|
4608000
|
trusted library allocation
|
page read and write
|
 |
|
|
| Name: |
00000000.00000002.1647900850.0000000004608000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4608000
|
| Size: |
1343488
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected DarkTortilla Crypter |
Data Obfuscation |
|
| Yara detected Remcos RAT |
AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara signature match |
System Summary |
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1638213541.0000000000400000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
400000
|
| Size: |
458752
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected Remcos RAT |
AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara signature match |
System Summary |
|
| URLs found in memory or binary data |
Networking |
|
|
|
479C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1647900850.000000000479C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
479C000
|
| Size: |
856064
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected Remcos RAT |
AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara signature match |
System Summary |
|
| Public key (encryption) found |
Cryptography |
|
| URLs found in memory or binary data |
Networking |
|
|
|
5B60000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1650259495.0000000005B60000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
5B60000
|
| Size: |
311296
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected DarkTortilla Crypter |
Data Obfuscation |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
4A45000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1647900850.0000000004A45000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4A45000
|
| Size: |
966656
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Found malware configuration |
AV Detection |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected Remcos RAT |
AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara signature match |
System Summary |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3601000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003601000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3601000
|
| Size: |
1081344
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected DarkTortilla Crypter |
Data Obfuscation |
|
|
|
4870000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1647900850.0000000004870000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4870000
|
| Size: |
1445888
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected Remcos RAT |
AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara signature match |
System Summary |
|
| URLs found in memory or binary data |
Networking |
|
|
|
2E00000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1638691906.0000000002E00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E00000
|
| Size: |
69632
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Remcos RAT |
AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality |
|
|
|
3AC3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003AC3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AC3000
|
| Size: |
4096
|
|
|
53FC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1639208430.00000000053FC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
53FC000
|
| Size: |
16384
|
|
|
372D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.000000000372D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
372D000
|
| Size: |
4096
|
|
|
3AF5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003AF5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AF5000
|
| Size: |
4096
|
|
|
38D9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000038D9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38D9000
|
| Size: |
61440
|
|
|
67E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1923621018.000000000067E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
67E000
|
| Size: |
8192
|
|
|
513E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1639056932.000000000513E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
513E000
|
| Size: |
8192
|
|
|
7D50000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1654614764.0000000007D50000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7D50000
|
| Size: |
4096
|
|
|
39D6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000039D6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39D6000
|
| Size: |
4096
|
|
|
2E36000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1655847806.0000000002E36000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E36000
|
| Size: |
36864
|
|
|
2E0C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1650951225.0000000002E0C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E0C000
|
| Size: |
24576
|
|
|
3921000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003921000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
3560000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638589416.0000000003560000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3560000
|
| Size: |
12288
|
|
|
2DFB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1650559030.0000000002DFB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2DFB000
|
| Size: |
94208
|
|
|
53BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1639181224.00000000053BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
53BF000
|
| Size: |
4096
|
|
|
5EA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1650712142.0000000005EA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5EA0000
|
| Size: |
65536
|
|
|
3938000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003938000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3938000
|
| Size: |
4096
|
|
|
370E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.000000000370E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
370E000
|
| Size: |
4096
|
|
|
37C4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000037C4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37C4000
|
| Size: |
20480
|
|
|
2E54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1656158412.0000000002E54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E54000
|
| Size: |
69632
|
|
|
3A8A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003A8A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A8A000
|
| Size: |
4096
|
|
|
3BC7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003BC7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BC7000
|
| Size: |
4096
|
|
|
B40000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000008.00000002.1658952557.0000000000B40000.00000002.00000001.01000000.0000000A.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
B40000
|
| Size: |
4096
|
|
|
5180000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1658416092.0000000005180000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5180000
|
| Size: |
4096
|
|
|
3BAE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003BAE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BAE000
|
| Size: |
4096
|
|
|
896E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1655209793.000000000896E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
896E000
|
| Size: |
8192
|
|
|
18EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1637925768.00000000018EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
18EE000
|
| Size: |
8192
|
|
|
11E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1636832509.00000000011E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11E0000
|
| Size: |
8192
|
|
|
