|
6E01000
|
trusted library allocation
|
page read and write
|
 |
|
|
| Name: |
00000008.00000002.2477667134.0000000006E01000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6E01000
|
| Size: |
327680
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Found malware configuration |
AV Detection |
|
| Yara detected Snake Keylogger |
Stealing of Sensitive Information, Remote Access Functionality |
|
| URLs found in memory or binary data |
Networking |
|
|
|
402C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1314245013.000000000402C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
402C000
|
| Size: |
831488
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected Telegram RAT |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara detected VIP Keylogger |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara detected Credential Stealer |
Stealing of Sensitive Information |
|
| Yara signature match |
System Summary |
|
| URLs found in memory or binary data |
Networking |
|
|
|
403000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.2472599680.0000000000403000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
403000
|
| Size: |
270336
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected Telegram RAT |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara detected VIP Keylogger |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara detected Credential Stealer |
Stealing of Sensitive Information |
|
| Yara signature match |
System Summary |
|
| URLs found in memory or binary data |
Networking |
|
|
|
438B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1260947515.000000000438B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
438B000
|
| Size: |
831488
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected Telegram RAT |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara detected VIP Keylogger |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
| Yara detected Credential Stealer |
Stealing of Sensitive Information |
|
| Yara signature match |
System Summary |
|
| URLs found in memory or binary data |
Networking |
|
|
|
6D91000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.0000000006D91000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6D91000
|
| Size: |
327680
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Snake Keylogger |
Stealing of Sensitive Information, Remote Access Functionality |
|
| URLs found in memory or binary data |
Networking |
|
|
|
4FBF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1316596412.0000000004FBF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4FBF000
|
| Size: |
4096
|
|
|
91F1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2487170816.00000000091F1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
91F1000
|
| Size: |
16384
|
|
|
54C5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1264233820.00000000054C5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
54C5000
|
| Size: |
40960
|
|
|
5260000
|
trusted library section
|
page readonly
|
|
|
|
| Name: |
0000000A.00000002.1316946446.0000000005260000.00000002.08000000.00040000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page readonly
|
| Base address: |
5260000
|
| Size: |
4096
|
|
|
5005000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1262264406.0000000005005000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5005000
|
| Size: |
45056
|
|
|
8EFD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2486009451.0000000008EFD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8EFD000
|
| Size: |
12288
|
|
|
4D07000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2473468952.0000000004D07000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D07000
|
| Size: |
139264
|
|
|
87A000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1236573387.000000000087A000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
87A000
|
| Size: |
24576
|
|
|
50E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2476677436.00000000050E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
50E0000
|
| Size: |
8192
|
|
|
6EC2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000006EC2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6EC2000
|
| Size: |
61440
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
6F45000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.0000000006F45000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6F45000
|
| Size: |
8192
|
|
|
6FC7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000006FC7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6FC7000
|
| Size: |
172032
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
9220000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2487916809.0000000009220000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
9220000
|
| Size: |
49152
|
|
|
4D00000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1316081639.0000000004D00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D00000
|
| Size: |
4096
|
|
|
950000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2473160859.0000000000950000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
950000
|
| Size: |
16384
|
|
|
A895000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2491949539.000000000A895000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A895000
|
| Size: |
45056
|
|
|
6FB4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000006FB4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6FB4000
|
| Size: |
8192
|
|
|
1220000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1259917812.0000000001220000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
1220000
|
| Size: |
65536
|
|
|
6E78000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000006E78000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6E78000
|
| Size: |
4096
|
|
|
524A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1262913658.000000000524A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
524A000
|
| Size: |
24576
|
|
|
4EDA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1316333377.0000000004EDA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4EDA000
|
| Size: |
24576
|
|
|
80B4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2485150390.00000000080B4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
80B4000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
D84000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1311014036.0000000000D84000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
D84000
|
| Size: |
4096
|
|
|
5470000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1263632910.0000000005470000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5470000
|
| Size: |
65536
|
|
|
6F0D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000006F0D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6F0D000
|
| Size: |
442368
|
|
|
8165000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2483834355.0000000008165000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8165000
|
| Size: |
20480
|
|
|
70BF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.00000000070BF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
70BF000
|
| Size: |
12288
|
|
|
4D35000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2473468952.0000000004D35000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D35000
|
| Size: |
4096
|
|
|
5615000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1264468923.0000000005615000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5615000
|
| Size: |
110592
|
|
|
A62000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1310363208.0000000000A62000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A62000
|
| Size: |
397312
|
|
|
5240000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1262913658.0000000005240000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5240000
|
| Size: |
36864
|
|
|
A1BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2488929167.000000000A1BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A1BE000
|
| Size: |
8192
|
|
|
6F1C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.0000000006F1C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6F1C000
|
| Size: |
4096
|
|
|
7E6E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2483834355.0000000007E6E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7E6E000
|
| Size: |
4096
|
|
|
2C26000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1260059108.0000000002C26000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C26000
|
| Size: |
4173824
|
|
|
80D5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2483834355.00000000080D5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
80D5000
|
| Size: |
8192
|
|
|
4CA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1315946795.0000000004CA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4CA0000
|
| Size: |
65536
|
|
|
4FD2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1261630204.0000000004FD2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4FD2000
|
| Size: |
49152
|
|
|
56F0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1265224655.00000000056F0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
56F0000
|
| Size: |
53248
|
|
|
55DB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1264349960.00000000055DB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55DB000
|
| Size: |
12288
|
|
|
5AB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1317405413.0000000005AB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5AB0000
|
| Size: |
65536
|
|
|
4D25000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2473589761.0000000004D25000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D25000
|
| Size: |
12288
|
|
|
972E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2488389768.000000000972E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
972E000
|
| Size: |
8192
|
|
|
117F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1259864297.000000000117F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
117F000
|
| Size: |
4096
|
|
|
4C60000
|
heap
|
page readonly
|
|
|
|
| Name: |
00000008.00000002.2473105532.0000000004C60000.00000002.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page readonly
|
| Base address: |
4C60000
|
| Size: |
4096
|
|
|
2863000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1311901401.0000000002863000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2863000
|
| Size: |
53248
|
|
|
27B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1311877017.00000000027B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
27B0000
|
| Size: |
4096
|
|
|
7A2E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1266020587.0000000007A2E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7A2E000
|
| Size: |
8192
|
|
|
E10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1311648628.0000000000E10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
E10000
|
| Size: |
4096
|
|
|
4C40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1315233407.0000000004C40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4C40000
|
| Size: |
12288
|
|
|
A920000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2490009980.000000000A920000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A920000
|
| Size: |
32768
|
|
|
2C40000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1274943646.0000000002C40000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C40000
|
| Size: |
4096
|
|
|
97C4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2488607340.00000000097C4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
97C4000
|
| Size: |
4096
|
|
|
B7EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1266600220.000000000B7EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B7EE000
|
| Size: |
8192
|
|
|
DB2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1311299181.0000000000DB2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
DB2000
|
| Size: |
4096
|
|
|
705A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.000000000705A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
705A000
|
| Size: |
188416
|
|
|
5100000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2476935616.0000000005100000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5100000
|
| Size: |
4096
|
|
|
6EBD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000006EBD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6EBD000
|
| Size: |
8192
|
|
|
70F2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.00000000070F2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
70F2000
|
| Size: |
4096
|
|
|
8D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1236622318.00000000008D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8D0000
|
| Size: |
20480
|
|
|
4C72000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1315233407.0000000004C72000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4C72000
|
| Size: |
49152
|
|
|
6B2E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2477594515.0000000006B2E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6B2E000
|
| Size: |
8192
|
|
|
9E7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2488739113.0000000009E7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9E7E000
|
| Size: |
8192
|
|
|
2A9B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1236660616.0000000002A9B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A9B000
|
| Size: |
102400
|
|
|
4D13000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.2473432364.0000000004D13000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D13000
|
| Size: |
4096
|
|
|
6DFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477619217.0000000006DFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6DFE000
|
| Size: |
8192
|
|
|
70C4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.00000000070C4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
70C4000
|
| Size: |
106496
|
|
|
7DFF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2485150390.0000000007DFF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7DFF000
|
| Size: |
4096
|
|
|
4D30000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1316282595.0000000004D30000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D30000
|
| Size: |
4096
|
|
|
7137000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000007137000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7137000
|
| Size: |
106496
|
|
|
B6CD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1266547115.000000000B6CD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B6CD000
|
| Size: |
12288
|
|
|
7022000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.0000000007022000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7022000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| SQL strings found in memory and binary data |
System Summary |
|
|
|
A5FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2490717544.000000000A5FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A5FF000
|
| Size: |
4096
|
|
|
6F58000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.0000000006F58000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6F58000
|
| Size: |
172032
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
7132000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000007132000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7132000
|
| Size: |
12288
|
|
|
A760000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2491100953.000000000A760000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A760000
|
| Size: |
8192
|
|
|
6C28000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477369860.0000000006C28000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6C28000
|
| Size: |
4096
|
|
|
7163000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000007163000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7163000
|
| Size: |
4096
|
|
|
