	278528

Details

Name:	00000000.00000002.1404057179.0000000004B8D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4B8D000
Size:	12288

Details

Name:	00000007.00000003.1566984255.0000000002B4E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4E000
Size:	4096

Details

Name:	00000000.00000002.1381503098.000000000449D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	449D000
Size:	12288

Details

Name:	00000000.00000002.1403209702.0000000004A95000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A95000
Size:	8192

Details

Name:	00000010.00000003.1587849976.0000000005091000.00000004.00000020.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	5091000
Size:	65536

Details

Name:	00000007.00000003.1568569577.0000000033608000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33608000
Size:	86016

Details

Name:	00000000.00000002.1378187409.0000000002B00000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2B00000
Size:	36864

Details

Name:	00000000.00000002.1376460971.00000000022C5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	22C5000
Size:	8192

Details

Name:	0000000D.00000003.1596610504.00000000037B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B0000
Size:	4096

Details

Name:	00000007.00000000.1367527999.0000000000448000.00000002.00000001.01000000.00000003.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	448000
Size:	180224

Details

Name:	00000000.00000002.1379042941.0000000002CF5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CF5000
Size:	8192

Details

Name:	0000000D.00000003.1614024123.00000000037C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37C0000
Size:	16384

Details

Name:	00000000.00000002.1403209702.0000000004AA0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4AA0000
Size:	12288

Details

Name:	00000000.00000002.1404309589.0000000004BD7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4BD7000
Size:	12288

Details

Name:	0000000D.00000003.1599606802.00000000033D4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33D4000
Size:	8192

Details

Name:	0000000D.00000003.1604066528.00000000037AC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37AC000
Size:	8192

Details

Name:	00000007.00000002.3737143209.0000000033CC0000.00000040.10000000.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unclassified section
Protect:	page execute and read and write
Base address:	33CC0000
Size:	106496

Signature Hits	Behavior Group	Mitre Attack
Found strings which match to known social media urls	Networking
URLs found in memory or binary data	Networking

Details

Name:	00000000.00000002.1392862285.000000000481B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	481B000
Size:	12288

Details

Name:	00000007.00000003.2609301191.00000000335FA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335FA000
Size:	4096

Details

Name:	00000000.00000002.1393840534.00000000048B4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	48B4000
Size:	8192

Details

Name:	00000007.00000002.3736750451.0000000033640000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	33640000
Size:	45056

Details

Name:	0000000F.00000002.1588247573.000000000341E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	341E000
Size:	8192

Details

Name:	00000000.00000002.1379577127.0000000002DC4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2DC4000
Size:	12288

Details

Name:	00000007.00000002.3736344979.0000000032D20000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	32D20000
Size:	36864

Details

Name:	0000000D.00000003.1596225475.00000000037A4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37A4000
Size:	12288

Details

Name:	00000000.00000002.1378235554.0000000002C2A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C2A000
Size:	12288

Details

Name:	0000000D.00000003.1612585959.00000000037D9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37D9000
Size:	90112

Details

Name:	00000000.00000002.1380006625.00000000043A8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	43A8000
Size:	8192

Details

Name:	00000000.00000002.1392862285.00000000047FD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	47FD000
Size:	12288

Details

Name:	0000000D.00000003.1604889429.00000000037AC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37AC000
Size:	8192

Details

Name:	00000007.00000003.1582362772.0000000002B4A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4A000
Size:	4096

Details

Name:	00000010.00000003.1587979686.0000000003080000.00000004.00000020.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3080000
Size:	4096

Details

Name:	00000000.00000002.1393840534.00000000048AC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	48AC000
Size:	12288

Details

Name:	00000000.00000002.1380946630.0000000004444000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4444000
Size:	12288

Details

Name:	00000007.00000003.1727915923.0000000033608000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33608000
Size:	86016

Details

Name:	00000000.00000002.1403701946.0000000004B1D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4B1D000
Size:	8192

Details

Name:	00000000.00000002.1382436851.00000000045F4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	45F4000
Size:	12288

Details

Name:	00000000.00000002.1393840534.00000000048BB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	48BB000
Size:	12288

Details

Name:	0000000D.00000003.1596810329.00000000037B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B0000
Size:	4096

Details

Name:	00000000.00000002.1402609640.0000000004A20000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A20000
Size:	12288

Details

Name:	00000007.00000003.1565560934.0000000002B50000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B50000
Size:	49152

Details

Name:	0000000D.00000003.1594084020.00000000037B8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B8000
Size:	221184

Details

Name:	0000000D.00000003.1604580834.00000000037EC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37EC000
Size:	40960

Details

Name:	00000000.00000002.1389224108.00000000047BB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	47BB000
Size:	8192

Details

Name:	00000000.00000002.1385402191.000000000472F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	472F000
Size:	12288

Details

Name:	0000000D.00000003.1612561190.00000000037C1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37C1000
Size:	20480

Details

Name:	00000007.00000003.1619761924.0000000033702000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33702000
Size:	4096

Details

Name:	00000000.00000002.1379987513.00000000030BC000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	30BC000
Size:	16384

Details

Name:	00000000.00000002.1383256141.000000000467E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	467E000
Size:	8192

Details

Name:	00000000.00000002.1402609640.0000000004A18000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A18000
Size:	4096

Details

Name:	00000000.00000002.1376627925.0000000002A19000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2A19000
Size:	4096

Details

Name:	00000000.00000002.1380281494.000000000440A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	440A000
Size:	12288

Details

Name:	00000000.00000002.1383256141.0000000004694000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4694000
Size:	12288

Details

Name:	00000000.00000002.1393840534.00000000048AA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	48AA000
Size:	4096

Details

Name:	00000000.00000002.1393376403.0000000004833000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4833000
Size:	12288

Details

Name:	00000007.00000003.1727574966.00000000336CE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	336CE000
Size:	4096

Details

Name:	00000007.00000003.1618727080.00000000336DD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	336DD000
Size:	135168

Details

Name:	00000000.00000002.1378553847.0000000002C7F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C7F000
Size:	12288

Details

Name:	00000000.00000002.1382436851.0000000004604000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4604000
Size:	8192

Details

Name:	00000007.00000003.1546361771.0000000002B4E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4E000
Size:	45056

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000007.00000003.1564785909.0000000033608000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33608000
Size:	86016

Details

Name:	00000000.00000002.1394686151.000000000493B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	493B000
Size:	12288

Details

Name:	00000000.00000002.1376627925.0000000002A5A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2A5A000
Size:	4096

Details

Name:	00000000.00000002.1403701946.0000000004AFA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4AFA000
Size:	12288

Details

Name:	0000000D.00000003.1601575764.00000000037D8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37D8000
Size:	139264

Details

Name:	00000010.00000003.1588801108.00000000031F4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31F4000
Size:	4096

Details

Name:	00000000.00000002.1381768433.00000000044F4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	44F4000
Size:	4096

Details

Name:	00000007.00000003.1568778684.0000000002B6A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B6A000
Size:	86016

Details

Name:	00000000.00000000.1252332865.0000000000409000.00000008.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown
Protect:	page write copy
Base address:	409000
Size:	4096

Details

Name:	00000000.00000002.1375856360.000000000081B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	81B000
Size:	16384

Details

Name:	0000000F.00000003.1586828740.0000000003823000.00000004.00000020.00020000.00000000.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3823000
Size:	8192

Details

Name:	0000000D.00000003.1602596863.00000000037C7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37C7000
Size:	4096

Details

Name:	00000000.00000002.1382230732.00000000045AB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	45AB000
Size:	8192

Details

Name:	00000000.00000002.1394686151.0000000004956000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4956000
Size:	12288

Details

Name:	00000007.00000002.3718092621.0000000002B46000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2B46000
Size:	4096

Details

Name:	00000007.00000002.3736731457.000000003363B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3363B000
Size:	16384

Details

Name:	00000007.00000002.3715397406.0000000000401000.00000020.00000001.01000000.00000003.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute read
Base address:	401000
Size:	24576

Details

Name:	0000000D.00000003.1599527054.00000000033D5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33D5000
Size:	4096

Details

Name:	00000000.00000002.1402609640.0000000004A01000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A01000
Size:	12288

Details

Name:	00000000.00000002.1382436851.00000000045DD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	45DD000
Size:	12288

Details

Name:	00000007.00000003.1727181686.000000003367F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3367F000
Size:	4096

Details

Name:	00000000.00000002.1403460637.0000000004AB8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4AB8000
Size:	12288

Details

Name:	00000010.00000002.1589268745.0000000003000000.00000004.00000020.00040000.00000000.sdmp
TargetID:	16
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3000000
Size:	4096

Details

Name:	00000007.00000003.1565116473.0000000002B6A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B6A000
Size:	86016

Details

Name:	00000000.00000002.1404057179.0000000004BA4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4BA4000
Size:	12288

Details

Name:	00000007.00000003.1566441354.0000000033541000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33541000
Size:	12288

Details

Name:	00000007.00000003.1567226650.00000000335BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335BA000
Size:	8192

Details

Name:	00000000.00000002.1382012236.0000000004536000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4536000
Size:	8192

Details

Name:	00000000.00000002.1382674596.0000000004610000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4610000
Size:	143360

Details

Name:	00000000.00000002.1406465911.0000000010001000.00000020.00000001.01000000.00000006.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute read
Base address:	10001000
Size:	8192

Details

Name:	00000000.00000002.1381768433.0000000004507000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4507000
Size:	8192

Details

Name:	00000000.00000002.1402933148.0000000004A53000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A53000
Size:	8192

Details

Name:	00000010.00000002.1589706152.0000000004CAE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4CAE000
Size:	8192

Details

Name:	00000000.00000002.1380946630.000000000446A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	446A000
Size:	12288

Details

Name:	00000000.00000002.1404057179.0000000004B8A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4B8A000
Size:	8192

Details

Name:	00000000.00000002.1382012236.000000000453D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	453D000
Size:	12288

Details

Name:	0000000D.00000003.1604390630.00000000037B3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B3000
Size:	4096

Details

Name:	0000000D.00000003.1599925310.00000000033D4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33D4000
Size:	8192

Details

Name:	00000007.00000002.3736974858.0000000033873000.00000004.00001000.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page read and write
Base address:	33873000
Size:	4096

Details

Name:	00000007.00000003.1719138137.0000000002B43000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B43000
Size:	16384

Details

Name:	00000000.00000002.1379307399.0000000002D5A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2D5A000
Size:	12288

Details

Name:	0000000D.00000003.1602943646.00000000037A1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37A1000
Size:	53248

Details

Name:	00000007.00000003.1717910780.00000000336CE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	336CE000
Size:	4096

Details

Name:	0000000D.00000003.1601185231.0000000005390000.00000004.00000800.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5390000
Size:	188416

Details

Name:	00000000.00000002.1378793298.0000000002C98000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C98000
Size:	8192

Details

Name:	00000007.00000003.1619905404.00000000337EF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	337EF000
Size:	8192

Details

Name:	00000007.00000002.3715513883.0000000000407000.00000002.00000001.01000000.00000003.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	407000
Size:	8192

Details

Name:	00000000.00000002.1378553847.0000000002C55000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C55000
Size:	12288

Details

Name:	00000007.00000003.1566834706.0000000002B4A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4A000
Size:	4096

Details

Name:	0000000D.00000003.1595836561.00000000037B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B1000
Size:	819200

Details

Name:	00000000.00000002.1380006625.00000000043C2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	43C2000
Size:	12288

Details

Name:	00000000.00000002.1386908005.0000000004738000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4738000
Size:	12288

Details

Name:	00000010.00000003.1589107447.00000000031F4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31F4000
Size:	4096

Details

Name:	00000000.00000002.1394433886.00000000048F2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	48F2000
Size:	12288

Details

Name:	00000000.00000002.1381503098.0000000004492000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4492000
Size:	8192

Details

Name:	00000000.00000002.1394686151.0000000004961000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4961000
Size:	12288

Details

Name:	00000007.00000003.1567610050.0000000002B43000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B43000
Size:	16384

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	00000000.00000002.1382674596.000000000464B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	464B000
Size:	12288

Details

Name:	0000000F.00000002.1588331603.000000000365F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	365F000
Size:	4096

Details

Name:	00000007.00000003.1570876649.00000000335BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335BA000
Size:	8192

Details

Name:	00000000.00000002.1378553847.0000000002C4A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C4A000
Size:	12288

Details

Name:	00000000.00000002.1381503098.00000000044B8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	44B8000
Size:	8192

Details

Name:	00000000.00000002.1403209702.0000000004AAC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4AAC000
Size:	8192

Details

Name:	0000000D.00000003.1595247993.0000000005589000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	5589000
Size:	241664

Details

Name:	00000007.00000003.1584879823.00000000336CF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	336CF000
Size:	126976

Details

Name:	00000000.00000002.1402609640.00000000049FA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	49FA000
Size:	8192

Details

Name:	0000000D.00000002.1616836742.0000000002FBC000.00000004.00000010.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2FBC000
Size:	16384