39BF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000039BF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39BF000
|
| Size: |
57344
|
|
|
39A9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000039A9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39A9000
|
| Size: |
36864
|
|
|
6786000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1651269193.0000000006786000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6786000
|
| Size: |
102400
|
|
|
3710000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003710000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3710000
|
| Size: |
4096
|
|
|
3AD2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003AD2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AD2000
|
| Size: |
12288
|
|
|
16C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1637474339.00000000016C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16C0000
|
| Size: |
4096
|
|
|
557E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1658493541.000000000557E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
557E000
|
| Size: |
8192
|
|
|
7D03000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1654421465.0000000007D03000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7D03000
|
| Size: |
16384
|
|
|
3A05000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003A05000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A05000
|
| Size: |
90112
|
|
|
302D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1658083389.000000000302D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
302D000
|
| Size: |
12288
|
|
|
3210000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1760413651.0000000003210000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3210000
|
| Size: |
20480
|
|
|
11F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1637088466.00000000011F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11F0000
|
| Size: |
16384
|
|
|
2E0B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1656471631.0000000002E0B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E0B000
|
| Size: |
24576
|
|
|
3716000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003716000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3716000
|
| Size: |
49152
|
|
|
3A6B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003A6B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A6B000
|
| Size: |
4096
|
|
|
2EEE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1658024491.0000000002EEE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2EEE000
|
| Size: |
8192
|
|
|
3BCD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003BCD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BCD000
|
| Size: |
4096
|
|
|
3853000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003853000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3853000
|
| Size: |
4096
|
|
|
7FFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1654736382.0000000007FFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7FFE000
|
| Size: |
8192
|
|
|
B4B000
|
unkown
|
page readonly
|
|
|
|
| Name: |
0000000A.00000000.1840890299.0000000000B4B000.00000002.00000001.01000000.0000000A.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
B4B000
|
| Size: |
8192
|
|
|
3A3D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003A3D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A3D000
|
| Size: |
4096
|
|
|
B4B000
|
unkown
|
page readonly
|
|
|
|
| Name: |
0000000E.00000000.1923321859.0000000000B4B000.00000002.00000001.01000000.0000000A.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
B4B000
|
| Size: |
8192
|
|
|
8210000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1654908203.0000000008210000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
8210000
|
| Size: |
65536
|
|
|
503E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1639034333.000000000503E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
503E000
|
| Size: |
8192
|
|
|
373E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.000000000373E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
373E000
|
| Size: |
4096
|
|
|
3B6B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003B6B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B6B000
|
| Size: |
4096
|
|
|
37B5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000037B5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37B5000
|
| Size: |
4096
|
|
|
3855000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003855000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3855000
|
| Size: |
12288
|
|
|
39A4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000039A4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39A4000
|
| Size: |
4096
|
|
|
8352000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1655047395.0000000008352000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8352000
|
| Size: |
32768
|
|
|
39D8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000039D8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39D8000
|
| Size: |
4096
|
|
|
3B0E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003B0E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B0E000
|
| Size: |
4096
|
|
|
3826000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003826000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3826000
|
| Size: |
53248
|
|
|
B41000
|
unkown
|
page execute read
|
|
|
|
| Name: |
0000000E.00000000.1923257341.0000000000B41000.00000020.00000001.01000000.0000000A.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
B41000
|
| Size: |
24576
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
389E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.000000000389E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
389E000
|
| Size: |
12288
|
|
|
2E54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1655351042.0000000002E54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E54000
|
| Size: |
69632
|
|
|
2E36000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1655351042.0000000002E36000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E36000
|
| Size: |
36864
|
|
|
2E22000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1656158412.0000000002E22000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E22000
|
| Size: |
77824
|
|
|
ACE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1638508089.0000000000ACE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
ACE000
|
| Size: |
8192
|
|
|
3BD1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003BD1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BD1000
|
| Size: |
57344
|
|
|
3A8C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003A8C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A8C000
|
| Size: |
4096
|
|
|
FC0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1285474113.0000000000FC0000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
FC0000
|
| Size: |
4096
|
|
|
2E5D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1760047379.0000000002E5D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2E5D000
|
| Size: |
12288
|
|
|
10CC000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1285490825.00000000010CC000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
10CC000
|
| Size: |
20480
|
|
|
396E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.000000000396E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
396E000
|
| Size: |
4096
|
|
|
391B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.000000000391B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
391B000
|
| Size: |
4096
|
|
|