6EEA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000006EEA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6EEA000
|
| Size: |
69632
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
1260000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1259979078.0000000001260000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1260000
|
| Size: |
65536
|
|
|
6F4B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.0000000006F4B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6F4B000
|
| Size: |
4096
|
|
|
55EB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1264349960.00000000055EB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55EB000
|
| Size: |
4096
|
|
|
5CEE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1265280785.0000000005CEE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5CEE000
|
| Size: |
8192
|
|
|
8011000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2485150390.0000000008011000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8011000
|
| Size: |
4096
|
|
|
70C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.00000000070C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
70C0000
|
| Size: |
16384
|
|
|
6E52000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.0000000006E52000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6E52000
|
| Size: |
65536
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
4ED0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1316333377.0000000004ED0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4ED0000
|
| Size: |
36864
|
|
|
7F17000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2483834355.0000000007F17000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7F17000
|
| Size: |
12288
|
|
|
5060000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2473980311.0000000005060000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5060000
|
| Size: |
4096
|
|
|
6E9E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.0000000006E9E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6E9E000
|
| Size: |
438272
|
|
|
8081000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2483834355.0000000008081000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8081000
|
| Size: |
4096
|
|
|
BDAE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1266729962.000000000BDAE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
BDAE000
|
| Size: |
8192
|
|
|
924E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2486048634.000000000924E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
924E000
|
| Size: |
45056
|
|
|
6FBA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000006FBA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6FBA000
|
| Size: |
4096
|
|
|
5290000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1263037519.0000000005290000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5290000
|
| Size: |
65536
|
|
|
71BD000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1318307181.00000000071BD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
71BD000
|
| Size: |
12288
|
|
|
E20000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1311734851.0000000000E20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E20000
|
| Size: |
32768
|
|
|
5330000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.2476930302.0000000005330000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5330000
|
| Size: |
65536
|
|
|
5110000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2477157089.0000000005110000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5110000
|
| Size: |
16384
|
|
|
AE0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1319123894.000000000AE0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
AE0E000
|
| Size: |
8192
|
|
|
807D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2485150390.000000000807D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
807D000
|
| Size: |
4096
|
|
|
A360000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2487763978.000000000A360000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A360000
|
| Size: |
430080
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
6B6C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2477660101.0000000006B6C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6B6C000
|
| Size: |
16384
|
|
|
6EA1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000006EA1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6EA1000
|
| Size: |
4096
|
|
|
80EC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2483834355.00000000080EC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
80EC000
|
| Size: |
8192
|
|
|
70BD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.00000000070BD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
70BD000
|
| Size: |
4096
|
|
|
6E7C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000006E7C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6E7C000
|
| Size: |
24576
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
A34F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2489036861.000000000A34F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A34F000
|
| Size: |
8192
|
|
|
5052000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2473842702.0000000005052000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5052000
|
| Size: |
4096
|
|
|
1240000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1259959883.0000000001240000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1240000
|
| Size: |
4096
|
|
|
4FC1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1261630204.0000000004FC1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4FC1000
|
| Size: |
16384
|
|
|
6CBE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478144139.0000000006CBE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6CBE000
|
| Size: |
8192
|
|
|
D60000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1310937785.0000000000D60000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D60000
|
| Size: |
4096
|
|
|
91F6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2487170816.00000000091F6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
91F6000
|
| Size: |
16384
|
|
|
A910000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2489917923.000000000A910000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A910000
|
| Size: |
40960
|
|
|
50ED000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.2476765777.00000000050ED000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
50ED000
|
| Size: |
4096
|
|
|
6DEF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.0000000006DEF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6DEF000
|
| Size: |
36864
|
|
|
79AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1265956277.00000000079AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
79AE000
|
| Size: |
8192
|
|
|
5350000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477117449.0000000005350000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5350000
|
| Size: |
4096
|
|
|
DF0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1311556374.0000000000DF0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
DF0000
|
| Size: |
65536
|
|
|
DB7000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1311321217.0000000000DB7000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
DB7000
|
| Size: |
4096
|
|
|
A05F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2487655105.000000000A05F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A05F000
|
| Size: |
4096
|
|
|
711E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.000000000711E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
711E000
|
| Size: |
303104
|
|
|
B36E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1266454317.000000000B36E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B36E000
|
| Size: |
8192
|
|
|
A8B7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2492140301.000000000A8B7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A8B7000
|
| Size: |
36864
|
|
|
5062000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2474019922.0000000005062000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5062000
|
| Size: |
4096
|
|
|
50A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2476611218.00000000050A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
50A0000
|
| Size: |
16384
|
|
|
7E6C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2483834355.0000000007E6C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7E6C000
|
| Size: |
4096
|
|
|
6F83000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.0000000006F83000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6F83000
|
| Size: |
102400
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
7DB9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2485150390.0000000007DB9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7DB9000
|
| Size: |
188416
|
|
|
6F89000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000006F89000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6F89000
|
| Size: |
4096
|
|
|
94E0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.2488354271.00000000094E0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
94E0000
|
| Size: |
4096
|
|
|
B70E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1266565564.000000000B70E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B70E000
|
| Size: |
8192
|
|
|
5A21000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1317159540.0000000005A21000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5A21000
|
| Size: |
40960
|
|
|
955D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2486928622.000000000955D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
955D000
|
| Size: |
12288
|
|
|
8189000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2485150390.0000000008189000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8189000
|
| Size: |
4096
|
|
|
8235000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2483834355.0000000008235000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8235000
|
| Size: |
12288
|
|
|
A61E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2488538224.000000000A61E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A61E000
|
| Size: |
8192
|
|
|
7047000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.0000000007047000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7047000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| SQL strings found in memory and binary data |
System Summary |
|
|
|
9F5E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2487611723.0000000009F5E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9F5E000
|
| Size: |
8192
|
|
|
5106000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.2477026056.0000000005106000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5106000
|
| Size: |
8192
|
|
|
5080000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2474149588.0000000005080000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5080000
|
| Size: |
28672
|
|
|
A5BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2490650548.000000000A5BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A5BE000
|
| Size: |
8192
|
|
|
976E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2488440891.000000000976E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
976E000
|
| Size: |
8192
|
|
|
708A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.000000000708A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
708A000
|
| Size: |
98304
|
|
|
955000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2473160859.0000000000955000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
955000
|
| Size: |
16384
|
|
|
6F83000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000006F83000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6F83000
|
| Size: |
8192
|
|
|
4FAB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1261630204.0000000004FAB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4FAB000
|
| Size: |
69632
|
|
|
6F18000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.0000000006F18000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6F18000
|
| Size: |
12288
|
|
|
A7DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2488689754.000000000A7DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A7DE000
|
| Size: |
8192
|
|
|
98A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2487527210.00000000098A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
98A0000
|
| Size: |
65536
|
|
|
1188000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1259883453.0000000001188000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1188000
|
| Size: |
4096
|
|
|
6D80000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1317810628.0000000006D80000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6D80000
|
| Size: |
49152
|
|
|
52B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1263489423.00000000052B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
52B0000
|
| Size: |
8192
|
|
|
526E000
|
trusted library section
|
page readonly
|
|
|
|
| Name: |
0000000A.00000002.1316946446.000000000526E000.00000002.08000000.00040000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page readonly
|
| Base address: |
526E000
|
| Size: |
8192
|
|
|
B52D000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1319478534.000000000B52D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B52D000
|
| Size: |
12288
|
|
|
50B7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2474149588.00000000050B7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
50B7000
|
| Size: |
479232
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
| URLs found in memory or binary data |
Networking |
|
|
|
6E7A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.0000000006E7A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6E7A000
|
| Size: |
73728
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
A910000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2492509671.000000000A910000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A910000
|
| Size: |
4096
|
|
|
2BCF000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1236711721.0000000002BCF000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
2BCF000
|
| Size: |
4096
|
|
|
8017000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2485150390.0000000008017000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8017000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
5DEE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1265319142.0000000005DEE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5DEE000
|
| Size: |
8192
|
|
|
5040000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2474834196.0000000005040000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5040000
|
| Size: |
8192
|
|
|
7128000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000007128000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7128000
|
| Size: |
4096
|
|
|
716E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.000000000716E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
716E000
|
| Size: |
135168
|
|
|
9246000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2486048634.0000000009246000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
9246000
|
| Size: |
8192
|
|
|
4D38000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2473468952.0000000004D38000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D38000
|
| Size: |
258048
|
|
|
4FA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1261630204.0000000004FA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4FA0000
|
| Size: |
12288
|
|
|
6F27000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.0000000006F27000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6F27000
|
| Size: |
81920
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
50FD000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.2476849415.00000000050FD000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
50FD000
|