Details

Name:	00000000.00000002.1382436851.00000000045E9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	45E9000
Size:	12288

Details

Name:	0000000D.00000002.1617175151.00000000033D0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	33D0000
Size:	16384

Details

Name:	00000000.00000002.1383256141.000000000469C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	469C000
Size:	12288

Details

Name:	00000007.00000003.1562710214.00000000335BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335BA000
Size:	8192

Details

Name:	0000000D.00000003.1598725233.00000000033D4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33D4000
Size:	8192

Details

Name:	0000000D.00000003.1588430348.0000000005481000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	5481000
Size:	1228800

Details

Name:	00000010.00000002.1589944846.0000000005090000.00000004.00000020.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5090000
Size:	4096

Details

Name:	00000007.00000003.1569596758.0000000033608000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33608000
Size:	86016

Details

Name:	00000000.00000002.1385402191.0000000004715000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4715000
Size:	8192

Details

Name:	00000000.00000002.1375856360.00000000007A0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7A0000
Size:	32768

Details

Name:	00000000.00000002.1397444212.0000000004989000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4989000
Size:	12288

Details

Name:	00000000.00000002.1378553847.0000000002C74000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C74000
Size:	8192

Details

Name:	0000000D.00000003.1602943646.00000000037B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B0000
Size:	4096

Details

Name:	0000000D.00000003.1600854821.00000000037CA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37CA000
Size:	4096

Details

Name:	00000007.00000003.1584548156.000000003363B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3363B000
Size:	16384

Details

Name:	0000000D.00000003.1606080666.00000000037B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B0000
Size:	8192

Details

Name:	00000000.00000002.1402933148.0000000004A41000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A41000
Size:	4096

Details

Name:	00000007.00000002.3718245589.00000000045F0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page read and write
Base address:	45F0000
Size:	4096

Details

Name:	0000000D.00000003.1605670087.00000000037F2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37F2000
Size:	122880

Details

Name:	00000000.00000002.1383256141.0000000004672000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4672000
Size:	12288

Details

Name:	00000007.00000002.3715812083.00000000016E0000.00000040.00000400.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	remote allocation
Protect:	page execute and read and write
Base address:	16E0000
Size:	311296

Details

Name:	00000007.00000002.3717723871.00000000029BB000.00000004.00000010.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	29BB000
Size:	4096

Details

Name:	0000000D.00000003.1597131908.00000000055F2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	55F2000
Size:	4096

Details

Name:	00000007.00000003.1579723994.0000000033608000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33608000
Size:	86016

Details

Name:	00000007.00000003.1570180728.0000000033541000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33541000
Size:	16384

Details

Name:	00000007.00000003.1563648894.00000000335BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335BA000
Size:	8192

Details

Name:	00000007.00000003.1564785909.000000003363B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3363B000
Size:	16384

Details

Name:	00000007.00000003.1566521023.0000000033541000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33541000
Size:	12288

Details

Name:	0000000D.00000003.1612790468.00000000037C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37C4000
Size:	53248

Details

Name:	00000007.00000003.1567150051.0000000002B3F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B3F000
Size:	32768

Details

Name:	00000000.00000002.1404309589.0000000004BDF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4BDF000
Size:	8192

Details

Name:	0000000D.00000003.1603875824.00000000037E1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37E1000
Size:	36864

Details

Name:	00000007.00000003.1560684998.0000000002B6A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B6A000
Size:	86016

Details

Name:	00000007.00000003.1728171293.0000000002B58000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B58000
Size:	16384

Details

Name:	0000000D.00000003.1613164577.00000000037D4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37D4000
Size:	147456

Details

Name:	00000007.00000003.2609301191.00000000335F7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335F7000
Size:	8192

Details

Name:	00000000.00000002.1376627925.0000000002A50000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2A50000
Size:	4096

Details

Name:	0000000D.00000003.1613840573.00000000037A9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37A9000
Size:	16384

Details

Name:	00000007.00000003.1569724602.0000000002B6A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B6A000
Size:	86016

Details

Name:	0000000D.00000003.1613408948.00000000037C1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37C1000
Size:	12288

Details

Name:	00000000.00000002.1378553847.0000000002C59000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C59000
Size:	12288

Details

Name:	00000000.00000002.1386908005.0000000004762000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4762000
Size:	4096

Details

Name:	00000007.00000003.1567610050.0000000002B4E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4E000
Size:	4096

Details

Name:	00000000.00000002.1379853771.0000000002E10000.00000004.00001000.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page read and write
Base address:	2E10000
Size:	4096

Details

Name:	00000007.00000000.1367428236.0000000000401000.00000020.00000001.01000000.00000003.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown
Protect:	page execute read
Base address:	401000
Size:	24576

Details

Name:	00000007.00000003.1567445975.0000000002B4A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4A000
Size:	4096

Details

Name:	00000000.00000002.1392862285.000000000480C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	480C000
Size:	12288

Details

Name:	00000000.00000002.1393840534.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	48E1000
Size:	12288

Details

Name:	0000000D.00000003.1599079077.00000000033D5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33D5000
Size:	4096

Details

Name:	00000000.00000002.1378553847.0000000002C5D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C5D000
Size:	12288

Details

Name:	00000000.00000002.1393809759.0000000004866000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4866000
Size:	266240

Details

Name:	00000007.00000002.3736712893.00000000335FC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	335FC000
Size:	12288

Details

Name:	00000007.00000003.1569191872.0000000033608000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33608000
Size:	86016

Details

Name:	00000000.00000002.1402609640.0000000004A1D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A1D000
Size:	8192

Details

Name:	00000000.00000002.1382012236.0000000004532000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4532000
Size:	12288

Details

Name:	00000000.00000002.1394433886.00000000048EA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	48EA000
Size:	12288

Details

Name:	00000000.00000002.1403460637.0000000004AC4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4AC4000
Size:	8192

Details

Name:	00000007.00000003.1567378837.0000000033541000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33541000
Size:	16384

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	00000007.00000003.1566327110.000000003372A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3372A000
Size:	4096

Details

Name:	00000000.00000002.1382012236.0000000004554000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4554000
Size:	12288

Details

Name:	00000000.00000002.1379577127.0000000002DAB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2DAB000
Size:	4096

Details

Name:	00000007.00000000.1367497138.0000000000409000.00000008.00000001.01000000.00000003.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown
Protect:	page write copy
Base address:	409000
Size:	4096

Details

Name:	0000000D.00000003.1604889429.00000000037A9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37A9000
Size:	8192

Details

Name:	00000000.00000002.1375856360.0000000000826000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	826000
Size:	12288

Details

Name:	00000000.00000002.1392862285.00000000047EA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	47EA000
Size:	12288

Details

Name:	0000000D.00000003.1615235297.000000000379C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	379C000
Size:	32768

Details

Name:	00000007.00000003.1560684998.0000000002B50000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B50000
Size:	49152

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	0000000D.00000003.1611775006.00000000037C6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37C6000
Size:	167936

Details

Name:	00000000.00000002.1380946630.000000000445B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	445B000
Size:	12288

Details

Name:	00000010.00000003.1587939333.0000000003081000.00000004.00000020.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3081000
Size:	188416

Details

Name:	00000000.00000002.1382230732.00000000045BE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	45BE000
Size:	8192

Details

Name:	00000007.00000003.1582362772.0000000002B43000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B43000
Size:	16384

Details

Name:	00000007.00000003.1621884572.000000003363B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3363B000
Size:	16384

Details

Name:	00000000.00000002.1380946630.000000000447A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	447A000
Size:	8192

Details

Name:	0000000F.00000002.1588184506.000000000329E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	329E000
Size:	8192

Details

Name:	00000007.00000002.3737069790.0000000033C96000.00000040.10000000.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unclassified section
Protect:	page execute and read and write
Base address:	33C96000
Size:	8192

Details

Name:	00000000.00000002.1404057179.0000000004BB4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4BB4000
Size:	8192

Details

Name:	00000000.00000002.1375856360.00000000007DC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7DC000
Size:	4096

Details

Name:	0000000F.00000002.1588265932.000000000347C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	347C000
Size:	20480

Details

Name:	0000000D.00000003.1603747807.00000000037AC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37AC000
Size:	8192

Details

Name:	00000000.00000002.1375856360.00000000007F3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7F3000
Size:	61440

Details

Name:	00000000.00000002.1375521959.0000000000560000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	560000
Size:	8192

Details

Name:	00000000.00000002.1382230732.00000000045B2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	45B2000
Size:	12288

Details

Name:	0000000D.00000003.1596043866.00000000037A1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37A1000
Size:	32768

Details

Name:	00000000.00000002.1397444212.000000000499C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	499C000
Size:	12288

Details

Name:	00000007.00000003.1567445975.0000000002B4E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4E000
Size:	4096

Details

Name:	00000000.00000002.1378553847.0000000002C70000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C70000
Size:	12288

Details

Name:	00000010.00000003.1588923343.00000000031F4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31F4000
Size:	4096

Details

Name:	0000000D.00000003.1614888222.00000000037A5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37A5000
Size:	8192

Details

Name:	00000007.00000003.1719138137.0000000002B4A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4A000
Size:	4096

Details

Name:	00000000.00000002.1404057179.0000000004BA8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4BA8000
Size:	12288

Details

Name:	0000000D.00000003.1599399518.00000000033D5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33D5000
Size:	4096

Details

Name:	00000000.00000002.1375646920.00000000005EE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	5EE000
Size:	8192

Details

Name:	00000010.00000003.1588511873.0000000005091000.00000004.00000020.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	5091000
Size:	258048

Details

Name:	00000000.00000002.1404057179.0000000004B91000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4B91000
Size:	12288

Details

Name:	00000000.00000002.1394686151.000000000495E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	495E000
Size:	8192

Details

Name:	00000007.00000003.1563648894.0000000033541000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33541000
Size:	12288

Details

Name:	00000000.00000002.1379940286.0000000002E70000.00000004.00001000.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page read and write
Base address:	2E70000
Size:	4096

Details

Name:	00000007.00000003.1727989297.00000000335C6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335C6000
Size:	81920

Details

Name:	00000000.00000002.1385402191.0000000004711000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4711000
Size:	12288

Details

Name:	00000000.00000002.1382436851.0000000004600000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4600000
Size:	8192

Details

Name:	00000007.00000003.1496958170.0000000002AF7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2AF7000
Size:	249856

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000007.00000003.1563587978.0000000002B4A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4A000
Size:	4096

Details

Name:	00000000.00000002.1376627925.0000000002A1B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2A1B000
Size:	12288

Details

Name:	00000000.00000002.1374763490.000000000019A000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	19A000
Size:	24576

Details

Name:	00000007.00000003.1719138137.0000000002B6A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B6A000
Size:	86016

Details

Name:	00000000.00000002.1403460637.0000000004AE2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4AE2000
Size:	12288

Details

Name:	00000007.00000003.1646859585.00000000332C0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	332C0000
Size:	176128

Details

Name:	00000000.00000002.1392862285.00000000047F5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	47F5000
Size:	12288

Details

Name:	00000007.00000003.1561364841.0000000033880000.00000004.00000800.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	33880000
Size:	172032

Details

Name:	00000000.00000002.1378553847.0000000002C51000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C51000
Size:	12288

Details

Name:	00000007.00000003.1570257355.00000000335FB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335FB000
Size:	16384

Details

Name:	00000007.00000002.3736400902.0000000032E6E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	32E6E000
Size:	8192

Details

Name:	00000000.00000002.1378793298.0000000002CAA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CAA000
Size:	12288

Details

Name:	00000000.00000002.1393840534.00000000048B7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	48B7000
Size:	12288

Details

Name:	00000007.00000003.1563776105.000000003368F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3368F000
Size:	249856

Details

Name:	00000000.00000002.1379307399.0000000002D44000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2D44000
Size:	8192

Details

Name:	00000000.00000002.1385294961.00000000046B4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	46B4000
Size:	266240

Details

Name:	00000010.00000002.1589337352.000000000306F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	306F000
Size:	16384

Details

Name:	00000007.00000003.1567278053.0000000002B4A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4A000
Size:	4096

Details

Name:	00000000.00000002.1386908005.0000000004766000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4766000
Size:	12288

Details

Name:	00000000.00000002.1404057179.0000000004B7E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4B7E000
Size:	12288

Details

Name:	00000000.00000002.1402933148.0000000004A45000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A45000
Size:	4096

Details

Name:	0000000D.00000003.1613699630.0000000003806000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3806000
Size:	393216

Details

Name:	00000000.00000002.1382436851.00000000045ED000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	45ED000
Size:	8192

Details

Name:	00000007.00000002.3736887084.000000003386B000.00000040.00001000.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	3386B000
Size:	12288

Details

Name:	00000007.00000002.3718606722.000000000474D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	474D000
Size:	12288

Details

Name:	0000000D.00000003.1603154661.00000000037B5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B5000
Size:	36864

Details

Name:	0000000F.00000002.1588225122.0000000003300000.00000004.00000020.00020000.00000000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3300000
Size:	20480