471000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1638213541.0000000000471000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
471000
|
| Size: |
8192
|
|
|
37DD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000037DD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37DD000
|
| Size: |
4096
|
|
|
3B06000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003B06000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B06000
|
| Size: |
4096
|
|
|
38F1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000038F1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38F1000
|
| Size: |
4096
|
|
|
2C02000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1638663911.0000000002C02000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C02000
|
| Size: |
20480
|
|
|
56FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1658579433.00000000056FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
56FE000
|
| Size: |
8192
|
|
|
37B7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000037B7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37B7000
|
| Size: |
40960
|
|
|
2E44000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1657881531.0000000002E44000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E44000
|
| Size: |
61440
|
|
|
2DF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1655548958.0000000002DF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2DF4000
|
| Size: |
4096
|
|
|
5CCE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1650545511.0000000005CCE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5CCE000
|
| Size: |
8192
|
|
|
105A000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1285490825.000000000105A000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
105A000
|
| Size: |
20480
|
|
|
38A2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000038A2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38A2000
|
| Size: |
159744
|
|
|
3926000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003926000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3926000
|
| Size: |
45056
|
|
|
6B9A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1654164341.0000000006B9A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B9A000
|
| Size: |
12288
|
|
|
2F01000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1638895960.0000000002F01000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2F01000
|
| Size: |
16384
|
|
|
B48000
|
unkown
|
page readonly
|
|
|
|
| Name: |
0000000A.00000000.1840821230.0000000000B48000.00000002.00000001.01000000.0000000A.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
B48000
|
| Size: |
8192
|
|
|
1088000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1285490825.0000000001088000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
1088000
|
| Size: |
16384
|
|
|
2DFD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1657708410.0000000002DFD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2DFD000
|
| Size: |
49152
|
|
|
52BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1639142301.00000000052BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
52BE000
|
| Size: |
8192
|
|
|
3B95000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003B95000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B95000
|
| Size: |
4096
|
|
|
16C6000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1637506791.00000000016C6000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
16C6000
|
| Size: |
8192
|
|
|
16FE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1637648816.00000000016FE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16FE000
|
| Size: |
159744
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
|
|
3B12000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003B12000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B12000
|
| Size: |
49152
|
|
|
108D000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1285490825.000000000108D000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
108D000
|
| Size: |
20480
|
|
|
383A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.000000000383A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
383A000
|
| Size: |
4096
|
|
|
3A5C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003A5C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A5C000
|
| Size: |
49152
|
|
|
3836000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003836000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3836000
|
| Size: |
12288
|
|
|
1071000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1285490825.0000000001071000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
1071000
|
| Size: |
40960
|
|
|
54D000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1841988205.000000000054D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
54D000
|
| Size: |
12288
|
|
|
3972000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003972000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3972000
|
| Size: |
65536
|
|
|
531D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1658439536.000000000531D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
531D000
|
| Size: |
12288
|
|
|
7D36000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1654501602.0000000007D36000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7D36000
|
| Size: |
4096
|
|
|
2DB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1657469556.0000000002DB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2DB0000
|
| Size: |
28672
|
|
|
2C60000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1842395243.0000000002C60000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C60000
|
| Size: |
20480
|
|
|
1082000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1285490825.0000000001082000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
1082000
|
| Size: |
20480
|
|
|
35B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638816561.00000000035B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
35B0000
|
| Size: |
65536
|
|
|
C70000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1657439870.0000000000C70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C70000
|
| Size: |
8192
|
|
|
910000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1842171362.0000000000910000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
910000
|
| Size: |
4096
|
|
|
3742000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003742000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3742000
|
| Size: |
4096
|
|
|
377F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.000000000377F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
377F000
|
| Size: |
4096
|
|
|
398E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.000000000398E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
398E000
|
| Size: |
53248
|
|
|
870000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1638403943.0000000000870000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
870000
|
| Size: |
8192
|
|
|
6B1E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1653061028.0000000006B1E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6B1E000
|
| Size: |
8192
|
|
|
97F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1842235708.000000000097F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
97F000
|
| Size: |
4096
|
|
|
37AD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000037AD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37AD000
|
| Size: |
4096
|
|
|
3B04000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003B04000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B04000
|
| Size: |
4096
|