| Size: |
4096
|
|
|
DD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1311505223.0000000000DD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
DD0000
|
| Size: |
4096
|
|
|
809000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2472989727.0000000000809000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
809000
|
| Size: |
28672
|
|
|
6F84000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1265546789.0000000006F84000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6F84000
|
| Size: |
4096
|
|
|
6F4D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.0000000006F4D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6F4D000
|
| Size: |
4096
|
|
|
6CC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1317673504.0000000006CC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6CC0000
|
| Size: |
65536
|
|
|
6F96000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000006F96000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6F96000
|
| Size: |
81920
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
9570000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.2487164766.0000000009570000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
9570000
|
| Size: |
4096
|
|
|
4D78000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2473468952.0000000004D78000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D78000
|
| Size: |
221184
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
818B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2485150390.000000000818B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
818B000
|
| Size: |
4096
|
|
|
5067000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.2474085941.0000000005067000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5067000
|
| Size: |
4096
|
|
|
7191000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000007191000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7191000
|
| Size: |
303104
|
|
|
5171000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2476630538.0000000005171000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5171000
|
| Size: |
57344
|
|
|
957000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2472987612.0000000000957000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
957000
|
| Size: |
36864
|
|
|
4D00000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2473315461.0000000004D00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D00000
|
| Size: |
16384
|
|
|
B1EB000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1319222232.000000000B1EB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B1EB000
|
| Size: |
20480
|
|
|
DF2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1259469251.0000000000DF2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
DF2000
|
| Size: |
4096
|
|
|
37C1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1314245013.00000000037C1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37C1000
|
| Size: |
28672
|
|
|
8116000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2483834355.0000000008116000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8116000
|
| Size: |
8192
|
|
|
925E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2486048634.000000000925E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
925E000
|
| Size: |
4096
|
|
|
4B5C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1261562150.0000000004B5C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4B5C000
|
| Size: |
16384
|
|
|
A840000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.2491787657.000000000A840000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
A840000
|
| Size: |
65536
|
|
|
A890000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.2489331881.000000000A890000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
A890000
|
| Size: |
65536
|
|
|
D8D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1311037070.0000000000D8D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
D8D000
|
| Size: |
4096
|
|
|
70CD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.00000000070CD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
70CD000
|
| Size: |
188416
|
|
|
6DFA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.0000000006DFA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6DFA000
|
| Size: |
12288
|
|
|
4CB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2473198423.0000000004CB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CB0000
|
| Size: |
8192
|
|
|
5260000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1262959936.0000000005260000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5260000
|
| Size: |
65536
|
|
|
50C5000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1316742918.00000000050C5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
50C5000
|
| Size: |
40960
|
|
|
7018000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000007018000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7018000
|
| Size: |
286720
|
|
|
7054000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.0000000007054000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7054000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| SQL strings found in memory and binary data |
System Summary |
|
|
|
7121000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000007121000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7121000
|
| Size: |
8192
|
|
|
A57F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2490614375.000000000A57F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A57F000
|
| Size: |
4096
|
|
|
7125000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000007125000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7125000
|
| Size: |
8192
|
|
|
761E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1265829617.000000000761E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
761E000
|
| Size: |
8192
|
|
|
80E7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2483834355.00000000080E7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
80E7000
|
| Size: |
12288
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
D9E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1259193558.0000000000D9E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
D9E000
|
| Size: |
8192
|
|
|
6E4E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.0000000006E4E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6E4E000
|
| Size: |
4096
|
|
|
29CA000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1274906211.00000000029CA000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
29CA000
|
| Size: |
24576
|
|
|
6FFF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.0000000006FFF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6FFF000
|
| Size: |
4096
|
|
|
E28000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1259543399.0000000000E28000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E28000
|
| Size: |
16384
|
|
|
A53000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1310363208.0000000000A53000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A53000
|
| Size: |
36864
|
|
|
A49D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2488405113.000000000A49D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A49D000
|
| Size: |
12288
|
|
|
6EA5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000006EA5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6EA5000
|
| Size: |
8192
|
|
|
6F22000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.0000000006F22000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6F22000
|
| Size: |
12288
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
8121000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2483834355.0000000008121000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8121000
|
| Size: |
20480
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
5080000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1262789221.0000000005080000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5080000
|
| Size: |
65536
|
|
|
DE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1259380374.0000000000DE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
DE0000
|
| Size: |
4096
|
|
|
A2A000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1310363208.0000000000A2A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A2A000
|
| Size: |
8192
|
|
|
DA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1311153925.0000000000DA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
DA0000
|
| Size: |
4096
|
|
|
DC4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1259291514.0000000000DC4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
DC4000
|
| Size: |
4096
|
|
|
127A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1260002814.000000000127A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
127A000
|
| Size: |
20480
|
|
|
5140000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1262871754.0000000005140000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5140000
|
| Size: |
4096
|
|
|
E95000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1259543399.0000000000E95000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E95000
|
| Size: |
454656
|
|
|
70F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.00000000070F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
70F0000
|
| Size: |
4096
|
|
|
A940000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2490184273.000000000A940000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A940000
|
| Size: |
8192
|
|
|
707D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.000000000707D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
707D000
|
| Size: |
4096
|
|
|
70ED000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.00000000070ED000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
70ED000
|
| Size: |
8192
|
|
|
50F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2476794490.00000000050F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
50F0000
|
| Size: |
28672
|
|
|
70B2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.00000000070B2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
70B2000
|
| Size: |
8192
|
|
|
4F00000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1316454854.0000000004F00000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F00000
|
| Size: |
65536
|
|
|
A20000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1310363208.0000000000A20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A20000
|
| Size: |
36864
|
|
|
A8E5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2489557084.000000000A8E5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A8E5000
|
| Size: |
45056
|
|
|
ABCE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1319052996.000000000ABCE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
ABCE000
|
| Size: |
8192
|
|
|
504D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.2473759023.000000000504D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
504D000
|
| Size: |
4096
|
|
|
B720000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1266581359.000000000B720000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
B720000
|
| Size: |
4096
|
|
|
7099000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000007099000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7099000
|
| Size: |
114688
|
|
|
4C95000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1315685071.0000000004C95000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4C95000
|
| Size: |
45056
|
|
|
5280000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2476737262.0000000005280000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5280000
|
| Size: |
4096
|
|
|
2C4F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1236759558.0000000002C4F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2C4F000
|
| Size: |
4096
|
|
|
6D80000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.2478508971.0000000006D80000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
6D80000
|
| Size: |
4096
|
|
|
D80000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1310962082.0000000000D80000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
D80000
|
| Size: |
8192
|
|
|
70FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1317949028.00000000070FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
70FE000
|
| Size: |
8192
|
|
|
A5F000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1310363208.0000000000A5F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A5F000
|
| Size: |
4096
|
|
|
91D6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2487170816.00000000091D6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
91D6000
|
| Size: |
8192
|
|
|
B76E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1319560906.000000000B76E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B76E000
|
| Size: |
8192
|
|
|
6D66000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478247315.0000000006D66000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6D66000
|
| Size: |
40960
|
|
|
8E8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2487123054.0000000008E8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8E8E000
|
| Size: |
8192
|
|
|
924B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2486048634.000000000924B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
924B000
|
| Size: |
8192
|
|
|
97C6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2488607340.00000000097C6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
97C6000
|
| Size: |
8192
|
|
|
7E01000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2483834355.0000000007E01000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7E01000
|
| Size: |
36864
|
|
|
4FF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1262222559.0000000004FF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4FF0000
|
| Size: |
65536
|
|
|
2C10000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1274926780.0000000002C10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C10000
|
| Size: |
24576
|
|
|
B26F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1266411142.000000000B26F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B26F000
|
| Size: |
4096
|
|
|
DF7000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1259484992.0000000000DF7000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
DF7000
|
| Size: |
4096
|
|
|
2B1E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1260040594.0000000002B1E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2B1E000
|
| Size: |
8192
|
|
|
5010000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1262433666.0000000005010000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5010000
|
| Size: |
65536
|
|
|
80DB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2483834355.00000000080DB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
80DB000
|
| Size: |
4096
|
|
|
5A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1310116211.00000000005A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5A0000
|
| Size: |
8192
|
|
|
70C7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.00000000070C7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
70C7000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| SQL strings found in memory and binary data |
System Summary |
|
|
|
81E3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2483834355.00000000081E3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
81E3000
|
| Size: |
4096
|
|
|
3B29000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1260947515.0000000003B29000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B29000
|
| Size: |
4096
|
|
|
A7B0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.2491412532.000000000A7B0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
A7B0000
|
| Size: |
65536
|
|
|
8C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1236608214.00000000008C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8C0000