Details

Name:	00000000.00000002.1379577127.0000000002DB2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2DB2000
Size:	8192

Details

Name:	00000007.00000003.1567088199.00000000335BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335BA000
Size:	8192

Details

Name:	0000000D.00000003.1613653769.00000000037D2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37D2000
Size:	8192

Details

Name:	00000000.00000002.1382674596.000000000465A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	465A000
Size:	12288

Details

Name:	00000000.00000002.1385402191.0000000004722000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4722000
Size:	4096

Details

Name:	00000000.00000002.1375136468.0000000000434000.00000004.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	434000
Size:	8192

Details

Name:	00000000.00000002.1394686151.000000000494B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	494B000
Size:	8192

Details

Name:	00000007.00000003.1619096403.0000000002B6A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B6A000
Size:	86016

Details

Name:	00000007.00000003.1565116473.0000000002B50000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B50000
Size:	49152

Details

Name:	00000000.00000002.1394686151.0000000004934000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4934000
Size:	12288

Details

Name:	00000000.00000002.1378235554.0000000002C2E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C2E000
Size:	8192

Details

Name:	00000007.00000003.1569490157.00000000335BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335BA000
Size:	8192

Details

Name:	00000000.00000002.1382436851.00000000045F0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	45F0000
Size:	12288

Details

Name:	00000000.00000002.1375856360.0000000000809000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	809000
Size:	4096

Details

Name:	00000000.00000002.1382230732.0000000004594000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4594000
Size:	12288

Details

Name:	0000000F.00000002.1588011694.0000000000456000.00000040.80000000.00040000.00000000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	system
Protect:	page execute and read and write
Base address:	456000
Size:	8192

Details

Name:	00000007.00000003.1568778684.0000000002B43000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B43000
Size:	16384

Details

Name:	00000007.00000002.3718632096.0000000004790000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4790000
Size:	20480

Details

Name:	00000000.00000002.1393840534.00000000048DA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	48DA000
Size:	8192

Details

Name:	0000000D.00000003.1594244999.00000000037C1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37C1000
Size:	110592

Details

Name:	00000000.00000002.1375856360.00000000007AA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7AA000
Size:	12288

Details

Name:	00000007.00000003.1568003590.0000000002B4E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4E000
Size:	4096

Details

Name:	0000000D.00000003.1588724879.00000000033D4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33D4000
Size:	8192

Details

Name:	0000000D.00000003.1603596645.00000000037DA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37DA000
Size:	61440

Details

Name:	00000007.00000003.1566521023.00000000335BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335BA000
Size:	8192

Details

Name:	00000007.00000003.1563428332.0000000002B3F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B3F000
Size:	32768

Details

Name:	00000007.00000003.1564187605.0000000033541000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33541000
Size:	12288

Details

Name:	00000007.00000003.1578914640.0000000033541000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33541000
Size:	16384

Details

Name:	00000007.00000002.3736459841.0000000032FFD000.00000004.00000010.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	32FFD000
Size:	12288

Details

Name:	0000000D.00000003.1596225475.00000000037A1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37A1000
Size:	8192

Details

Name:	00000007.00000003.1464481331.0000000032E30000.00000004.00000400.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	remote allocation
Protect:	page read and write
Base address:	32E30000
Size:	4096

Details

Name:	00000010.00000002.1589293208.0000000003010000.00000002.00000020.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	process exit
Regiontype:	heap
Protect:	page readonly
Base address:	3010000
Size:	4096

Details

Name:	0000000D.00000003.1601946042.00000000037BC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37BC000
Size:	8192

Details

Name:	0000000D.00000003.1615721304.00000000033D4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33D4000
Size:	8192

Details

Name:	00000007.00000003.1568877969.00000000335BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335BA000
Size:	8192

Details

Name:	0000000D.00000003.1597916705.00000000033D4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33D4000
Size:	8192

Details

Name:	00000007.00000002.3737069790.0000000033C40000.00000040.10000000.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unclassified section
Protect:	page execute and read and write
Base address:	33C40000
Size:	344064

Signature Hits	Behavior Group	Mitre Attack
SQL strings found in memory and binary data	System Summary

Details

Name:	00000000.00000002.1380006625.00000000043D5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	43D5000
Size:	12288

Details

Name:	00000007.00000002.3736614048.00000000335C2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	335C2000
Size:	4096

Details

Name:	00000000.00000002.1379911812.0000000002E50000.00000004.00001000.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page read and write
Base address:	2E50000
Size:	4096

Details

Name:	00000007.00000003.1563034541.0000000002B3F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B3F000
Size:	32768

Details

Name:	00000000.00000002.1380006625.00000000043DD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	43DD000
Size:	12288

Details

Name:	00000000.00000002.1394433886.00000000048F6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	48F6000
Size:	8192

Details

Name:	00000007.00000002.3736866564.0000000033840000.00000004.00001000.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page read and write
Base address:	33840000
Size:	4096

Details

Name:	0000000D.00000003.1614437042.00000000037A5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37A5000
Size:	8192

Details

Name:	00000007.00000003.1563704704.0000000002B4A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4A000
Size:	4096

Details

Name:	0000000D.00000003.1613044661.00000000037C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37C0000
Size:	16384

Details

Name:	00000000.00000002.1375452989.0000000000480000.00000004.00000020.00040000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	480000
Size:	4096

Details

Name:	0000000D.00000003.1594279904.00000000037CE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37CE000
Size:	73728

Details

Name:	00000000.00000002.1382012236.000000000452E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	452E000
Size:	12288

Details

Name:	00000007.00000003.1569724602.0000000002B43000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B43000
Size:	16384

Details

Name:	0000000D.00000003.1601662668.00000000037C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37C0000
Size:	98304

Details

Name:	00000000.00000002.1376627925.0000000002A9B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2A9B000
Size:	12288

Details

Name:	00000007.00000002.3736534534.00000000331BE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	331BE000
Size:	8192

Details

Name:	00000000.00000002.1379307399.0000000002D38000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2D38000
Size:	12288

Details

Name:	00000000.00000002.1379042941.0000000002CED000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CED000
Size:	12288

Details

Name:	00000000.00000002.1379577127.0000000002DCC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2DCC000
Size:	8192

Details

Name:	0000000D.00000003.1605507088.00000000037B7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B7000
Size:	28672

Details

Name:	00000000.00000002.1389224108.00000000047B7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	47B7000
Size:	12288

Details

Name:	0000000D.00000003.1613515877.00000000037C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37C4000
Size:	65536

Details

Name:	00000000.00000002.1392862285.00000000047E2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	47E2000
Size:	12288

Details

Name:	00000007.00000003.1567150051.0000000002B4A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4A000
Size:	4096

Details

Name:	00000000.00000002.1382674596.000000000466D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	466D000
Size:	12288

Details

Name:	00000007.00000003.1570257355.000000003362B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3362B000
Size:	4096

Details

Name:	00000000.00000002.1404309589.0000000004BCF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4BCF000
Size:	12288

Details

Name:	00000000.00000002.1392862285.00000000047F9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	47F9000
Size:	12288

Details

Name:	0000000D.00000003.1613281197.00000000037AC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37AC000
Size:	8192

Details

Name:	00000007.00000003.1566777950.0000000033541000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33541000
Size:	16384

Details

Name:	00000000.00000002.1379577127.0000000002DA2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2DA2000
Size:	12288

Details

Name:	00000000.00000002.1403701946.0000000004B11000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4B11000
Size:	12288

Details

Name:	00000000.00000002.1403460637.0000000004AC7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4AC7000
Size:	12288

Details

Name:	0000000D.00000002.1617207792.00000000033D5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	33D5000
Size:	4096

Details

Name:	00000000.00000002.1379042941.0000000002CC6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CC6000
Size:	77824

Details

Name:	00000000.00000002.1381503098.000000000448E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	448E000
Size:	12288

Details

Name:	00000000.00000002.1379925840.0000000002E60000.00000004.00001000.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page read and write
Base address:	2E60000
Size:	4096

Details

Name:	00000000.00000002.1394686151.000000000492C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	492C000
Size:	12288

Details

Name:	00000000.00000002.1386908005.0000000004771000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4771000
Size:	12288

Details

Name:	00000000.00000002.1403209702.0000000004A8D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A8D000
Size:	12288

Details

Name:	00000000.00000002.1381768433.0000000004512000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4512000
Size:	4096

Details

Name:	00000000.00000002.1380281494.0000000004421000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4421000
Size:	8192

Details

Name:	00000000.00000002.1402933148.0000000004A38000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A38000
Size:	12288

Details

Name:	00000000.00000002.1389224108.00000000047A0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	47A0000
Size:	12288

Details

Name:	00000000.00000002.1402933148.0000000004A4F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A4F000
Size:	12288

Details

Name:	00000000.00000002.1378235554.0000000002C13000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C13000
Size:	12288

Details

Name:	00000000.00000002.1378793298.0000000002CC1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CC1000
Size:	12288

Details

Name:	00000007.00000003.1564187605.00000000335BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335BA000
Size:	8192

Details

Name:	00000000.00000002.1378235554.0000000002C39000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C39000
Size:	12288

Details

Name:	0000000D.00000003.1600961880.00000000037A8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37A8000
Size:	53248

Details

Name:	00000007.00000002.3736221169.00000000328DD000.00000004.00000010.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	328DD000
Size:	12288

Details

Name:	00000000.00000002.1378553847.0000000002C42000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C42000
Size:	12288

Details

Name:	00000000.00000002.1376627925.0000000002A57000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2A57000
Size:	8192

Details

Name:	00000000.00000002.1394686151.0000000004965000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4965000
Size:	12288

Details

Name:	0000000D.00000003.1600961880.00000000037BC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37BC000
Size:	8192

Details

Name:	00000000.00000002.1380006625.00000000043C6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	43C6000
Size:	12288

Details

Name:	0000000D.00000003.1596184992.00000000055F3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	55F3000
Size:	12288

Details

Name:	00000000.00000002.1402933148.0000000004A3C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A3C000
Size:	12288

Details

Name:	00000000.00000002.1394686151.000000000493F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	493F000
Size:	12288

Details

Name:	00000000.00000002.1379577127.0000000002D9E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2D9E000
Size:	12288

Details

Name:	00000000.00000002.1393376403.0000000004856000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4856000
Size:	8192

Details

Name:	00000000.00000002.1376627925.0000000002AA6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2AA6000
Size:	12288

Details

Name:	00000000.00000002.1376627925.0000000002A14000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2A14000
Size:	12288

Details

Name:	00000007.00000003.1563147478.00000000335BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335BA000
Size:	8192

Details

Name:	00000000.00000002.1379307399.0000000002D6B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2D6B000
Size:	4096

Details

Name:	0000000D.00000003.1613951564.00000000037E3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37E3000
Size:	143360

Details

Name:	00000000.00000002.1376290302.000000000099F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	99F000
Size:	4096

Details

Name:	00000007.00000003.1718990338.000000003363B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3363B000
Size:	16384

Details

Name:	0000000D.00000003.1613840573.00000000037C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37C0000
Size:	16384

Details

Name:	00000000.00000003.1254051080.00000000007F9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	7F9000
Size:	114688

Details

Name:	00000007.00000003.1620843598.0000000002B4F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4F000
Size:	53248

Details

Name:	00000000.00000002.1379307399.0000000002D53000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2D53000
Size:	12288

Details

Name:	00000007.00000003.1566385186.0000000002B3F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B3F000
Size:	32768

Signature Hits	Behavior Group	Mitre Attack
SQL strings found in memory and binary data	System Summary
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000000.00000002.1379042941.0000000002CF1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CF1000
Size:	12288

Details

Name:	00000007.00000003.1562942237.0000000033653000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33653000
Size:	249856

Details

Name:	00000000.00000002.1383256141.0000000004698000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4698000
Size:	12288

Details

Name:	00000000.00000002.1375856360.0000000000830000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	830000
Size:	12288

Details

Name:	0000000D.00000003.1603464031.00000000037AC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37AC000
Size:	8192

Details

Name:	0000000D.00000003.1615323057.00000000038A6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	38A6000
Size:	4096

Details

Name:	0000000D.00000002.1617004578.0000000003340000.00000002.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	heap
Protect:	page readonly
Base address:	3340000
Size:	4096

Details

Name:	00000007.00000003.1468669286.0000000002AF8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2AF8000
Size:	253952

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000000.00000002.1397444212.00000000049A0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	49A0000
Size:	8192

Details

Name:	00000000.00000002.1385402191.00000000046FA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	46FA000
Size:	12288

Details

Name:	00000000.00000002.1381768433.00000000044ED000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	44ED000
Size:	8192

Details

Name:	00000000.00000002.1380281494.00000000043E2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	43E2000
Size:	143360

Details

Name:	00000000.00000002.1376627925.0000000002A10000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2A10000
Size:	12288

Details

Name:	00000000.00000002.1378235554.0000000002C04000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C04000
Size:	12288

Details

Name:	00000000.00000002.1376627925.0000000002A27000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2A27000
Size:	12288