|
|
1043000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1285490825.0000000001043000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
1043000
|
| Size: |
20480
|
|
|
2DF1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1657047702.0000000002DF1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2DF1000
|
| Size: |
8192
|
|
|
2B8C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1638616563.0000000002B8C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2B8C000
|
| Size: |
16384
|
|
|
2E0A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1651127596.0000000002E0A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E0A000
|
| Size: |
8192
|
|
|
B4B000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000009.00000002.1759919450.0000000000B4B000.00000002.00000001.01000000.0000000A.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
B4B000
|
| Size: |
8192
|
|
|
3BCB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003BCB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BCB000
|
| Size: |
4096
|
|
|
3A84000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003A84000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A84000
|
| Size: |
4096
|
|
|
10D2000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1285490825.00000000010D2000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
10D2000
|
| Size: |
102400
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
|
|
2F12000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1638922987.0000000002F12000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2F12000
|
| Size: |
4096
|
|
|
10B3000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1285490825.00000000010B3000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
10B3000
|
| Size: |
28672
|
|
|
2E1A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1650606574.0000000002E1A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E1A000
|
| Size: |
65536
|
|
|
583C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1658652443.000000000583C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
583C000
|
| Size: |
16384
|
|
|
3B7A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003B7A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B7A000
|
| Size: |
4096
|
|
|
B074000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1655512905.000000000B074000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
B074000
|
| Size: |
8192
|
|
|
3970000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003970000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3970000
|
| Size: |
4096
|
|
|
3A8E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003A8E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A8E000
|
| Size: |
4096
|
|
|
39B9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000039B9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39B9000
|
| Size: |
12288
|
|
|
480000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1658842687.0000000000480000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
480000
|
| Size: |
20480
|
|
|
377B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.000000000377B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
377B000
|
| Size: |
4096
|
|
|
312E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1658111283.000000000312E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
312E000
|
| Size: |
8192
|
|
|
6B95000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1654129750.0000000006B95000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B95000
|
| Size: |
4096
|
|
|
2E44000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1656584514.0000000002E44000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E44000
|
| Size: |
61440
|
|
|
2E09000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1655635033.0000000002E09000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E09000
|
| Size: |
180224
|
|
|
2DFD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1650670502.0000000002DFD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2DFD000
|
| Size: |
24576
|
|
|
3A1C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003A1C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A1C000
|
| Size: |
4096
|
|
|
1049000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1285490825.0000000001049000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
1049000
|
| Size: |
16384
|
|
|
3B61000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003B61000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B61000
|
| Size: |
4096
|
|
|
6B73000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1653771277.0000000006B73000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B73000
|
| Size: |
4096
|
|
|
160E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1637206628.000000000160E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
160E000
|
| Size: |
8192
|
|
|
16DB000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1637616743.00000000016DB000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
16DB000
|
| Size: |
4096
|
|
|
3B08000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003B08000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B08000
|
| Size: |
4096
|
|
|
3A3F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003A3F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A3F000
|
| Size: |
4096
|
|
|
3AE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003AE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AE0000
|
| Size: |
49152
|
|
|
66E5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1651016108.00000000066E5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66E5000
|
| Size: |
4096
|
|
|
2E01000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1650792712.0000000002E01000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E01000
|
| Size: |
8192
|
|
|
3443000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638449811.0000000003443000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3443000
|
| Size: |
8192
|
|
|
5ED0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1650771821.0000000005ED0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5ED0000
|
| Size: |
4096
|
|
|
777000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1923730686.0000000000777000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
777000
|
| Size: |
28672
|
|
|
3851000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003851000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3851000
|
| Size: |
4096
|
|
|
3A86000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003A86000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A86000
|
| Size: |
4096
|
|
|
7D1D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1654463397.0000000007D1D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7D1D000
|
| Size: |
12288
|
|
|
11F5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1637088466.00000000011F5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11F5000
|
| Size: |
12288
|
|
|
38EB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000038EB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38EB000
|
| Size: |
12288
|
|
|
1B20000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1638087660.0000000001B20000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
1B20000
|
| Size: |
65536
|
|
|
3A1E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003A1E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A1E000
|
| Size: |
4096
|
|
|
820D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1654840308.000000000820D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