|
| Size: |
4096
|
|
|
5354000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477117449.0000000005354000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5354000
|
| Size: |
49152
|
|
|
7E84000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2483834355.0000000007E84000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7E84000
|
| Size: |
12288
|
|
|
50AB000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1316689974.00000000050AB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
50AB000
|
| Size: |
20480
|
|
|
A3FD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2490495075.000000000A3FD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A3FD000
|
| Size: |
12288
|
|
|
9240000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2486048634.0000000009240000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
9240000
|
| Size: |
20480
|
|
|
6E3A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.0000000006E3A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6E3A000
|
| Size: |
4096
|
|
|
7002000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000007002000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7002000
|
| Size: |
36864
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
8078000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2485150390.0000000008078000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8078000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.2472599680.0000000000400000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
400000
|
| Size: |
4096
|
|
|
7172000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1265627124.0000000007172000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7172000
|
| Size: |
32768
|
|
|
5370000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477310510.0000000005370000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5370000
|
| Size: |
16384
|
|
|
8139000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2483834355.0000000008139000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8139000
|
| Size: |
4096
|
|
|
A326000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2489036861.000000000A326000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A326000
|
| Size: |
4096
|
|
|
80E1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2483834355.00000000080E1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
80E1000
|
| Size: |
8192
|
|
|
4CF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2473246341.0000000004CF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4CF0000
|
| Size: |
8192
|
|
|
E20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1259543399.0000000000E20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E20000
|
| Size: |
28672
|
|
|
7072000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000007072000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7072000
|
| Size: |
4096
|
|
|
A826000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2491616078.000000000A826000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A826000
|
| Size: |
4096
|
|
|
9560000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.2487055033.0000000009560000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
9560000
|
| Size: |
65536
|
|
|
280F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1311901401.000000000280F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
280F000
|
| Size: |
339968
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
A8B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2492140301.000000000A8B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A8B0000
|
| Size: |
4096
|
|
|
1270000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1260002814.0000000001270000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1270000
|
| Size: |
32768
|
|
|
5360000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477266129.0000000005360000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5360000
|
| Size: |
4096
|
|
|
2871000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1311901401.0000000002871000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2871000
|
| Size: |
323584
|
|
|
5088000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2474149588.0000000005088000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5088000
|
| Size: |
155648
|
|
|
E47000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1259543399.0000000000E47000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E47000
|
| Size: |
102400
|
|
|
A750000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.2490997819.000000000A750000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
A750000
|
| Size: |
65536
|
|
|
A824000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2489085841.000000000A824000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A824000
|
| Size: |
28672
|
|
|
7087000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000007087000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7087000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| SQL strings found in memory and binary data |
System Summary |
|
|
|
A820000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2491616078.000000000A820000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A820000
|
| Size: |
4096
|
|
|
7FCE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2485150390.0000000007FCE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FCE000
|
| Size: |
8192
|
|
|
712A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.000000000712A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
712A000
|
| Size: |
4096
|
|
|
52A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1263465360.00000000052A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
52A0000
|
| Size: |
4096
|
|
|
2DB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1236773743.0000000002DB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2DB0000
|
| Size: |
16384
|
|
|
A780000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2491237120.000000000A780000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A780000
|
| Size: |
4096
|
|
|
6ECE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1317900039.0000000006ECE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6ECE000
|
| Size: |
8192
|
|
|
2B21000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1260059108.0000000002B21000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B21000
|
| Size: |
286720
|
|
|
4DEA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2474624226.0000000004DEA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DEA000
|
| Size: |
86016
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
5065000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.2474056341.0000000005065000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5065000
|
| Size: |
4096
|
|
|
6CBF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1317593748.0000000006CBF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6CBF000
|
| Size: |
4096
|
|
|
750000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1216141072.0000000000750000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
750000
|
| Size: |
4096
|
|
|
7F21000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2485150390.0000000007F21000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7F21000
|
| Size: |
4096
|
|
|
5090000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1262822742.0000000005090000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5090000
|
| Size: |
4096
|
|
|
6FB8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000006FB8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6FB8000
|
| Size: |
4096
|
|
|
A900000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2489786831.000000000A900000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A900000
|
| Size: |
8192
|
|
|
A2F4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2489036861.000000000A2F4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A2F4000
|
| Size: |
180224
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
4FA4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1261630204.0000000004FA4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4FA4000
|
| Size: |
16384
|
|
|
2C1D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1260059108.0000000002C1D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C1D000
|
| Size: |
4096
|
|
|
A880000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2489200461.000000000A880000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A880000
|
| Size: |
65536
|
|
|
7E2D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2485150390.0000000007E2D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7E2D000
|
| Size: |
12288
|
|
|
6F49000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.0000000006F49000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6F49000
|
| Size: |
4096
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
7FCA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2485150390.0000000007FCA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FCA000
|
| Size: |
8192
|
|
|
6E6A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000006E6A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6E6A000
|
| Size: |
12288
|
|
|
7F33000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2483834355.0000000007F33000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7F33000
|
| Size: |
4096
|
|
|
92DD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2486495897.00000000092DD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
92DD000
|
| Size: |
12288
|
|
|
AACE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1319027239.000000000AACE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
AACE000
|
| Size: |
8192
|
|
|
A47E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2490574055.000000000A47E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A47E000
|
| Size: |
8192
|
|
|
4FB8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1316596412.0000000004FB8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4FB8000
|
| Size: |
24576
|
|
|
4D2A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2473468952.0000000004D2A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D2A000
|
| Size: |
16384
|
|
|
AD80000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2492542682.000000000AD80000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD80000
|
| Size: |
8192
|
|
|
6AC7000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.2477409984.0000000006AC7000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6AC7000
|
| Size: |
4096
|
|
|
ACD0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1319105174.000000000ACD0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
ACD0000
|
| Size: |
4096
|
|
|
6AE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2477533705.0000000006AE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6AE0000
|
| Size: |
4096
|
|
|
9890000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.2487439075.0000000009890000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
9890000
|
| Size: |
65536
|
|
|
80A7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2485150390.00000000080A7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
80A7000
|
| Size: |
4096
|
|
|
91D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2487170816.00000000091D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
91D0000
|
| Size: |
20480
|
|
|
6BB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478093299.0000000006BB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6BB0000
|
| Size: |
4096
|
|
|
6E36000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.0000000006E36000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6E36000
|
| Size: |
4096
|
|
|
2C1F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1260059108.0000000002C1F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C1F000
|
| Size: |
24576
|
|
|
7EF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2485150390.0000000007EF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7EF0000
|
| Size: |
16384
|
|
|
6CD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477510339.0000000006CD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6CD0000
|
| Size: |
49152
|
|
|
DD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1259322724.0000000000DD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
DD0000
|
| Size: |
8192
|
|
|
4D20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1316172488.0000000004D20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4D20000
|
| Size: |
4096
|
|
|
D9D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1311122696.0000000000D9D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
D9D000
|
| Size: |
4096
|
|
|
83D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1236511808.000000000083D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
83D000
|
| Size: |
12288
|
|
|
5070000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1262769359.0000000005070000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5070000
|
| Size: |
4096
|
|
|
9390000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2486693452.0000000009390000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
9390000
|
| Size: |
53248
|
|
|
6E3E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.0000000006E3E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6E3E000
|
| Size: |
4096
|
|
|
7004000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.0000000007004000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7004000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| SQL strings found in memory and binary data |
System Summary |
|
|
|
28C6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1311901401.00000000028C6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
28C6000
|
| Size: |
4173824
|
|
|
80FD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2483834355.00000000080FD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
80FD000
|
| Size: |
12288
|
|
|
70E8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.00000000070E8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
70E8000
|
| Size: |
12288
|
|
|
6AC5000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.2477363917.0000000006AC5000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6AC5000
|
| Size: |
4096
|
|
|
8072000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2485150390.0000000008072000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8072000
|
| Size: |
4096
|
|
|
516D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2476630538.000000000516D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
516D000
|
| Size: |
8192
|
|
|
7EC3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2485150390.0000000007EC3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7EC3000
|
| Size: |
4096
|
|
|
701D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.000000000701D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
701D000
|
| Size: |
4096
|
|
|
B56D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1266513756.000000000B56D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B56D000
|
| Size: |
12288
|
|
|
4C66000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1315233407.0000000004C66000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4C66000
|
| Size: |
16384
|
|
|
987E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2487288637.000000000987E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
987E000
|
| Size: |
8192
|
|
|
9544000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2486804989.0000000009544000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
9544000
|
| Size: |
4096
|
|
|
4D00000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2473468952.0000000004D00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D00000
|
| Size: |
24576
|
|
|