Details

Name:	00000007.00000003.1727989297.00000000335F7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335F7000
Size:	8192

Details

Name:	00000000.00000002.1403701946.0000000004AFE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4AFE000
Size:	12288

Details

Name:	00000000.00000002.1379042941.0000000002CE5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CE5000
Size:	12288

Details

Name:	00000007.00000002.3715812083.00000000021B8000.00000040.00000400.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	remote allocation
Protect:	page execute and read and write
Base address:	21B8000
Size:	6889472

Details

Name:	0000000D.00000003.1594208483.00000000037B5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B5000
Size:	90112

Details

Name:	00000000.00000002.1379971539.0000000002FBC000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2FBC000
Size:	16384

Details

Name:	00000007.00000003.1566385186.0000000002B4E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4E000
Size:	4096

Details

Name:	00000000.00000002.1379042941.0000000002D0B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2D0B000
Size:	12288

Details

Name:	00000007.00000003.1619588022.00000000336CE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	336CE000
Size:	40960

Details

Name:	00000000.00000000.1252265988.0000000000401000.00000020.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown
Protect:	page execute read
Base address:	401000
Size:	24576

Details

Name:	00000007.00000003.1564627531.0000000002B43000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B43000
Size:	16384

Details

Name:	00000007.00000003.1727750714.00000000335FA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335FA000
Size:	4096

Details

Name:	00000007.00000003.1727477249.0000000002B41000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B41000
Size:	24576

Details

Name:	00000007.00000003.1728171293.0000000002B7E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B7E000
Size:	4096

Details

Name:	00000000.00000002.1382012236.0000000004567000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4567000
Size:	12288

Details

Name:	00000000.00000002.1404309589.0000000004BE6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4BE6000
Size:	4096

Details

Name:	00000000.00000002.1403209702.0000000004A89000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A89000
Size:	12288

Details

Name:	00000000.00000002.1394433886.0000000004927000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4927000
Size:	12288

Details

Name:	00000007.00000003.1621809486.0000000033541000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33541000
Size:	8192

Details

Name:	00000007.00000002.3736553466.00000000332BF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	332BF000
Size:	4096

Details

Name:	00000007.00000003.1566032052.0000000002B4A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4A000
Size:	4096

Details

Name:	00000000.00000002.1381503098.00000000044BF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	44BF000
Size:	12288

Details

Name:	00000000.00000002.1392862285.0000000004810000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4810000
Size:	12288

Details

Name:	00000007.00000003.2609450191.0000000002B3C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B3C000
Size:	20480

Details

Name:	00000000.00000002.1386908005.0000000004753000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4753000
Size:	12288

Details

Name:	00000000.00000002.1378553847.0000000002C61000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C61000
Size:	4096

Details

Name:	00000000.00000002.1375856360.00000000007AE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7AE000
Size:	167936

Details

Name:	00000007.00000002.3717789197.00000000029D0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	29D0000
Size:	8192

Details

Name:	00000007.00000003.1567278053.0000000002B43000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B43000
Size:	16384

Details

Name:	00000000.00000002.1382230732.00000000045C5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	45C5000
Size:	12288

Details

Name:	00000000.00000002.1383256141.00000000046AF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	46AF000
Size:	12288

Details

Name:	00000000.00000002.1378235554.0000000002C09000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C09000
Size:	4096

Details

Name:	00000007.00000003.1567908830.0000000033541000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33541000
Size:	16384

Details

Name:	0000000D.00000002.1617895639.00000000038AD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	38AD000
Size:	8192

Signature Hits	Behavior Group	Mitre Attack
Found strings which match to known social media urls	Networking
URLs found in memory or binary data	Networking

Details

Name:	00000000.00000002.1379577127.0000000002DCF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2DCF000
Size:	12288

Details

Name:	00000000.00000002.1386908005.000000000474B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	474B000
Size:	12288

Details

Name:	00000000.00000002.1378793298.0000000002C88000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C88000
Size:	12288

Details

Name:	00000007.00000003.1563931505.0000000002B4A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4A000
Size:	4096

Details

Name:	00000000.00000002.1404057179.0000000004BB0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4BB0000
Size:	8192

Details

Name:	00000000.00000002.1376405091.0000000002270000.00000004.00001000.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page read and write
Base address:	2270000
Size:	4096

Details

Name:	00000007.00000003.1564721745.00000000335BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335BA000
Size:	8192

Details

Name:	0000000D.00000003.1602686304.00000000037C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37C0000
Size:	28672

Details

Name:	00000000.00000002.1402609640.0000000004A0D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A0D000
Size:	12288

Details

Name:	00000000.00000002.1375856360.00000000007D9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7D9000
Size:	4096

Details

Name:	00000007.00000002.3736344979.0000000032D30000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	32D30000
Size:	274432

Details

Name:	00000007.00000002.3736993360.000000003390E000.00000040.10000000.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unclassified section
Protect:	page execute and read and write
Base address:	3390E000
Size:	4096

Details

Name:	00000000.00000002.1382230732.0000000004598000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4598000
Size:	8192

Details

Name:	00000007.00000002.3736750451.0000000033652000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	33652000
Size:	4096

Details

Name:	00000007.00000003.1464452456.0000000032E30000.00000004.00000400.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	remote allocation
Protect:	page read and write
Base address:	32E30000
Size:	4096

Details

Name:	00000007.00000003.1565972561.0000000033541000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33541000
Size:	12288

Details

Name:	00000000.00000002.1394433886.0000000004923000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4923000
Size:	12288

Details

Name:	00000000.00000002.1375856360.0000000000858000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	858000
Size:	16384

Details

Name:	0000000D.00000002.1616639677.000000000045E000.00000040.80000000.00040000.00000000.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	system
Protect:	page execute and read and write
Base address:	45E000
Size:	4096

Details

Name:	00000000.00000002.1381768433.0000000004516000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4516000
Size:	12288

Details

Name:	00000007.00000003.1719138137.0000000002B4E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4E000
Size:	57344

Details

Name:	00000000.00000002.1397444212.000000000498D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	498D000
Size:	8192

Details

Name:	0000000D.00000003.1603747807.00000000037B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B0000
Size:	4096

Details

Name:	00000007.00000002.3718279080.0000000004600000.00000004.00001000.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page read and write
Base address:	4600000
Size:	4096

Details

Name:	00000000.00000002.1404309589.0000000004BC9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4BC9000
Size:	8192

Details

Name:	00000000.00000002.1378553847.0000000002C6D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C6D000
Size:	8192

Details

Name:	00000000.00000002.1397444212.0000000004981000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4981000
Size:	12288

Details

Name:	00000010.00000002.1589224007.0000000002D5C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2D5C000
Size:	16384

Details

Name:	00000007.00000003.1568100382.0000000033541000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33541000
Size:	16384

Details

Name:	00000010.00000003.1588778294.00000000031F4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31F4000
Size:	4096

Details

Name:	00000000.00000002.1394433886.0000000004905000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4905000
Size:	12288

Details

Name:	00000000.00000002.1378235554.0000000002C31000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C31000
Size:	12288

Details

Name:	00000010.00000003.1589035584.00000000031C3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31C3000
Size:	4096

Details

Name:	0000000D.00000003.1602686304.00000000037B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B1000
Size:	53248

Details

Name:	00000007.00000002.3737186314.0000000033CF0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page read and write
Base address:	33CF0000
Size:	4096

Details

Name:	0000000D.00000003.1604066528.00000000037B3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B3000
Size:	4096

Details

Name:	0000000D.00000003.1602048010.00000000037A1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37A1000
Size:	32768

Details

Name:	00000000.00000002.1386908005.0000000004744000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4744000
Size:	8192

Details

Name:	0000000D.00000002.1617991158.0000000005480000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5480000
Size:	4096

Details

Name:	00000000.00000002.1386908005.0000000004740000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4740000
Size:	12288

Details

Name:	00000000.00000002.1393376403.0000000004837000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4837000
Size:	12288

Details

Name:	00000010.00000003.1589076422.00000000031CD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31CD000
Size:	4096

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	0000000D.00000003.1602288232.00000000037A1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37A1000
Size:	94208

Details

Name:	00000000.00000002.1386908005.000000000475A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	475A000
Size:	12288

Details

Name:	00000000.00000002.1381768433.0000000004500000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4500000
Size:	8192

Details

Name:	00000007.00000003.1578914640.00000000335BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335BA000
Size:	8192

Details

Name:	00000000.00000002.1382436851.000000000460B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	460B000
Size:	12288

Details

Name:	00000000.00000002.1382436851.0000000004607000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4607000
Size:	12288

Details

Name:	0000000D.00000002.1617348716.0000000003488000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3488000
Size:	81920

Details

Name:	0000000D.00000003.1600491055.00000000037CA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37CA000
Size:	4096

Details

Name:	0000000D.00000003.1602943646.00000000037C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37C0000
Size:	4096

Details

Name:	00000007.00000003.1563296128.00000000335BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335BA000
Size:	8192

Details

Name:	00000000.00000002.1378793298.0000000002CAE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CAE000
Size:	12288

Details

Name:	0000000D.00000003.1613755492.00000000037D2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37D2000
Size:	212992

Details

Name:	00000007.00000003.1567445975.0000000002B3F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B3F000
Size:	32768

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	0000000D.00000003.1606080666.00000000037AC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37AC000
Size:	8192

Details

Name:	00000007.00000003.1564627531.0000000002B4A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4A000
Size:	4096

Details

Name:	00000000.00000002.1386908005.0000000004775000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4775000
Size:	12288

Details

Name:	00000007.00000002.3718070538.0000000002B3D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2B3D000
Size:	16384

Details

Name:	00000007.00000003.1562767775.00000000335ED000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335ED000
Size:	102400

Details

Name:	0000000F.00000002.1588393883.00000000053EF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	53EF000
Size:	4096

Details

Name:	00000000.00000002.1376627925.0000000002A30000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2A30000
Size:	61440

Details

Name:	0000000D.00000003.1603667714.00000000037AC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37AC000
Size:	8192

Details

Name:	0000000D.00000003.1606080666.00000000037B3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B3000
Size:	16384

Details

Name:	00000007.00000003.1569191872.00000000335FB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335FB000
Size:	16384

Details

Name:	00000007.00000003.1566916728.0000000033541000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33541000
Size:	16384

Details

Name:	0000000D.00000003.1602288232.00000000037BC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37BC000
Size:	8192

Details

Name:	0000000D.00000003.1603464031.00000000037A1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37A1000
Size:	40960

Details

Name:	00000007.00000003.1567706944.00000000335BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335BA000
Size:	8192

Details

Name:	0000000D.00000003.1600227511.0000000005780000.00000004.00000800.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5780000
Size:	4096

Details

Name:	00000000.00000002.1403209702.0000000004A83000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A83000
Size:	4096

Details

Name:	00000000.00000002.1376432020.00000000022A0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page read and write
Base address:	22A0000
Size:	4096

Details

Name:	00000000.00000002.1382012236.000000000455C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	455C000
Size:	8192

Details

Name:	00000000.00000002.1376627925.0000000002A84000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2A84000
Size:	45056

Details

Name:	00000000.00000002.1389224108.00000000047D5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	47D5000
Size:	12288

Details

Name:	0000000D.00000003.1603346838.00000000037C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37C0000
Size:	4096

Details

Name:	0000000D.00000003.1595649905.00000000037B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B1000
Size:	712704

Details

Name:	00000007.00000002.3718092621.0000000002B4A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2B4A000
Size:	4096

Details

Name:	00000007.00000003.1565116473.0000000002B4E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4E000
Size:	4096

Details

Name:	00000000.00000002.1379307399.0000000002D71000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2D71000
Size:	12288

Details

Name:	00000000.00000002.1382436851.00000000045D2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	45D2000
Size:	12288

Details

Name:	00000000.00000002.1386908005.000000000476A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	476A000
Size:	8192

Details

Name:	0000000D.00000003.1613281197.00000000037AF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37AF000
Size:	61440

Details

Name:	00000007.00000003.1567547732.0000000033541000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33541000
Size:	16384

Details

Name:	00000007.00000002.3736847007.00000000337EF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	337EF000
Size:	8192

Details

Name:	00000000.00000002.1382230732.00000000045C9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	45C9000
Size:	12288

Details

Name:	0000000D.00000003.1597821612.00000000033D4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33D4000
Size:	8192

Details

Name:	00000010.00000002.1589337352.0000000003080000.00000004.00000020.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3080000
Size:	4096

Details

Name:	00000000.00000002.1403209702.0000000004A7A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A7A000
Size:	12288

Details

Name:	00000007.00000000.1367392312.0000000000400000.00000002.00000001.01000000.00000003.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	400000
Size:	4096

Details

Name:	00000000.00000002.1382674596.0000000004665000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4665000
Size:	12288

Details

Name:	0000000D.00000003.1599995413.0000000005780000.00000004.00000800.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5780000
Size:	4096

Details

Name:	00000007.00000003.1567777678.0000000002B4E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4E000
Size:	4096