7F01000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2483834355.0000000007F01000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7F01000
|
| Size: |
4096
|
|
|
4D10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2473375711.0000000004D10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4D10000
|
| Size: |
8192
|
|
|
70F7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.00000000070F7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
70F7000
|
| Size: |
12288
|
|
|
DC3000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1259263168.0000000000DC3000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
DC3000
|
| Size: |
4096
|
|
|
E2A000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1311734851.0000000000E2A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E2A000
|
| Size: |
20480
|
|
|
B92E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1266642092.000000000B92E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B92E000
|
| Size: |
8192
|
|
|
A6DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2488648702.000000000A6DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A6DE000
|
| Size: |
8192
|
|
|
6FBC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000006FBC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6FBC000
|
| Size: |
4096
|
|
|
59C3000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1317024609.00000000059C3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
59C3000
|
| Size: |
4096
|
|
|
7095000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000007095000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7095000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| SQL strings found in memory and binary data |
System Summary |
|
|
|
DA2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1311185213.0000000000DA2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
DA2000
|
| Size: |
4096
|
|
|
5DF0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1265341465.0000000005DF0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5DF0000
|
| Size: |
4096
|
|
|
A7F0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.2488836599.000000000A7F0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
A7F0000
|
| Size: |
8192
|
|
|
B8EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1266622893.000000000B8EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B8EE000
|
| Size: |
8192
|
|
|
50E4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2476733910.00000000050E4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
50E4000
|
| Size: |
8192
|
|
|
7F9F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2485150390.0000000007F9F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7F9F000
|
| Size: |
4096
|
|
|
9266000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2486048634.0000000009266000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
9266000
|
| Size: |
16384
|
|
|
2718000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1311840253.0000000002718000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2718000
|
| Size: |
4096
|
|
|
6CC8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478194370.0000000006CC8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6CC8000
|
| Size: |
4096
|
|
|
4C6D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1315233407.0000000004C6D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4C6D000
|
| Size: |
16384
|
|
|
5102000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2476985422.0000000005102000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5102000
|
| Size: |
4096
|
|
|
563A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1264468923.000000000563A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
563A000
|
| Size: |
389120
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
|
|
4C61000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1315233407.0000000004C61000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4C61000
|
| Size: |
16384
|
|
|
3FE9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1314245013.0000000003FE9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3FE9000
|
| Size: |
188416
|
|
|
5BA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1317485504.0000000005BA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5BA0000
|
| Size: |
4096
|
|
|
A907000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2489786831.000000000A907000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A907000
|
| Size: |
36864
|
|
|
A770000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.2491137603.000000000A770000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
A770000
|
| Size: |
65536
|
|
|
6F8B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000006F8B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6F8B000
|
| Size: |
4096
|
|
|
6EB9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000006EB9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6EB9000
|
| Size: |
8192
|
|
|
546B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1263610414.000000000546B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
546B000
|
| Size: |
20480
|
|
|
6F70000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1265546789.0000000006F70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6F70000
|
| Size: |
77824
|
|
|
91DE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2487170816.00000000091DE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
91DE000
|
| Size: |
45056
|
|
|
7165000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000007165000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7165000
|
| Size: |
4096
|
|
|
A4DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2488443340.000000000A4DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A4DE000
|
| Size: |
8192
|
|
|
6FC2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000006FC2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6FC2000
|
| Size: |
12288
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
55D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1264349960.00000000055D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55D0000
|
| Size: |
32768
|
|
|
6D70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478404050.0000000006D70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6D70000
|
| Size: |
65536
|
|
|
B62E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1319510466.000000000B62E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B62E000
|
| Size: |
8192
|
|
|
506B000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.2474110852.000000000506B000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
506B000
|
| Size: |
4096
|
|
|
A17D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2488869580.000000000A17D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A17D000
|
| Size: |
12288
|
|
|
933D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2486618443.000000000933D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
933D000
|
| Size: |
12288
|
|
|
A7C0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.2491512009.000000000A7C0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
A7C0000
|
| Size: |
65536
|
|
|
590000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1310089043.0000000000590000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
590000
|
| Size: |
4096
|
|
|
5340000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477019249.0000000005340000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5340000
|
| Size: |
65536
|
|
|
4349000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1260947515.0000000004349000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4349000
|
| Size: |
188416
|
|
|
94DD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2488274138.00000000094DD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
94DD000
|
| Size: |
12288
|
|
|
5250000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1316894272.0000000005250000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5250000
|
| Size: |
65536
|
|
|
5A33000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1317159540.0000000005A33000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5A33000
|
| Size: |
155648
|
|
|
4FE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1261851807.0000000004FE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4FE0000
|
| Size: |
65536
|
|
|
6E0D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.0000000006E0D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6E0D000
|
| Size: |
24576
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
DDD000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1259359733.0000000000DDD000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
DDD000
|
| Size: |
4096
|
|
|
5270000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1262997598.0000000005270000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5270000
|
| Size: |
65536
|
|
|
80C9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2485150390.00000000080C9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
80C9000
|
| Size: |
4096
|
|
|
50D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2476650108.00000000050D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
50D0000
|
| Size: |
8192
|
|
|
926D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2486048634.000000000926D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
926D000
|
| Size: |
69632
|
|
|
1070000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1259842219.0000000001070000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1070000
|
| Size: |
16384
|
|
|
BCAC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1266707738.000000000BCAC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
BCAC000
|
| Size: |
16384
|
|
|
52E0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1263552887.00000000052E0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
52E0000
|
| Size: |
4096
|
|
|
5040000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2473690608.0000000005040000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5040000
|
| Size: |
45056
|
|
|
7F91000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2483834355.0000000007F91000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7F91000
|
| Size: |
4096
|
|
|
DE2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1259399178.0000000000DE2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
DE2000
|
| Size: |
4096
|
|
|
A970000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2490231422.000000000A970000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A970000
|
| Size: |
4096
|
|
|
80F3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2483834355.00000000080F3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
80F3000
|
| Size: |
8192
|
|
|
806B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2485150390.000000000806B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
806B000
|
| Size: |
4096
|
|
|
5480000
|
trusted library section
|
page readonly
|
|
|
|
| Name: |
00000000.00000002.1263669773.0000000005480000.00000002.08000000.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page readonly
|
| Base address: |
5480000
|
| Size: |
61440
|
|
|
A07F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2488813497.000000000A07F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A07F000
|
| Size: |
4096
|
|
|
6CD0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1317737704.0000000006CD0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6CD0000
|
| Size: |
65536
|
|
|
7FA7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2483834355.0000000007FA7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FA7000
|
| Size: |
12288
|
|
|
AE2000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1310363208.0000000000AE2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AE2000
|
| Size: |
249856
|
|
|
8039000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2483834355.0000000008039000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8039000
|
| Size: |
12288
|
|
|
4FCD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1261630204.0000000004FCD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4FCD000
|
| Size: |
16384
|
|
|
A8A6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2489449390.000000000A8A6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A8A6000
|
| Size: |
4096
|
|
|
E10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1259523933.0000000000E10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
E10000
|
| Size: |
4096
|
|
|
70FD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.00000000070FD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
70FD000
|
| Size: |
98304
|
|
|
929D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2488073634.000000000929D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
929D000
|
| Size: |
12288
|
|
|
4D1D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.2473554404.0000000004D1D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D1D000
|
| Size: |
4096
|
|
|
81CA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2485150390.00000000081CA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
81CA000
|
| Size: |
8192
|
|
|
6B70000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.2477756955.0000000006B70000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6B70000
|
| Size: |
65536
|
|
|
6E42000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.0000000006E42000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6E42000
|
| Size: |
4096
|
|
|
8066000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2485150390.0000000008066000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8066000
|
| Size: |
4096
|
|
|
52CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2476765861.00000000052CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
52CE000
|
| Size: |
8192
|
|
|
983E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2487249460.000000000983E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
983E000
|
| Size: |
8192
|
|
|
97CA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2488607340.00000000097CA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
97CA000
|
| Size: |
24576
|
|
|
1230000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1259942236.0000000001230000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1230000
|
| Size: |
4096
|
|
|
A800000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.2488875633.000000000A800000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
A800000
|
| Size: |
65536
|
|
|
59A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1317024609.00000000059A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
59A0000
|
| Size: |
4096
|
|
|
4DBD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2473468952.0000000004DBD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DBD000
|
| Size: |
4096
|
|
|
70FB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.00000000070FB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
70FB000
|
| Size: |
135168
|
|
|
6E09000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.0000000006E09000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6E09000
|
| Size: |
4096
|
|
|
9261000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2486048634.0000000009261000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
9261000
|
| Size: |
16384
|
|
|
A74D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2490857161.000000000A74D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A74D000
|
| Size: |
12288
|
|
|
7F5F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2483834355.0000000007F5F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7F5F000
|
| Size: |
20480
|
|
|
704D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.000000000704D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
704D000
|
| Size: |
16384
|
|
|
6AC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2477246037.0000000006AC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6AC0000