Details

Name:	00000000.00000002.1376627925.0000000002A2C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2A2C000
Size:	4096

Details

Name:	0000000D.00000003.1613549626.00000000037B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B0000
Size:	57344

Details

Name:	0000000D.00000003.1596887356.0000000005581000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	5581000
Size:	450560

Details

Name:	00000000.00000002.1376627925.0000000002A55000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2A55000
Size:	4096

Details

Name:	00000007.00000003.1566441354.00000000335BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335BA000
Size:	8192

Details

Name:	00000000.00000002.1402609640.0000000004A25000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A25000
Size:	4096

Details

Name:	0000000F.00000002.1588011694.0000000000400000.00000040.80000000.00040000.00000000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	system
Protect:	page execute and read and write
Base address:	400000
Size:	344064

Details

Name:	00000000.00000002.1380946630.0000000004472000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4472000
Size:	12288

Details

Name:	0000000D.00000003.1600491055.00000000037D2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37D2000
Size:	4096

Details

Name:	00000000.00000002.1393376403.0000000004861000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4861000
Size:	12288

Details

Name:	00000000.00000002.1382012236.0000000004560000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4560000
Size:	8192

Details

Name:	00000007.00000003.1564721745.0000000033541000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33541000
Size:	12288

Details

Name:	00000007.00000003.1568778684.0000000002B4A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4A000
Size:	4096

Details

Name:	00000000.00000002.1383256141.000000000468D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	468D000
Size:	12288

Details

Name:	00000007.00000002.3736993360.0000000033924000.00000040.10000000.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unclassified section
Protect:	page execute and read and write
Base address:	33924000
Size:	36864

Details

Name:	00000000.00000002.1378793298.0000000002C9B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C9B000
Size:	12288

Details

Name:	00000007.00000003.1568714727.000000003363B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3363B000
Size:	16384

Details

Name:	00000000.00000002.1379307399.0000000002D18000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2D18000
Size:	69632

Details

Name:	0000000D.00000002.1617642705.00000000037C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	37C0000
Size:	16384

Details

Name:	00000000.00000002.1383256141.0000000004681000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4681000
Size:	12288

Details

Name:	00000007.00000003.1562767775.000000003362B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3362B000
Size:	4096

Details

Name:	00000000.00000002.1403701946.0000000004B2C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4B2C000
Size:	8192

Details

Name:	00000007.00000003.1584628119.0000000002B4E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4E000
Size:	57344

Details

Name:	00000007.00000003.1620546343.00000000336DE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	336DE000
Size:	4096

Details

Name:	00000007.00000003.1717953467.00000000336E6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	336E6000
Size:	4096

Details

Name:	00000000.00000002.1393376403.000000000484E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	484E000
Size:	12288

Details

Name:	00000000.00000002.1380281494.0000000004437000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4437000
Size:	12288

Details

Name:	00000000.00000002.1378553847.0000000002C68000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C68000
Size:	12288

Details

Name:	00000000.00000002.1392862285.0000000004814000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4814000
Size:	8192

Details

Name:	00000007.00000002.3718219484.0000000002D4F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2D4F000
Size:	4096

Details

Name:	00000000.00000002.1379042941.0000000002D0F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2D0F000
Size:	12288

Details

Name:	00000000.00000002.1403209702.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A91000
Size:	12288

Details

Name:	00000000.00000002.1393840534.00000000048C3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	48C3000
Size:	12288

Details

Name:	00000000.00000002.1380281494.0000000004434000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4434000
Size:	8192

Details

Name:	00000000.00000002.1404028079.0000000004B3C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4B3C000
Size:	266240

Details

Name:	00000007.00000003.1618727080.0000000033702000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33702000
Size:	4096

Details

Name:	0000000D.00000003.1615392614.000000000379F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	379F000
Size:	20480

Details

Name:	00000000.00000002.1376627925.0000000002A0C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2A0C000
Size:	8192

Details

Name:	00000000.00000002.1380946630.000000000445F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	445F000
Size:	12288

Details

Name:	00000000.00000002.1376627925.0000000002A23000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2A23000
Size:	12288

Details

Name:	00000000.00000002.1380281494.0000000004430000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4430000
Size:	12288

Details

Name:	00000000.00000002.1382012236.0000000004550000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4550000
Size:	12288

Details

Name:	00000000.00000002.1385402191.0000000004709000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4709000
Size:	12288

Details

Name:	00000000.00000002.1375136468.000000000042B000.00000004.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	42B000
Size:	12288

Details

Name:	0000000D.00000003.1600431283.00000000033D4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33D4000
Size:	8192

Details

Name:	00000007.00000002.3718582893.0000000004700000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4700000
Size:	8192

Details

Name:	00000007.00000003.1568332091.0000000002B4A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4A000
Size:	4096

Details

Name:	00000000.00000002.1403209702.0000000004A9C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A9C000
Size:	12288

Details

Name:	00000007.00000003.1567908830.00000000335BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335BA000
Size:	8192

Details

Name:	00000007.00000003.1727915923.000000003363B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3363B000
Size:	16384

Details

Name:	00000000.00000002.1392862285.00000000047E6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	47E6000
Size:	12288

Details

Name:	0000000D.00000003.1612936684.00000000037F8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37F8000
Size:	389120

Details

Name:	00000007.00000003.1619761924.00000000336EE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	336EE000
Size:	65536

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	00000000.00000002.1379823958.0000000002DDC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2DDC000
Size:	8192

Details

Name:	00000000.00000002.1378187409.0000000002B10000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2B10000
Size:	32768

Details

Name:	00000007.00000003.1727989297.00000000335EC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335EC000
Size:	12288

Details

Name:	00000000.00000002.1376627925.0000000002AB1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2AB1000
Size:	4096

Details

Name:	00000000.00000002.1403701946.0000000004B09000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4B09000
Size:	4096

Details

Name:	00000000.00000002.1380006625.00000000043AB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	43AB000
Size:	12288

Details

Name:	00000007.00000003.1578061660.0000000002B43000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B43000
Size:	16384

Details

Name:	00000007.00000002.3715303204.0000000000400000.00000002.00000001.01000000.00000003.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	400000
Size:	4096

Details

Name:	00000000.00000000.1252280872.0000000000407000.00000002.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	407000
Size:	8192

Details

Name:	00000000.00000002.1385402191.0000000004718000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4718000
Size:	12288

Details

Name:	00000000.00000002.1403209702.0000000004AA8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4AA8000
Size:	8192

Details

Name:	00000000.00000002.1402933148.0000000004A69000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A69000
Size:	12288

Details

Name:	0000000D.00000002.1616861888.0000000002FD7000.00000004.00000010.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2FD7000
Size:	4096

Details

Name:	00000010.00000002.1589489830.00000000031C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	31C0000
Size:	12288

Details

Name:	00000000.00000002.1402933148.0000000004A71000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A71000
Size:	12288

Details

Name:	00000000.00000002.1404057179.0000000004BAC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4BAC000
Size:	12288

Details

Name:	00000007.00000002.3736287229.0000000032B70000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	32B70000
Size:	4096

Details

Name:	00000007.00000003.1620105494.00000000336FD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	336FD000
Size:	4096

Details

Name:	0000000D.00000003.1597440117.0000000005481000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	5481000
Size:	253952

Details

Name:	00000000.00000002.1379882464.0000000002E30000.00000004.00001000.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page read and write
Base address:	2E30000
Size:	4096

Details

Name:	00000000.00000002.1404457055.0000000004FA0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4FA0000
Size:	311296

Details

Name:	00000007.00000003.1582362772.0000000002B4E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4E000
Size:	57344

Details

Name:	00000000.00000002.1376627925.0000000002AA3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2AA3000
Size:	8192

Details

Name:	00000000.00000002.1403460637.0000000004ACB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4ACB000
Size:	12288

Details

Name:	00000000.00000002.1394686151.0000000004947000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4947000
Size:	12288

Details

Name:	00000000.00000002.1403209702.0000000004AA4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4AA4000
Size:	12288

Details

Name:	00000010.00000003.1588897420.00000000031F4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31F4000
Size:	4096

Details

Name:	00000000.00000002.1406483569.0000000010003000.00000002.00000001.01000000.00000006.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	10003000
Size:	4096

Details

Name:	00000000.00000002.1382674596.0000000004638000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4638000
Size:	12288

Details

Name:	00000007.00000003.1568877969.0000000033541000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33541000
Size:	16384

Details

Name:	00000007.00000003.1566130913.0000000033541000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33541000
Size:	12288

Signature Hits	Behavior Group	Mitre Attack
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000000.00000002.1393840534.00000000048B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	48B0000
Size:	12288

Details

Name:	00000007.00000003.1727655498.000000003372A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3372A000
Size:	4096

Details

Name:	00000000.00000002.1404309589.0000000004BE2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4BE2000
Size:	12288

Details

Name:	00000000.00000002.1378553847.0000000002C78000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C78000
Size:	8192

Details

Name:	00000000.00000002.1393376403.0000000004846000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4846000
Size:	12288

Details

Name:	00000000.00000002.1376362863.000000000223E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	223E000
Size:	8192

Details

Name:	00000007.00000003.1564447487.0000000002B4A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4A000
Size:	4096

Details

Name:	00000000.00000002.1380006625.00000000043BE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	43BE000
Size:	12288

Details

Name:	0000000D.00000003.1615159909.0000000003790000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3790000
Size:	4096

Details

Name:	00000000.00000002.1380946630.0000000004481000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4481000
Size:	12288

Details

Name:	00000007.00000003.1620668600.000000003363B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3363B000
Size:	16384

Details

Name:	00000000.00000002.1392862285.00000000047F1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	47F1000
Size:	12288

Details

Name:	00000000.00000002.1380946630.0000000004448000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4448000
Size:	12288

Details

Name:	00000000.00000002.1402609640.0000000004A09000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A09000
Size:	8192

Details

Name:	00000000.00000002.1376627925.0000000002A40000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2A40000
Size:	12288

Details

Name:	00000007.00000003.1563587978.0000000002B43000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B43000
Size:	16384

Details

Name:	0000000D.00000003.1614219885.00000000037C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37C4000
Size:	57344

Details

Name:	00000007.00000003.1563931505.0000000002B50000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B50000
Size:	49152

Details

Name:	00000000.00000002.1378793298.0000000002CA6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CA6000
Size:	12288

Details

Name:	0000000D.00000003.1602048010.00000000037AF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37AF000
Size:	36864

Details

Name:	00000000.00000002.1403460637.0000000004ABC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4ABC000
Size:	12288

Details

Name:	00000007.00000003.1560656831.0000000033641000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33641000
Size:	155648

Details

Name:	00000010.00000003.1589129876.00000000031F4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31F4000
Size:	4096

Details

Name:	00000000.00000002.1382436851.00000000045E1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	45E1000
Size:	12288

Details

Name:	00000007.00000003.1563931505.0000000002B43000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B43000
Size:	16384

Details

Name:	00000010.00000002.1589337352.0000000003058000.00000004.00000020.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3058000
Size:	65536

Details

Name:	0000000D.00000003.1600067366.0000000005780000.00000004.00000800.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5780000
Size:	4096

Details

Name:	00000000.00000002.1404057179.0000000004BBB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4BBB000
Size:	12288

Details

Name:	00000007.00000003.1562902860.0000000002B4A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4A000
Size:	4096

Details

Name:	00000000.00000002.1403460637.0000000004AE6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4AE6000
Size:	8192

Details

Name:	0000000D.00000003.1613044661.00000000037A9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37A9000
Size:	20480

Details

Name:	00000000.00000002.1378793298.0000000002C9F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C9F000
Size:	12288

Details

Name:	00000000.00000002.1381768433.0000000004525000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4525000
Size:	12288

Details

Name:	00000000.00000002.1378235554.0000000002C00000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C00000
Size:	12288

Details

Name:	00000000.00000002.1389224108.00000000047D9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	47D9000
Size:	12288

Details

Name:	00000007.00000003.1468669286.0000000002AF5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2AF5000
Size:	8192

Details

Name:	00000000.00000002.1379042941.0000000002CE9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CE9000
Size:	12288

Details

Name:	00000000.00000002.1381768433.00000000044C8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	44C8000
Size:	143360

Details

Name:	00000000.00000002.1397444212.00000000049A7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	49A7000
Size:	12288

Details

Name:	00000007.00000003.1618948525.000000003362B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3362B000
Size:	4096

Details

Name:	00000000.00000002.1394433886.00000000048FD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	48FD000
Size:	12288

Details

Name:	00000000.00000002.1385402191.00000000046F6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	46F6000
Size:	12288

Details

Name:	0000000D.00000003.1597673657.00000000033D4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33D4000
Size:	8192

Details

Name:	0000000D.00000003.1614024123.00000000037AC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37AC000
Size:	4096

Details

Name:	00000007.00000003.1727181686.00000000336CE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	336CE000
Size:	4096

Details

Name:	00000007.00000003.1570180728.00000000335BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335BA000
Size:	8192

Details

Name:	00000000.00000002.1379577127.0000000002DB9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2DB9000
Size:	8192

Details

Name:	00000007.00000003.1727312296.000000003372A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3372A000
Size:	4096

Details

Name:	00000000.00000002.1382230732.0000000004591000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4591000
Size:	8192

Details

Name:	0000000D.00000003.1596043866.00000000037B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B0000
Size:	4096

Details

Name:	00000007.00000003.1563296128.0000000033541000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33541000
Size:	16384

Details

Name:	00000007.00000002.3718450070.0000000004660000.00000004.00001000.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page read and write
Base address:	4660000
Size:	4096

Details

Name:	0000000D.00000003.1599827204.00000000033D4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33D4000
Size:	8192

Details

Name:	00000000.00000002.1379307399.0000000002D66000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2D66000
Size:	12288

Details

Name:	00000000.00000002.1376627925.0000000002A1F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2A1F000
Size:	12288

Details

Name:	00000000.00000002.1380281494.000000000441D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	441D000
Size:	12288

Details

Name:	00000007.00000003.1717953467.00000000336FE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	336FE000
Size:	4096

Details

Name:	0000000D.00000003.1604390630.00000000037B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B0000
Size:	8192

Details

Name:	00000007.00000003.1563704704.0000000002B3F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B3F000
Size:	32768

Details

Name:	00000007.00000003.1568778684.0000000002B4E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4E000
Size:	57344

Details

Name:	00000000.00000002.1380006625.00000000043D9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	43D9000
Size:	12288

Details

Name:	00000007.00000003.1570973239.000000003362B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3362B000
Size:	4096

Details

Name:	00000000.00000002.1386908005.0000000004751000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4751000
Size:	4096

Details

Name:	00000007.00000002.3736248409.0000000032A5E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	32A5E000
Size:	8192

Details

Name:	00000010.00000002.1589172557.000000000041B000.00000040.80000000.00040000.00000000.sdmp
TargetID:	16
Dumpstage:	process exit
Regiontype:	system
Protect:	page execute and read and write
Base address:	41B000
Size:	36864

Details

Name:	00000000.00000002.1378793298.0000000002CA3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CA3000
Size:	8192

Details

Name:	00000000.00000002.1379307399.0000000002D4F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2D4F000
Size:	12288

Details

Name:	00000000.00000002.1376325771.00000000021F4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	21F4000
Size:	8192

Details

Name:	00000000.00000002.1381503098.0000000004486000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4486000
Size:	12288

Details

Name:	00000007.00000002.3718193662.0000000002B7E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2B7E000
Size:	4096

Details

Name:	0000000D.00000002.1616972211.0000000003260000.00000004.00000020.00040000.00000000.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3260000
Size:	4096

Details

Name:	00000007.00000003.1568100382.00000000335BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335BA000
Size:	8192

Details

Name:	00000007.00000002.3717875155.0000000002AE1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2AE1000
Size:	40960

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000007.00000003.1579572804.0000000033541000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33541000
Size:	16384

Details

Name:	00000000.00000002.1378235554.0000000002C0F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C0F000
Size:	12288

Details

Name:	0000000D.00000003.1604826862.00000000037DA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37DA000
Size:	98304

Details

Name:	0000000D.00000003.1600961880.00000000037C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37C0000
Size:	12288

Details

Name:	0000000D.00000003.1613789750.00000000037C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37C4000
Size:	28672

Details

Name:	00000010.00000003.1589035584.00000000031CD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31CD000
Size:	4096

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000000.00000002.1380281494.0000000004411000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4411000
Size:	12288

Details

Name:	00000000.00000002.1380946630.0000000004476000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4476000
Size:	8192

Details

Name:	00000007.00000002.3717809161.00000000029F0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	29F0000
Size:	16384

Details

Name:	00000000.00000002.1376627925.0000000002A97000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2A97000
Size:	12288

Details

Name:	00000007.00000003.1720030591.00000000335FB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335FB000
Size:	16384

Details

Name:	0000000D.00000003.1604665598.00000000037B5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B5000
Size:	8192

Details

Name:	00000000.00000002.1403209702.0000000004A7E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A7E000
Size:	12288

Details

Name:	00000010.00000002.1589885636.0000000004D40000.00000004.00000020.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4D40000
Size:	8192

Details

Name:	00000000.00000002.1376493590.000000000270E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	270E000
Size:	8192

Details

Name:	00000007.00000003.1568161529.0000000002B4E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4E000
Size:	4096

Details

Name:	00000007.00000003.1568656838.00000000335BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335BA000
Size:	8192

Details

Name:	00000000.00000002.1381503098.0000000004499000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4499000
Size:	12288

Details

Name:	0000000D.00000003.1613789750.00000000037CF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37CF000
Size:	12288

Details

Name:	00000007.00000003.1562837323.0000000002B4B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4B000
Size:	8192

Details

Name:	00000000.00000002.1389224108.00000000047AB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	47AB000
Size:	12288

Details

Name:	00000007.00000003.1564102005.0000000002B6A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B6A000
Size:	86016

Details

Name:	0000000F.00000002.1588265932.0000000003468000.00000004.00000020.00020000.00000000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3468000
Size:	77824

Details

Name:	00000000.00000002.1404057179.0000000004BA0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4BA0000
Size:	12288

Details

Name:	00000007.00000003.1566032052.0000000002B4E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4E000
Size:	4096

Details

Name:	0000000F.00000002.1588373848.0000000004FA0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4FA0000
Size:	8192

Details

Name:	00000007.00000003.1719067758.0000000033608000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33608000
Size:	86016

Details

Name:	00000000.00000002.1382230732.000000000459F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	459F000
Size:	12288

Details

Name:	00000007.00000003.1567610050.0000000002B4A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4A000
Size:	4096

Details

Name:	0000000F.00000002.1588164939.0000000003250000.00000002.00000020.00020000.00000000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	heap
Protect:	page readonly
Base address:	3250000
Size:	4096

Details

Name:	00000000.00000002.1402609640.00000000049F6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	49F6000
Size:	12288

Details

Name:	00000000.00000002.1375856360.00000000007E2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7E2000
Size:	12288

Details

Name:	00000010.00000003.1588832046.00000000031F4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31F4000
Size:	4096

Details

Name:	00000007.00000003.1584713771.00000000336CE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	336CE000
Size:	364544

Details

Name:	00000000.00000002.1403701946.0000000004B24000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4B24000
Size:	12288

Details

Name:	00000000.00000002.1394686151.0000000004969000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4969000
Size:	12288

Details

Name:	00000000.00000002.1378793298.0000000002CB2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CB2000
Size:	12288

Details

Name:	00000007.00000002.3737143209.0000000033CDB000.00000040.10000000.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unclassified section
Protect:	page execute and read and write
Base address:	33CDB000
Size:	36864

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	00000000.00000002.1393376403.0000000004859000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4859000
Size:	12288

Details

Name:	00000007.00000003.1619588022.0000000033697000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33697000
Size:	196608

Details

Name:	00000000.00000000.1252353519.0000000000448000.00000002.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	448000
Size:	180224

Details

Name:	0000000D.00000003.1594168909.00000000038AD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	38AD000
Size:	8192

Details

Name:	00000000.00000002.1392862285.0000000004801000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4801000
Size:	8192

Details

Name:	00000000.00000002.1379577127.0000000002DD3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2DD3000
Size:	12288

Details

Name:	00000010.00000003.1588570969.00000000031F4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31F4000
Size:	4096

Details

Name:	00000000.00000002.1382436851.00000000045DA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	45DA000
Size:	8192

Details

Name:	0000000D.00000003.1615323057.00000000038AD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	38AD000
Size:	8192

Signature Hits	Behavior Group	Mitre Attack
Found strings which match to known social media urls	Networking
URLs found in memory or binary data	Networking

Details

Name:	00000000.00000002.1381768433.000000000450F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	450F000
Size:	4096

Details

Name:	0000000D.00000003.1602596863.00000000037D7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37D7000
Size:	86016

Details

Name:	00000000.00000002.1380006625.00000000043CA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	43CA000
Size:	12288

Details

Name:	00000007.00000003.2609301191.00000000335EC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335EC000
Size:	12288

Details

Name:	00000000.00000002.1394433886.0000000004920000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4920000
Size:	8192

Details

Name:	00000000.00000002.1375856360.00000000007DE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7DE000
Size:	8192

Details

Name:	0000000D.00000003.1599442584.00000000033D4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33D4000
Size:	8192

Details

Name:	00000000.00000002.1381503098.000000000448A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	448A000
Size:	12288

Details

Name:	00000000.00000002.1382230732.00000000045BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	45BA000
Size:	12288

Details

Name:	00000000.00000002.1380946630.0000000004463000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4463000
Size:	8192

Details

Name:	00000000.00000002.1381503098.00000000044B4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	44B4000
Size:	12288

Details

Name:	00000000.00000002.1380006625.00000000043A0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	43A0000
Size:	12288

Details

Name:	00000007.00000002.3736828999.000000003372A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3372A000
Size:	4096

Details

Name:	00000007.00000002.3736633784.00000000335F0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	335F0000
Size:	12288

Details

Name:	00000007.00000003.1579572804.00000000335BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335BA000
Size:	8192

Details

Name:	00000007.00000003.1584628119.0000000002B6A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B6A000
Size:	86016

Details

Name:	00000007.00000003.1584803753.00000000336EE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	336EE000
Size:	233472

Details

Name:	00000007.00000003.1560755751.0000000033608000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33608000
Size:	86016

Details

Name:	0000000D.00000003.1602183326.00000000037C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37C0000
Size:	98304

Details

Name:	0000000D.00000003.1599663577.00000000033D4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33D4000
Size:	8192

Details

Name:	00000000.00000002.1381503098.00000000044B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	44B0000
Size:	12288

Details

Name:	00000000.00000002.1403460637.0000000004AF2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4AF2000
Size:	8192

Details

Name:	00000007.00000003.1567226650.0000000033541000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33541000
Size:	12288

Details

Name:	00000000.00000002.1386908005.000000000475E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	475E000
Size:	12288

Details

Name:	0000000D.00000003.1604665598.00000000037AC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37AC000
Size:	8192

Details

Name:	00000007.00000003.1568003590.0000000002B43000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B43000
Size:	16384

Details

Name:	00000000.00000002.1376627925.0000000002AAC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2AAC000
Size:	4096

Details

Name:	00000000.00000002.1379868165.0000000002E20000.00000004.00001000.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page read and write
Base address:	2E20000
Size:	4096

Details

Name:	00000000.00000002.1376627925.0000000002AB5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2AB5000
Size:	4096

Details

Name:	00000007.00000002.3718421846.0000000004650000.00000004.00001000.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page read and write
Base address:	4650000
Size:	4096

Details

Name:	00000000.00000002.1382674596.0000000004643000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4643000
Size:	12288

Details

Name:	00000007.00000002.3715592259.0000000000409000.00000008.00000001.01000000.00000003.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page write copy
Base address:	409000
Size:	4096

Details

Name:	00000007.00000003.1620668600.000000003362B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3362B000
Size:	4096

Details

Name:	00000007.00000003.1621884572.0000000033608000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33608000
Size:	86016

Details

Name:	00000000.00000002.1381503098.00000000044C3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	44C3000
Size:	12288

Details

Name:	00000007.00000003.1582362772.0000000002B6A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B6A000
Size:	86016

Details

Name:	00000000.00000002.1381503098.00000000044A5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	44A5000
Size:	8192

Details

Name:	00000007.00000003.1563531261.0000000033541000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33541000
Size:	12288

Details

Name:	00000007.00000002.3718479034.0000000004670000.00000004.00001000.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page read and write
Base address:	4670000
Size:	4096

Details

Name:	00000000.00000002.1394433886.0000000004918000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4918000
Size:	12288

Details

Name:	00000007.00000002.3736478833.000000003303E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3303E000
Size:	8192

Details

Name:	00000007.00000002.3718556158.00000000046A0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page read and write
Base address:	46A0000
Size:	4096

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000000.00000002.1394686151.0000000004952000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4952000
Size:	12288

Details

Name:	00000000.00000002.1375856360.0000000000882000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	882000
Size:	24576

Details

Name:	00000007.00000003.1579194797.000000003363B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3363B000
Size:	16384

Details

Name:	00000007.00000003.1564548622.00000000335BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335BA000
Size:	8192

Details

Name:	00000007.00000003.1567547732.00000000335BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335BA000
Size:	8192

Details

Name:	00000007.00000003.1727750714.00000000335F7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335F7000
Size:	8192

Details

Name:	00000007.00000003.1727477249.0000000002B4A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4A000
Size:	4096

Details

Name:	00000000.00000002.1381503098.00000000044A8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	44A8000
Size:	12288

Details

Name:	0000000D.00000003.1600306214.0000000005780000.00000004.00000800.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5780000
Size:	4096

Details

Name:	00000000.00000002.1382436851.00000000045CE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	45CE000
Size:	12288

Details

Name:	00000000.00000002.1378235554.0000000002C0B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C0B000
Size:	4096