|
| Size: |
4096
|
|
|
E00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1311607138.0000000000E00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
E00000
|
| Size: |
65536
|
|
|
6E74000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000006E74000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6E74000
|
| Size: |
4096
|
|
|
599E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1317000674.000000000599E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
599E000
|
| Size: |
8192
|
|
|
6E46000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.0000000006E46000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6E46000
|
| Size: |
4096
|
|
|
4FB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1316596412.0000000004FB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4FB0000
|
| Size: |
28672
|
|
|
DFB000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1259504173.0000000000DFB000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
DFB000
|
| Size: |
4096
|
|
|
BEAE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1266752497.000000000BEAE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
BEAE000
|
| Size: |
8192
|
|
|
91E000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1236638134.000000000091E000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
91E000
|
| Size: |
8192
|
|
|
54C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1264233820.00000000054C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
54C0000
|
| Size: |
12288
|
|
|
954A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2486804989.000000000954A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
954A000
|
| Size: |
24576
|
|
|
6E5E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000006E5E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6E5E000
|
| Size: |
40960
|
|
|
949E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2488236784.000000000949E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
949E000
|
| Size: |
8192
|
|
|
2D8B000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1275015630.0000000002D8B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2D8B000
|
| Size: |
86016
|
|
|
4F20000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1316514806.0000000004F20000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
4F20000
|
| Size: |
4096
|
|
|
105E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1259803393.000000000105E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
105E000
|
| Size: |
8192
|
|
|
4C44000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1315233407.0000000004C44000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4C44000
|
| Size: |
16384
|
|
|
89A000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1258064384.000000000089A000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
89A000
|
| Size: |
24576
|
|
|
50E3000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.2476707803.00000000050E3000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
50E3000
|
| Size: |
4096
|
|
|
5F5000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1310189741.00000000005F5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F5000
|
| Size: |
16384
|
|
|
5632000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1264468923.0000000005632000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5632000
|
| Size: |
28672
|
|
|
8F7000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1310247555.00000000008F7000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8F7000
|
| Size: |
36864
|
|
|
47FB000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1315178757.00000000047FB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47FB000
|
| Size: |
20480
|
|
|
80B2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2485150390.00000000080B2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
80B2000
|
| Size: |
4096
|
|
|
2BCF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1260059108.0000000002BCF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2BCF000
|
| Size: |
315392
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.2472687635.0000000000402000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
402000
|
| Size: |
4096
|
|
|
9546000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2486804989.0000000009546000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
9546000
|
| Size: |
8192
|
|
|
8083000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2485150390.0000000008083000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8083000
|
| Size: |
8192
|
|
|
505A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.2473938990.000000000505A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
505A000
|
| Size: |
8192
|
|
|
6FF2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000006FF2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6FF2000
|
| Size: |
61440
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
D5E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1259166277.0000000000D5E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
D5E000
|
| Size: |
8192
|
|
|
803D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2483834355.000000000803D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
803D000
|
| Size: |
12288
|
|
|
2D70000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1274996119.0000000002D70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2D70000
|
| Size: |
16384
|
|
|
A10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1310337538.0000000000A10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A10000
|
| Size: |
8192
|
|
|
6E05000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.0000000006E05000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6E05000
|
| Size: |
4096
|
|
|
A330000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2489036861.000000000A330000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A330000
|
| Size: |
90112
|
|
|
7E29000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2483834355.0000000007E29000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7E29000
|
| Size: |
188416
|
|
|
6E32000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.0000000006E32000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6E32000
|
| Size: |
4096
|
|
|
37C9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1314245013.00000000037C9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37C9000
|
| Size: |
4096
|
|
|
80CF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2483834355.00000000080CF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
80CF000
|
| Size: |
8192
|
|
|
6F87000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000006F87000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6F87000
|
| Size: |
4096
|
|
|
6BB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1317513630.0000000006BB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6BB0000
|
| Size: |
77824
|
|
|
A8D4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2489486620.000000000A8D4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A8D4000
|
| Size: |
36864
|
|
|
A3CF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2487763978.000000000A3CF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A3CF000
|
| Size: |
102400
|
|
|
8B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1236590770.00000000008B0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8B0000
|
| Size: |
4096
|
|
|
B66E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1319535226.000000000B66E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B66E000
|
| Size: |
8192
|
|
|
7160000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000007160000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7160000
|
| Size: |
8192
|
|
|
A8E0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.2492437488.000000000A8E0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
A8E0000
|
| Size: |
45056
|
|
|
A0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1310309665.0000000000A0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A0E000
|
| Size: |
8192
|
|
|
6BC4000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1317513630.0000000006BC4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6BC4000
|
| Size: |
4096
|
|
|
DA6000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1311242132.0000000000DA6000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
DA6000
|
| Size: |
8192
|
|
|
A790000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.2491278621.000000000A790000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
A790000
|
| Size: |
65536
|
|
|
4D20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2473589761.0000000004D20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D20000
|
| Size: |
16384
|
|
|
5000000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1262264406.0000000005000000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5000000
|
| Size: |
16384
|
|
|
F1A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1259543399.0000000000F1A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F1A000
|
| Size: |
20480
|
|
|
6B80000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2477931512.0000000006B80000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B80000
|
| Size: |
4096
|
|
|
700A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.000000000700A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
700A000
|
| Size: |
4096
|
|
|
D10000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1259077753.0000000000D10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D10000
|
| Size: |
16384
|
|
|
925A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2486048634.000000000925A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
925A000
|
| Size: |
4096
|
|
|
9F7F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2488774504.0000000009F7F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9F7F000
|
| Size: |
4096
|
|
|
70AE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.00000000070AE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
70AE000
|
| Size: |
8192
|
|
|
B2EC000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1319253251.000000000B2EC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B2EC000
|
| Size: |
16384
|
|
|
A884000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2491883613.000000000A884000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A884000
|
| Size: |
36864
|
|
|
D83000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1310989388.0000000000D83000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
D83000
|
| Size: |
4096
|
|
|
F11000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1259543399.0000000000F11000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F11000
|
| Size: |
32768
|
|
|
56D0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1264702599.00000000056D0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
56D0000
|
| Size: |
65536
|
|
|
92F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2486544007.00000000092F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
92F0000
|
| Size: |
4096
|
|
|
A2BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2488984526.000000000A2BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A2BE000
|
| Size: |
8192
|
|
|
4D10000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1316106604.0000000004D10000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D10000
|
| Size: |
65536
|
|
|
5490000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1263701985.0000000005490000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5490000
|
| Size: |
4096
|
|
|
5056000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.2473886150.0000000005056000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5056000
|
| Size: |
8192
|
|
|
97AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2488489632.00000000097AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
97AE000
|
| Size: |
8192
|
|
|
70B5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.00000000070B5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
70B5000
|
| Size: |
4096
|
|
|
6FA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.0000000006FA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6FA0000
|
| Size: |
307200
|
|
|
59F9000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1317159540.00000000059F9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
59F9000
|
| Size: |
28672
|
|
|
6DE2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.0000000006DE2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6DE2000
|
| Size: |
28672
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
80F6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2485150390.00000000080F6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
80F6000
|
| Size: |
16384
|
|
|
48FD000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1315209619.00000000048FD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
48FD000
|
| Size: |
12288
|
|
|
771E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1265867843.000000000771E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
771E000
|
| Size: |
8192
|
|
|
270E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1311818163.000000000270E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
270E000
|
| Size: |
8192
|
|
|
5040000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1262477356.0000000005040000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5040000
|
| Size: |
65536
|
|
|
91DB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2487170816.00000000091DB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
91DB000
|
| Size: |
8192
|
|
|
A322000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2489036861.000000000A322000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A322000
|
| Size: |
4096
|
|
|
6CB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1317593748.0000000006CB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6CB0000
|
| Size: |
57344
|
|
|
97BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2487209191.00000000097BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
97BF000
|
| Size: |
4096
|
|
|
5E00000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1265341465.0000000005E00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5E00000
|
| Size: |
65536
|
|
|
E14000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1311648628.0000000000E14000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
E14000
|
| Size: |
4096
|
|
|
6EAD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000006EAD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6EAD000
|
| Size: |
8192
|
|
|
A8E2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2489557084.000000000A8E2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A8E2000
|
| Size: |
8192
|
|
|
5D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1310150433.00000000005D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5D0000
|
| Size: |
16384
|
|
|
A73F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2490827402.000000000A73F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A73F000
|
| Size: |
4096
|
|
|
DAA000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1311271745.0000000000DAA000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
DAA000
|
| Size: |
4096
|
|
|
E63000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1259543399.0000000000E63000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E63000
|
| Size: |
4096
|
|
|
4C5D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1261610979.0000000004C5D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4C5D000
|
| Size: |
12288
|
|
|
8059000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2483834355.0000000008059000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8059000
|
| Size: |
4096
|
|
|
A8D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2492363586.000000000A8D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A8D0000