Details

Name:	00000000.00000002.1376627925.0000000002A4B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2A4B000
Size:	8192

Details

Name:	00000007.00000003.1564785909.000000003362B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3362B000
Size:	4096

Details

Name:	00000007.00000003.1621884572.00000000335FB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335FB000
Size:	36864

Details

Name:	0000000D.00000003.1601808866.00000000037BC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37BC000
Size:	8192

Details

Name:	00000010.00000002.1589613024.00000000031F0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	31F0000
Size:	16384

Details

Name:	00000000.00000002.1379577127.0000000002DD7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2DD7000
Size:	12288

Details

Name:	00000007.00000003.1727989297.00000000335FA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335FA000
Size:	4096

Details

Name:	00000000.00000002.1382012236.0000000004541000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4541000
Size:	12288

Details

Name:	00000007.00000003.1568714727.0000000033608000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33608000
Size:	86016

Details

Name:	00000000.00000002.1381768433.0000000004503000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4503000
Size:	12288

Details

Name:	0000000D.00000003.1604390630.00000000037AC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37AC000
Size:	8192

Details

Name:	00000000.00000002.1375856360.0000000000844000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	844000
Size:	12288

Details

Name:	00000000.00000002.1382674596.000000000465E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	465E000
Size:	12288

Details

Name:	00000007.00000003.1727312296.000000003370E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3370E000
Size:	4096

Details

Name:	00000007.00000003.1568161529.0000000002B3F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B3F000
Size:	32768

Details

Name:	00000000.00000002.1389224108.00000000047CE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	47CE000
Size:	8192

Details

Name:	00000007.00000003.1567777678.0000000002B3F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B3F000
Size:	32768

Details

Name:	00000007.00000003.1560755751.00000000335BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335BA000
Size:	311296

Details

Name:	00000000.00000002.1402933148.0000000004A49000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A49000
Size:	4096

Details

Name:	0000000D.00000002.1618034104.0000000005580000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5580000
Size:	4096

Details

Name:	0000000D.00000002.1616639677.0000000000474000.00000040.80000000.00040000.00000000.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	system
Protect:	page execute and read and write
Base address:	474000
Size:	36864

Details

Name:	0000000D.00000003.1614150723.0000000003842000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3842000
Size:	147456

Details

Name:	00000000.00000002.1379577127.0000000002DBC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2DBC000
Size:	12288

Details

Name:	0000000D.00000002.1617289063.0000000003430000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3430000
Size:	4096

Details

Name:	00000007.00000003.1570257355.0000000033608000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33608000
Size:	86016

Details

Name:	00000000.00000002.1382012236.0000000004563000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4563000
Size:	12288

Details

Name:	00000007.00000003.1570876649.0000000033541000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33541000
Size:	12288

Details

Name:	0000000D.00000003.1615620606.0000000005481000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	5481000
Size:	253952

Details

Name:	00000010.00000002.1589337352.0000000003069000.00000004.00000020.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3069000
Size:	20480

Details

Name:	00000010.00000002.1589172557.0000000000400000.00000040.80000000.00040000.00000000.sdmp
TargetID:	16
Dumpstage:	process exit
Regiontype:	system
Protect:	page execute and read and write
Base address:	400000
Size:	106496

Signature Hits	Behavior Group	Mitre Attack
Found strings which match to known social media urls	Networking
URLs found in memory or binary data	Networking

Details

Name:	00000007.00000003.1566834706.0000000002B4E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4E000
Size:	4096

Details

Name:	00000007.00000003.1468608642.0000000002AF2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2AF2000
Size:	20480

Details

Name:	0000000D.00000003.1600363241.0000000005780000.00000004.00000800.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5780000
Size:	4096

Details

Name:	00000007.00000003.1568332091.0000000002B4E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4E000
Size:	4096

Details

Name:	00000000.00000002.1375136468.0000000000446000.00000004.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	446000
Size:	4096

Details

Name:	00000007.00000003.1567378837.00000000335BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335BA000
Size:	8192

Details

Name:	00000007.00000003.1718990338.000000003362B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3362B000
Size:	4096

Details

Name:	0000000D.00000003.1594957647.00000000037B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B1000
Size:	614400

Details

Name:	0000000D.00000003.1604527019.00000000037E2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37E2000
Size:	81920

Details

Name:	00000000.00000002.1382012236.0000000004558000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4558000
Size:	12288

Details

Name:	0000000D.00000003.1597870929.00000000033D4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33D4000
Size:	8192

Details

Name:	00000007.00000003.1563147478.0000000033541000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33541000
Size:	12288

Details

Name:	00000000.00000002.1393376403.000000000483F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	483F000
Size:	12288

Details

Name:	00000000.00000002.1394433886.000000000490C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	490C000
Size:	12288

Details

Name:	00000000.00000002.1397444212.00000000049A4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	49A4000
Size:	8192

Details

Name:	00000000.00000002.1382674596.000000000463F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	463F000
Size:	12288

Details

Name:	00000000.00000002.1378793298.0000000002C90000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C90000
Size:	8192

Details

Name:	00000007.00000003.1564347320.0000000033541000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33541000
Size:	12288

Details

Name:	00000000.00000002.1406500490.0000000010005000.00000002.00000001.01000000.00000006.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	10005000
Size:	4096

Details

Name:	0000000F.00000002.1588206349.00000000032A0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	32A0000
Size:	4096

Details

Name:	00000010.00000003.1588599012.00000000031F4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31F4000
Size:	4096

Details

Name:	00000007.00000003.1468608642.0000000002AF8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2AF8000
Size:	253952

Details

Name:	00000000.00000002.1376627925.0000000002A68000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2A68000
Size:	8192

Details

Name:	00000000.00000002.1393376403.000000000485D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	485D000
Size:	12288

Details

Name:	0000000F.00000002.1588142352.0000000003240000.00000004.00000020.00040000.00000000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3240000
Size:	4096

Details

Name:	00000000.00000002.1375767396.0000000000610000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	610000
Size:	16384

Details

Name:	00000010.00000003.1588684493.00000000031F4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31F4000
Size:	4096

Details

Name:	00000000.00000002.1380281494.0000000004419000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4419000
Size:	12288

Details

Name:	0000000D.00000003.1604889429.00000000037B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B0000
Size:	8192

Details

Name:	0000000D.00000002.1617505226.0000000003780000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3780000
Size:	4096

Details

Name:	00000007.00000003.1566984255.0000000002B43000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B43000
Size:	16384

Details

Name:	00000007.00000003.1564347320.00000000335BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335BA000
Size:	8192

Details

Name:	00000000.00000002.1403209702.0000000004A99000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A99000
Size:	8192

Details

Name:	00000000.00000002.1403460637.0000000004AF5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4AF5000
Size:	12288

Details

Name:	00000000.00000002.1380946630.000000000447D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	447D000
Size:	12288

Details

Name:	00000000.00000002.1378793298.0000000002CB6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CB6000
Size:	8192

Details

Name:	00000000.00000002.1402933148.0000000004A4C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A4C000
Size:	8192

Details

Name:	00000000.00000002.1378553847.0000000002C7B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C7B000
Size:	12288

Details

Name:	00000000.00000002.1379042941.0000000002CDE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CDE000
Size:	12288

Details

Name:	00000000.00000002.1403701946.0000000004B06000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4B06000
Size:	8192

Details

Name:	00000000.00000002.1380006625.00000000043AF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	43AF000
Size:	12288

Details

Name:	00000000.00000002.1379577127.0000000002DC1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2DC1000
Size:	8192

Details

Name:	00000000.00000002.1393840534.00000000048D2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	48D2000
Size:	12288

Details

Name:	0000000D.00000003.1595350726.00000000037FD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37FD000
Size:	315392

Details

Name:	00000000.00000002.1375856360.0000000000803000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	803000
Size:	12288

Details

Name:	00000000.00000002.1393840534.00000000048BF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	48BF000
Size:	12288

Details

Name:	00000000.00000002.1382012236.000000000454C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	454C000
Size:	12288

Details

Name:	00000000.00000002.1385402191.00000000046FE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	46FE000
Size:	12288

Details

Name:	00000000.00000002.1397444212.0000000004994000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4994000
Size:	12288

Details

Name:	0000000D.00000003.1602890569.00000000037C6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37C6000
Size:	4096

Details

Name:	00000000.00000002.1404457055.0000000005A78000.00000040.00001000.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	5A78000
Size:	6889472

Details

Name:	00000000.00000002.1402933148.0000000004A56000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A56000
Size:	12288

Details

Name:	00000000.00000002.1379307399.0000000002D3C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2D3C000
Size:	12288

Details

Name:	00000000.00000002.1376594606.000000000290F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	290F000
Size:	4096

Details

Name:	00000007.00000003.1566587749.0000000002B43000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B43000
Size:	16384

Details

Name:	00000007.00000002.3718505488.0000000004680000.00000004.00001000.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page read and write
Base address:	4680000
Size:	4096

Details

Name:	00000007.00000002.3736633784.00000000335EC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	335EC000
Size:	12288

Details

Name:	00000007.00000003.1717838817.00000000335BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335BA000
Size:	8192

Details

Name:	00000007.00000003.1566916728.00000000335BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335BA000
Size:	8192

Details

Name:	0000000D.00000003.1598315373.00000000033D4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33D4000
Size:	8192

Details

Name:	0000000D.00000003.1612482464.00000000037A9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37A9000
Size:	8192

Details

Name:	0000000D.00000003.1613044661.00000000037AF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37AF000
Size:	61440

Details

Name:	0000000D.00000002.1617505226.00000000037A5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	37A5000
Size:	8192

Details

Name:	00000007.00000002.3715684951.0000000000448000.00000002.00000001.01000000.00000003.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	448000
Size:	180224

Details

Name:	00000000.00000002.1389224108.00000000047AF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	47AF000
Size:	12288

Details

Name:	00000000.00000002.1376627925.0000000002A44000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2A44000
Size:	8192

Details

Name:	00000007.00000003.1620105494.0000000033702000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33702000
Size:	4096

Details

Name:	00000000.00000002.1383256141.0000000004691000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4691000
Size:	8192

Details

Name:	00000007.00000003.1562837323.0000000002B6A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B6A000
Size:	86016

Details

Name:	0000000D.00000003.1601662668.00000000037A1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37A1000
Size:	106496

Details

Name:	00000000.00000002.1382674596.000000000463C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	463C000
Size:	8192

Details

Name:	00000007.00000003.1618948525.000000003363B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3363B000
Size:	16384

Details

Name:	00000000.00000002.1374665664.0000000000098000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	98000
Size:	32768

Details

Name:	0000000D.00000003.1597131908.0000000005588000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	5588000
Size:	421888

Details

Name:	00000000.00000002.1374954763.0000000000407000.00000002.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	407000
Size:	8192

Details

Name:	00000007.00000003.1496879057.0000000002B3D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B3D000
Size:	8192

Details

Name:	00000000.00000002.1379577127.0000000002DAD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2DAD000
Size:	12288

Details

Name:	00000000.00000002.1380281494.000000000443F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	443F000
Size:	12288

Details

Name:	00000010.00000003.1589013303.0000000004B78000.00000004.00000020.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B78000
Size:	12288

Details

Name:	00000007.00000003.1727655498.00000000336F6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	336F6000
Size:	4096

Details

Name:	00000007.00000003.1619096403.0000000002B4F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4F000
Size:	53248

Details

Name:	00000007.00000002.3715812083.00000000017B8000.00000040.00000400.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	remote allocation
Protect:	page execute and read and write
Base address:	17B8000
Size:	10485760

Details

Name:	0000000D.00000003.1602819101.00000000037C1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37C1000
Size:	24576

Details

Name:	00000007.00000003.1584548156.000000003362B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3362B000
Size:	4096

Details

Name:	00000007.00000003.1568514235.0000000033541000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33541000
Size:	16384

Details

Name:	00000000.00000002.1402933148.0000000004A34000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A34000
Size:	12288

Details

Name:	00000007.00000002.3717853188.0000000002A3E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2A3E000
Size:	8192

Details

Name:	0000000D.00000003.1613951564.0000000003842000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3842000
Size:	147456

Details

Name:	00000000.00000002.1404309589.0000000004BCC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4BCC000
Size:	8192

Details

Name:	0000000D.00000003.1614024123.00000000037B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B0000
Size:	57344

Details

Name:	00000000.00000002.1382230732.00000000045C1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	45C1000
Size:	12288

Details

Name:	00000000.00000002.1378793298.0000000002C8C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C8C000
Size:	12288

Details

Name:	00000000.00000002.1392862285.0000000004818000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4818000
Size:	8192

Details

Name:	00000000.00000002.1393840534.00000000048CE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	48CE000
Size:	12288

Details

Name:	00000000.00000002.1403701946.0000000004B02000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4B02000
Size:	12288

Details

Name:	00000000.00000002.1376627925.0000000002A04000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2A04000
Size:	12288

Details

Name:	0000000D.00000003.1602183326.00000000037B4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B4000
Size:	40960

Details

Name:	00000000.00000002.1382012236.0000000004549000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4549000
Size:	8192

Details

Name:	00000000.00000002.1403701946.0000000004B30000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4B30000
Size:	8192

Details

Name:	00000007.00000003.1620105494.00000000336DF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	336DF000
Size:	61440

Details

Name:	00000007.00000003.1565972561.00000000335BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335BA000
Size:	8192

Details

Name:	0000000D.00000003.1603346838.00000000037B7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B7000
Size:	28672

Details

Name:	00000000.00000002.1381503098.00000000044A1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	44A1000
Size:	12288

Details

Name:	00000000.00000002.1379042941.0000000002CE2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CE2000
Size:	8192

Details

Name:	00000000.00000002.1389224108.00000000047C2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	47C2000
Size:	12288

Details

Name:	0000000D.00000003.1612482464.00000000037B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B0000
Size:	28672

Details

Name:	00000007.00000002.3717875155.0000000002AC3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2AC3000
Size:	118784

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000000.00000002.1378793298.0000000002C84000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C84000
Size:	12288

Details

Name:	0000000D.00000003.1602943646.00000000037B5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B5000
Size:	36864

Details

Name:	00000000.00000002.1375856360.000000000086E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	86E000
Size:	20480

Details

Name:	00000000.00000002.1379042941.0000000002CDA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CDA000
Size:	12288

Details

Name:	00000000.00000002.1392862285.0000000004808000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4808000
Size:	12288

Details

Name:	00000007.00000003.1570973239.0000000033608000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33608000
Size:	86016

Details

Name:	00000000.00000002.1378793298.0000000002C93000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C93000
Size:	12288

Details

Name:	00000000.00000002.1379307399.0000000002D62000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2D62000
Size:	8192

Details

Name:	00000000.00000002.1380006625.00000000043BB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	43BB000
Size:	8192

Details

Name:	00000007.00000003.1728171293.0000000002B6A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B6A000
Size:	4096

Details

Name:	00000007.00000003.1727655498.00000000336E6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	336E6000
Size:	4096

Details

Name:	00000000.00000002.1392862285.00000000047EE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	47EE000
Size:	8192

Details

Name:	00000007.00000003.1565116473.0000000002B4A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4A000
Size:	4096

Details

Name:	0000000D.00000003.1599887896.00000000033D5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33D5000
Size:	4096

Details

Name:	00000000.00000002.1386908005.0000000004757000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4757000
Size:	8192

Details

Name:	00000000.00000002.1404309589.0000000004BD3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4BD3000
Size:	12288

Details

Name:	0000000D.00000003.1596525465.00000000037A1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37A1000
Size:	20480

Details

Name:	00000000.00000002.1389224108.00000000047BE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	47BE000
Size:	12288

Details

Name:	0000000D.00000003.1603907966.00000000037B3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B3000
Size:	4096

Details

Name:	0000000D.00000002.1617109735.000000000338E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	338E000
Size:	8192

Details

Name:	00000000.00000002.1393840534.00000000048E5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	48E5000
Size:	12288

Details

Name:	0000000F.00000003.1586828740.000000000382C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	382C000
Size:	4096

Details

Name:	00000007.00000003.1584628119.0000000002B4A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4A000
Size:	4096

Details

Name:	00000010.00000003.1588711951.00000000031F4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31F4000
Size:	4096

Details

Name:	00000000.00000002.1379307399.0000000002D75000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2D75000
Size:	12288

Details

Name:	0000000D.00000003.1603907966.00000000037B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B0000
Size:	8192

Details

Name:	00000007.00000003.1728315725.0000000002B7E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B7E000
Size:	4096

Details

Name:	00000007.00000003.1618727080.00000000336CC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	336CC000
Size:	4096

Details

Name:	0000000D.00000003.1605330075.00000000037C1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37C1000
Size:	102400

Details

Name:	0000000F.00000002.1588351516.0000000003820000.00000004.00000020.00020000.00000000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3820000
Size:	12288

Details

Name:	00000007.00000003.1618558049.000000003371D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3371D000
Size:	40960

Details

Name:	00000000.00000002.1381768433.00000000044FB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	44FB000
Size:	12288

Details

Name:	00000000.00000002.1404057179.0000000004B99000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4B99000
Size:	12288

Details

Name:	00000000.00000002.1375815388.000000000071F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	71F000
Size:	4096

Details

Name:	00000000.00000002.1381768433.0000000004521000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4521000
Size:	12288

Details

Name:	0000000D.00000002.1617794056.00000000038A0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	38A0000
Size:	16384

Details

Name:	0000000D.00000003.1601808866.00000000037C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37C0000
Size:	98304

Details

Name:	00000000.00000002.1397444212.0000000004976000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4976000
Size:	12288

Details

Name:	00000000.00000002.1382230732.00000000045B6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	45B6000
Size:	12288

Details

Name:	00000000.00000002.1393840534.00000000048DD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	48DD000
Size:	12288

Details

Name:	00000007.00000003.1566032052.0000000002B3F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B3F000
Size:	32768

Details

Name:	00000007.00000003.1569724602.0000000002B4E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4E000
Size:	57344

Details

Name:	0000000D.00000003.1616295308.00000000033D4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33D4000
Size:	8192

Details

Name:	00000000.00000002.1385402191.000000000471C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	471C000
Size:	12288

Details

Name:	00000000.00000002.1379839339.0000000002E00000.00000004.00001000.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page read and write
Base address:	2E00000
Size:	4096

Details

Name:	0000000D.00000003.1614888222.000000000379C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	379C000
Size:	32768

Details

Name:	00000007.00000003.1562902860.0000000002B43000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B43000
Size:	16384

Details

Name:	00000007.00000002.3717875155.0000000002A80000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2A80000
Size:	28672

Details

Name:	00000000.00000002.1394686151.000000000494E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	494E000
Size:	12288

Details

Name:	00000010.00000003.1588949425.00000000031F4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31F4000
Size:	4096

Details

Name:	0000000D.00000003.1596225475.00000000037B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37B0000
Size:	4096

Details

Name:	00000000.00000002.1379042941.0000000002D08000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2D08000
Size:	8192

Details

Name:	00000000.00000002.1379042941.0000000002D00000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2D00000
Size:	12288

Details

Name:	00000000.00000002.1379307399.0000000002D6D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2D6D000
Size:	12288

Details

Name:	00000007.00000002.3736633784.00000000335FA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	335FA000
Size:	4096

Details

Name:	00000007.00000003.1565846968.0000000002B4A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4A000
Size:	4096

Details

Name:	00000000.00000002.1380006625.00000000043CE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	43CE000
Size:	8192

Details

Name:	00000007.00000003.1564102005.0000000002B50000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B50000
Size:	49152

Details

Name:	0000000D.00000002.1617729512.00000000037CF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	37CF000
Size:	12288

Details

Name:	0000000F.00000002.1588122246.0000000002FDB000.00000004.00000010.00020000.00000000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2FDB000
Size:	20480

Details

Name:	00000007.00000003.1568656838.0000000033541000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33541000
Size:	16384

Details

Name:	00000000.00000002.1376375594.0000000002240000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2240000
Size:	4096

Details

Name:	0000000D.00000003.1614437042.000000000379C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	379C000
Size:	32768

Details

Name:	00000000.00000002.1402609640.0000000004A2F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A2F000
Size:	12288

Details

Name:	00000007.00000002.3736573536.0000000033540000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	33540000
Size:	4096

Details

Name:	00000007.00000003.1566385186.0000000002B4A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4A000
Size:	4096

Details

Name:	00000000.00000002.1404057179.0000000004BB7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4BB7000
Size:	12288

Details

Name:	00000007.00000003.1563931505.0000000002B6A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B6A000
Size:	86016

Details

Name:	00000000.00000002.1389224108.00000000047D1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	47D1000
Size:	12288

Details

Name:	00000000.00000002.1386908005.000000000473C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	473C000
Size:	8192

Details

Name:	00000007.00000003.1727181686.000000003366E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3366E000
Size:	8192

Details

Name:	0000000F.00000002.1588099087.0000000002F9C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2F9C000
Size:	16384

Details

Name:	00000007.00000003.1584548156.00000000335FB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	335FB000
Size:	16384

Details

Name:	00000000.00000002.1382230732.00000000045A7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	45A7000
Size:	12288

Details

Name:	00000000.00000002.1378553847.0000000002C4E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C4E000
Size:	4096

Details

Name:	0000000D.00000003.1596887356.00000000055F2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	55F2000
Size:	4096

Details

Name:	00000007.00000002.3736438964.0000000032EFC000.00000004.00000010.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	32EFC000
Size:	16384

Details

Name:	00000000.00000002.1402933148.0000000004A5A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A5A000
Size:	12288

Details

Name:	00000000.00000002.1378235554.0000000002C1B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C1B000
Size:	8192

Details

Name:	00000007.00000003.1727574966.0000000033653000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33653000
Size:	81920

Details

Name:	00000000.00000002.1393376403.0000000004828000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4828000
Size:	12288

Details

Name:	00000000.00000002.1389224108.00000000047DD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	47DD000
Size:	12288

Details

Name:	00000000.00000002.1403460637.0000000004ACF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4ACF000
Size:	12288

Details

Name:	0000000D.00000003.1613549626.00000000037A9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37A9000
Size:	16384

Details

Name:	00000000.00000002.1382012236.0000000004545000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4545000
Size:	12288

Details

Name:	00000007.00000003.1578061660.0000000002B4E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4E000
Size:	57344

Details

Name:	00000007.00000003.1569490157.0000000033541000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33541000
Size:	16384

Details

Name:	0000000D.00000003.1604352083.00000000037DA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37DA000
Size:	73728

Details

Name:	00000000.00000002.1380281494.000000000442C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	442C000
Size:	12288

Details

Name:	00000000.00000002.1404057179.0000000004B86000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4B86000
Size:	12288

Details

Name:	00000000.00000002.1382674596.0000000004663000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4663000
Size:	4096

Details

Name:	00000000.00000002.1376627925.0000000002AAA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2AAA000
Size:	4096

Details

Name:	00000010.00000003.1588873902.00000000031F4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	16
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31F4000
Size:	4096

Details

Name:	00000007.00000002.3737204698.0000000033CF1000.00000040.00001000.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	33CF1000
Size:	77824

Details

Name:	0000000D.00000003.1598105349.00000000033D4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	33D4000
Size:	8192

Details

Name:	00000007.00000003.1578061660.0000000002B6A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B6A000
Size:	86016

Details

Name:	00000007.00000002.3717723871.00000000029BD000.00000004.00000010.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	29BD000
Size:	12288

Details

Name:	00000007.00000002.3736268602.0000000032B5F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	32B5F000
Size:	4096

Details

Name:	00000000.00000002.1394433886.0000000004910000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4910000
Size:	12288

Details

Name:	00000000.00000002.1385402191.0000000004702000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4702000
Size:	8192

Details

Name:	00000000.00000002.1382674596.0000000004647000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4647000
Size:	12288

Details

Name:	00000007.00000003.1570257355.000000003363B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3363B000
Size:	16384

Details

Name:	0000000D.00000003.1614250761.00000000037AC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37AC000
Size:	73728

Signature Hits	Behavior Group	Mitre Attack
SQL strings found in memory and binary data	System Summary

Details

Name:	00000000.00000002.1383256141.0000000004685000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4685000
Size:	12288

Details

Name:	0000000D.00000003.1605507088.00000000037C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	37C0000
Size:	4096

Details

Name:	00000000.00000002.1381768433.00000000044F7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	44F7000
Size:	12288

Details

Name:	0000000D.00000002.1617323444.0000000003460000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3460000
Size:	8192

Details

Name:	00000007.00000003.1569191872.000000003363B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3363B000
Size:	16384

Details

Name:	00000007.00000003.1618727080.00000000336CE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	336CE000
Size:	40960

Details

Name:	00000000.00000002.1381503098.0000000004495000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4495000
Size:	12288

Details

Name:	00000000.00000002.1376627925.0000000002A00000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2A00000
Size:	12288

Details

Name:	0000000D.00000003.1613434052.0000000003834000.00000004.00000020.00020000.00000000.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3834000
Size:	147456

Details

Name:	00000007.00000003.1563209086.0000000002B4A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B4A000
Size:	4096

Details

Name:	00000000.00000002.1379042941.0000000002CFC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CFC000
Size:	12288

Details

Name:	00000000.00000002.1397444212.000000000497D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	497D000
Size:	12288

Details

Name:	00000000.00000002.1393376403.000000000484A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	484A000
Size:	12288

Details

Name:	00000000.00000002.1378793298.0000000002CBD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CBD000
Size:	12288

Details

Name:	00000007.00000002.3718331950.0000000004620000.00000004.00001000.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page read and write
Base address:	4620000
Size:	4096

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
rpayment.scr.exe

Files

Processes

URLs

Domains

IPs

Registry

Memdumps

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Reportrpayment.scr.exe

Files

Processes

URLs

Domains

IPs

Registry

Memdumps

IOC Report
rpayment.scr.exe