|
| Size: |
32768
|
|
|
70BA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.00000000070BA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
70BA000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| SQL strings found in memory and binary data |
System Summary |
|
|
|
713E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1318039034.000000000713E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
713E000
|
| Size: |
8192
|
|
|
59B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1317024609.00000000059B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
59B0000
|
| Size: |
32768
|
|
|
A2E000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1310363208.0000000000A2E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A2E000
|
| Size: |
147456
|
|
|
A7E0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.2488743668.000000000A7E0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
A7E0000
|
| Size: |
65536
|
|
|
8086000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2483834355.0000000008086000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8086000
|
| Size: |
8192
|
|
|
DCD000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1259307059.0000000000DCD000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
DCD000
|
| Size: |
4096
|
|
|
7026000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.0000000007026000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7026000
|
| Size: |
114688
|
|
|
B770000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1319580052.000000000B770000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
B770000
|
| Size: |
4096
|
|
|
7E9D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2483834355.0000000007E9D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7E9D000
|
| Size: |
12288
|
|
|
52C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1263518198.00000000052C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
52C0000
|
| Size: |
65536
|
|
|
4FC6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1261630204.0000000004FC6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4FC6000
|
| Size: |
16384
|
|
|
A2C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2489036861.000000000A2C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A2C0000
|
| Size: |
196608
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
50C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1316742918.00000000050C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
50C0000
|
| Size: |
12288
|
|
|
A65E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2488578470.000000000A65E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A65E000
|
| Size: |
8192
|
|
|
4FBE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1261630204.0000000004FBE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4FBE000
|
| Size: |
8192
|
|
|
50B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1316721610.00000000050B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
50B0000
|
| Size: |
4096
|
|
|
DC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1259239113.0000000000DC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
DC0000
|
| Size: |
8192
|
|
|
2B6A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1260059108.0000000002B6A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B6A000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
| URLs found in memory or binary data |
Networking |
|
|
|
280A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1311901401.000000000280A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
280A000
|
| Size: |
16384
|
|
|
9880000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2487326929.0000000009880000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
9880000
|
| Size: |
65536
|
|
|
A35E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2487730223.000000000A35E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A35E000
|
| Size: |
8192
|
|
|
DB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1259213840.0000000000DB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
DB0000
|
| Size: |
8192
|
|
|
59BF000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1317024609.00000000059BF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
59BF000
|
| Size: |
4096
|
|
|
752000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1216161650.0000000000752000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
752000
|
| Size: |
753664
|
|
|
5AA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1317405413.0000000005AA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5AA0000
|
| Size: |
4096
|
|
|
AF0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1319149718.000000000AF0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
AF0E000
|
| Size: |
8192
|
|
|
ACCD000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1319076190.000000000ACCD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
ACCD000
|
| Size: |
12288
|
|
|
524E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1316865162.000000000524E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
524E000
|
| Size: |
8192
|
|
|
C1F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1310854574.0000000000C1F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C1F000
|
| Size: |
4096
|
|
|
92F3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2486544007.00000000092F3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
92F3000
|
| Size: |
8192
|
|
|
7FE9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2485150390.0000000007FE9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FE9000
|
| Size: |
4096
|
|
|
716A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.000000000716A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
716A000
|
| Size: |
12288
|
|
|
6E52000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000006E52000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6E52000
|
| Size: |
28672
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
A810000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.2488998474.000000000A810000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
A810000
|
| Size: |
65536
|
|
|
7090000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000007090000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7090000
|
| Size: |
4096
|
|
|
7014000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.0000000007014000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7014000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| SQL strings found in memory and binary data |
System Summary |
|
|
|
2EBF000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1275059515.0000000002EBF000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
2EBF000
|
| Size: |
4096
|
|
|
7FFF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2485150390.0000000007FFF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFF000
|
| Size: |
12288
|
|
|
7130000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000007130000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7130000
|
| Size: |
4096
|
|
|
2D80000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1275015630.0000000002D80000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2D80000
|
| Size: |
32768
|
|
|
A69E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2488611746.000000000A69E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A69E000
|
| Size: |
8192
|
|
|
4CF0000
|
heap
|
page readonly
|
|
|
|
| Name: |
00000011.00000002.2473401478.0000000004CF0000.00000002.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page readonly
|
| Base address: |
4CF0000
|
| Size: |
4096
|
|
|
97B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2488533273.00000000097B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
97B0000
|
| Size: |
32768
|
|
|
7550000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1265662605.0000000007550000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
7550000
|
| Size: |
557056
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
|
|
5092000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1262822742.0000000005092000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5092000
|
| Size: |
57344
|
|
|
E2E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1259543399.0000000000E2E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E2E000
|
| Size: |
98304
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
|
|
700F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.000000000700F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
700F000
|
| Size: |
28672
|
|
|
510A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.2477115112.000000000510A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
510A000
|
| Size: |
8192
|
|
|
70B7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.00000000070B7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
70B7000
|
| Size: |
4096
|
|
|
59D3000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1317024609.00000000059D3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
59D3000
|
| Size: |
12288
|
|
|
81F8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2483834355.00000000081F8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
81F8000
|
| Size: |
16384
|
|
|
5050000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2473798605.0000000005050000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5050000
|
| Size: |
4096
|
|
|
79EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1265992696.00000000079EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
79EE000
|
| Size: |
8192
|
|
|
820B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2483834355.000000000820B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
820B000
|
| Size: |
4096
|
|
|
B570000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1266532035.000000000B570000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B570000
|
| Size: |
4096
|
|
|
9210000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2487818359.0000000009210000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9210000
|
| Size: |
4096
|
|
|
B46F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1266490905.000000000B46F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B46F000
|
| Size: |
4096
|
|
|
6BA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478012102.0000000006BA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6BA0000
|
| Size: |
65536
|
|
|
A8F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2489709239.000000000A8F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A8F0000
|
| Size: |
40960
|
|
|
54A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1264099764.00000000054A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
54A0000
|
| Size: |
65536
|
|
|
6CC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477415541.0000000006CC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6CC0000
|
| Size: |
65536
|
|
|
A820000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2489085841.000000000A820000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A820000
|
| Size: |
12288
|
|
|
A748000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2490857161.000000000A748000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A748000
|
| Size: |
16384
|
|
|
9213000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2487818359.0000000009213000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9213000
|
| Size: |
8192
|
|
|
6E4A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.0000000006E4A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6E4A000
|
| Size: |
4096
|
|
|
A63E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2490789546.000000000A63E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A63E000
|
| Size: |
8192
|
|
|
6EB5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000006EB5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6EB5000
|
| Size: |
8192
|
|
|
C5E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1310881251.0000000000C5E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C5E000
|
| Size: |
8192
|
|
|
937E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2486658142.000000000937E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
937E000
|
| Size: |
8192
|
|
|
5100000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1316816678.0000000005100000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5100000
|
| Size: |
8192
|
|
|
A890000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2491949539.000000000A890000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A890000
|
| Size: |
4096
|
|
|
5370000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1263571481.0000000005370000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
5370000
|
| Size: |
69632
|
|
|
907000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2473077026.0000000000907000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
907000
|
| Size: |
36864
|
|
|
4C5E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1315233407.0000000004C5E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4C5E000
|
| Size: |
8192
|
|
|
A43E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2490536541.000000000A43E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A43E000
|
| Size: |
8192
|
|
|
2D60000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1274978778.0000000002D60000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2D60000
|
| Size: |
4096
|
|
|
6ACB000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.2477484508.0000000006ACB000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6ACB000
|
| Size: |
4096
|
|
|
4CD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1316022764.0000000004CD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4CD0000
|
| Size: |
65536
|
|
|
AF4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1319174051.000000000AF4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
AF4E000
|
| Size: |
8192
|
|
|
9440000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2486765162.0000000009440000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9440000
|
| Size: |
4096
|
|
|
6EA9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000006EA9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6EA9000
|
| Size: |
8192
|
|
|
5A0F000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1317159540.0000000005A0F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5A0F000
|
| Size: |
69632
|
|
|
2C0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1236740879.0000000002C0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2C0E000
|
| Size: |
8192
|
|
|
2D5E000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1274961297.0000000002D5E000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
2D5E000
|
| Size: |
8192
|
|
|
A2F1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2489036861.000000000A2F1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A2F1000
|
| Size: |
4096
|
|
|
4D14000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2473492192.0000000004D14000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4D14000
|
| Size: |
8192
|
|
|
8099000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2485150390.0000000008099000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8099000
|
| Size: |
4096
|
|
|
80BD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2485150390.00000000080BD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
80BD000
|
| Size: |
4096
|
|
|
4EF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1316402119.0000000004EF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4EF0000
|
| Size: |
65536
|
|
|
997000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1258729970.0000000000997000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
997000
|
| Size: |
36864
|
|
|
6EB1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000006EB1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6EB1000
|
| Size: |
8192
|
|
|
7077000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000007077000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7077000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| SQL strings found in memory and binary data |
System Summary |
|
|
|
5143000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1262871754.0000000005143000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5143000
|
| Size: |
8192
|
|
|
4D22000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1316172488.0000000004D22000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4D22000
|
| Size: |
57344
|
|
|
B04E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1319198053.000000000B04E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B04E000
|
| Size: |
8192
|
|
|
4C50000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2473052505.0000000004C50000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4C50000
|
| Size: |
4096
|
|
|
5138000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2474149588.0000000005138000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5138000
|
| Size: |
4096
|
|
|
A8E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2489557084.000000000A8E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A8E0000
|
| Size: |
4096
|
|
|
A51E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2488491730.000000000A51E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A51E000
|
| Size: |
8192
|
|
|
796E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1265919347.000000000796E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
796E000
|
| Size: |
8192
|
|
|
715B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.000000000715B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
715B000
|
| Size: |
12288
|
|
|
91EA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2487170816.00000000091EA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
91EA000
|
| Size: |
4096
|
|
|
BA2E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1266663595.000000000BA2E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
BA2E000
|
| Size: |
8192
|
|
|
520E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1316841133.000000000520E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
520E000
|
| Size: |
8192
|
|
|
A8A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2492049935.000000000A8A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A8A0000
|
| Size: |
40960
|
|
|
5F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1310189741.00000000005F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F0000
|
| Size: |
16384
|
|
|
1060000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1259825258.0000000001060000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
1060000
|
| Size: |
4096
|
|
|
DE6000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1259418511.0000000000DE6000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
DE6000
|
| Size: |
8192
|
|
|
A8C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2492280781.000000000A8C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A8C0000
|
| Size: |
40960
|
|
|
94D000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1274835713.000000000094D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
94D000
|
| Size: |
12288
|
|
|
8060000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2485150390.0000000008060000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8060000
|
| Size: |
8192
|
|
|
4FA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1316538387.0000000004FA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4FA0000
|
| Size: |
65536
|
|
|
260E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1311792456.000000000260E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
260E000
|
| Size: |
8192
|
|
|
27C1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1311901401.00000000027C1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
27C1000
|
| Size: |
286720
|
|
|
6F13000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.0000000006F13000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6F13000
|
| Size: |
12288
|
|
|
70B6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.00000000070B6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
70B6000
|
| Size: |
4096
|
|
|
B2F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1319282989.000000000B2F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B2F0000
|
| Size: |
184320
|
|
|
C00000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1258922953.0000000000C00000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C00000
|
| Size: |
4096
|
|
|
4C90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1315685071.0000000004C90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4C90000
|
| Size: |
16384
|
|
|
980000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2473330426.0000000000980000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
980000
|
| Size: |
4096
|
|
|
D93000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1311088531.0000000000D93000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
D93000
|
| Size: |
12288
|
|
|
D90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1311060722.0000000000D90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
D90000
|
| Size: |
8192
|
|
|
9360000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2488176147.0000000009360000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9360000
|
| Size: |
4096
|
|
|
E65000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1259543399.0000000000E65000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E65000
|
| Size: |
172032
|
|
|
A7A0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.2491379063.000000000A7A0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
A7A0000
|
| Size: |
8192
|
|
|
81C6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2485150390.00000000081C6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
81C6000
|
| Size: |
8192
|
|
|
28C1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1311901401.00000000028C1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
28C1000
|
| Size: |
16384
|
|
|
6F91000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2477667134.0000000006F91000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6F91000
|
| Size: |
12288
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
CE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1258956220.0000000000CE0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
CE0000
|
| Size: |
8192
|
|
|
6F53000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.0000000006F53000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6F53000
|
| Size: |
12288
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
530C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2476799731.000000000530C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
530C000
|
| Size: |
16384
|
|
|
6DCE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1317865258.0000000006DCE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6DCE000
|
| Size: |
8192
|
|
|
91EE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2487170816.00000000091EE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
91EE000
|
| Size: |
4096
|
|
|
812C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2483834355.000000000812C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
812C000
|
| Size: |
8192
|
|
|
DBB000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1311480136.0000000000DBB000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
DBB000
|
| Size: |
4096
|
|
|
DEA000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1259438053.0000000000DEA000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
DEA000
|
| Size: |
4096
|
|
|
101E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1259782889.000000000101E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
101E000
|
| Size: |
8192
|
|
|
4D33000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1316282595.0000000004D33000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D33000
|
| Size: |
8192
|
|
|
8108000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2483834355.0000000008108000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8108000
|
| Size: |
8192
|
|
|
7F38000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2485150390.0000000007F38000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7F38000
|
| Size: |
8192
|
|
|
8239000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2483834355.0000000008239000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8239000
|
| Size: |
12288
|
|
|
A830000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2491693981.000000000A830000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A830000
|
| Size: |
65536
|
|
|
D15000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1259077753.0000000000D15000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D15000
|
| Size: |
12288
|
|
|
9550000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2486928622.0000000009550000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
9550000
|
| Size: |
49152
|
|
|
3B21000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1260947515.0000000003B21000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B21000
|
| Size: |
28672
|
|
|
52A000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1309936117.000000000052A000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
52A000
|
| Size: |
24576
|
|
|
4C80000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1315608043.0000000004C80000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4C80000
|
| Size: |
65536
|
|
|
6D64000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478247315.0000000006D64000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6D64000
|
| Size: |
4096
|
|
|
85A000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2472931242.000000000085A000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
85A000
|
| Size: |
24576
|
|
|
2A90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1236660616.0000000002A90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A90000
|
| Size: |
32768
|
|
|
55CD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1264326333.00000000055CD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
55CD000
|
| Size: |
12288
|
|
|
806E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2483834355.000000000806E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
806E000
|
| Size: |
16384
|
|
|
6CF0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.2477574261.0000000006CF0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
6CF0000
|
| Size: |
4096
|
|
|
4CAE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2473148617.0000000004CAE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4CAE000
|
| Size: |
8192
|
|
|
7DFD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2485150390.0000000007DFD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7DFD000
|
| Size: |
4096
|
|
|
808E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2485150390.000000000808E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
808E000
|
| Size: |
8192
|
|
|
6D60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478247315.0000000006D60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6D60000
|
| Size: |
4096
|
|
|
A25D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2487682686.000000000A25D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A25D000
|
| Size: |
12288
|
|
|
5310000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2476851294.0000000005310000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5310000
|
| Size: |
4096
|
|
|
A9CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1318996867.000000000A9CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A9CE000
|
| Size: |
8192
|
|
|
E16000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1311648628.0000000000E16000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
E16000
|
| Size: |
40960
|
|
|
A740000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2490857161.000000000A740000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A740000
|
| Size: |
4096
|
|
|
BBAB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1266687324.000000000BBAB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
BBAB000
|
| Size: |
20480
|
|
|
4C4B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1315233407.0000000004C4B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4C4B000
|
| Size: |
69632
|
|
|
7E14000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2485150390.0000000007E14000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7E14000
|
| Size: |
16384
|
|
|
54B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1264179375.00000000054B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
54B0000
|
| Size: |
65536
|
|
|
800F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2483834355.000000000800F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
800F000
|
| Size: |
4096
|
|
|
527E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2476711475.000000000527E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
527E000
|
| Size: |
8192
|
|
|
5E27000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1265341465.0000000005E27000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5E27000
|
| Size: |
4096
|
|
|
DE0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1311532601.0000000000DE0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
DE0000
|
| Size: |
4096
|
|
|
7043000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2478543205.0000000007043000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7043000
|
| Size: |
4096
|
|
|
446000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.2472687635.0000000000446000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
446000
|
| Size: |
4096
|
|
|
6AC2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2477292481.0000000006AC2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6AC2000
|
| Size: |
4096
|
|
|
717E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1318270083.000000000717E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
717E000
|
| Size: |
8192
|
|
|
7EA7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2485150390.0000000007EA7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7EA7000
|
| Size: |
12288
|
|
|
DD3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1259338531.0000000000DD3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
DD3000
|
| Size: |
28672
|
|
|
A746000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2490857161.000000000A746000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A746000
|
| Size: |
4096
|
|
|
7D91000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2485150390.0000000007D91000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7D91000
|
| Size: |
36864
|
|
|
7E91000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2485150390.0000000007E91000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7E91000
|
| Size: |
4096
|
|
|
91FD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2487170816.00000000091FD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
91FD000
|
| Size: |
69632
|
|
|
55ED000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1264349960.00000000055ED000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55ED000
|
| Size: |
8192
|
|
|
D5E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1310912257.0000000000D5E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
D5E000
|
| Size: |
8192
|
|
|
A930000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.2490089789.000000000A930000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
A930000
|
| Size: |
45056
|
|
|
50B5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.2474149588.00000000050B5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
50B5000
|
| Size: |
4096
|
|