820D000
|
| Size: |
8192
|
|
|
39D2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000039D2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39D2000
|
| Size: |
4096
|
|
|
1093000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1285490825.0000000001093000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
1093000
|
| Size: |
20480
|
|
|
3AEF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003AEF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AEF000
|
| Size: |
20480
|
|
|
37CA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000037CA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37CA000
|
| Size: |
8192
|
|
|
8EB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1657266604.00000000008EB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8EB000
|
| Size: |
20480
|
|
|
393C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.000000000393C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
393C000
|
| Size: |
4096
|
|
|
3B88000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003B88000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B88000
|
| Size: |
49152
|
|
|
30FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1638947687.00000000030FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
30FF000
|
| Size: |
4096
|
|
|
7D42000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1654526110.0000000007D42000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7D42000
|
| Size: |
12288
|
|
|
5F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1658879202.00000000005F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F0000
|
| Size: |
20480
|
|
|
38CA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000038CA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38CA000
|
| Size: |
4096
|
|
|
1680000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1637277056.0000000001680000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1680000
|
| Size: |
8192
|
|
|
2E44000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1655351042.0000000002E44000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E44000
|
| Size: |
61440
|
|
|
8AAE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1655292581.0000000008AAE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8AAE000
|
| Size: |
8192
|
|
|
355D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638567082.000000000355D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
355D000
|
| Size: |
12288
|
|
|
2E17000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1657708410.0000000002E17000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E17000
|
| Size: |
40960
|
|
|
3859000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003859000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3859000
|
| Size: |
4096
|
|
|
2DF5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1655351042.0000000002DF5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2DF5000
|
| Size: |
262144
|
|
|
3781000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003781000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3781000
|
| Size: |
57344
|
|
|
3AED000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003AED000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AED000
|
| Size: |
4096
|
|
|
57FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1658607673.00000000057FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
57FF000
|
| Size: |
4096
|
|
|
9EB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1657300720.00000000009EB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9EB000
|
| Size: |
20480
|
|
|
6B45000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1653250672.0000000006B45000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B45000
|
| Size: |
40960
|
|
|
2E30000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1638770031.0000000002E30000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E30000
|
| Size: |
102400
|
|
|
383E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.000000000383E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
383E000
|
| Size: |
4096
|
|
|
980000
|
heap
|
page readonly
|
|
|
|
| Name: |
00000001.00000002.1638447952.0000000000980000.00000002.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page readonly
|
| Base address: |
980000
|
| Size: |
4096
|
|
|
527E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1639118070.000000000527E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
527E000
|
| Size: |
8192
|
|
|
3889000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003889000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3889000
|
| Size: |
4096
|
|
|
5DC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1638333258.00000000005DC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5DC000
|
| Size: |
16384
|
|
|
39CE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000039CE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39CE000
|
| Size: |
12288
|
|
|
3ABF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003ABF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3ABF000
|
| Size: |
4096
|
|
|
3AB7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003AB7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AB7000
|
| Size: |
4096
|
|
|
3A5A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003A5A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A5A000
|
| Size: |
4096
|
|
|
B40000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000009.00000000.1758822630.0000000000B40000.00000002.00000001.01000000.0000000A.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
B40000
|
| Size: |
4096
|
|
|
567E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1658546505.000000000567E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
567E000
|
| Size: |
8192
|
|
|
16D2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1637561965.00000000016D2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16D2000
|
| Size: |
4096
|
|
|
2E36000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1656584514.0000000002E36000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E36000
|
| Size: |
36864
|
|
|
3AF7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003AF7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AF7000
|
| Size: |
49152
|
|
|
B4B000
|
unkown
|
page readonly
|
|
|
|
| Name: |
0000000E.00000002.1923841119.0000000000B4B000.00000002.00000001.01000000.0000000A.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
B4B000
|
| Size: |
8192
|
|
|
3AD6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003AD6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AD6000
|
| Size: |
4096
|
|
|
2DF0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1655548958.0000000002DF0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2DF0000
|
| Size: |
12288
|
|
|
3BB2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003BB2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BB2000
|
| Size: |
4096
|
|
|
3A41000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003A41000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A41000
|
| Size: |
4096
|
|
|
104E000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1285490825.000000000104E000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
104E000
|
| Size: |
20480
|
|
|
39D4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000039D4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39D4000
|
| Size: |
4096
|
|
|
89AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1655254767.00000000089AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
89AE000
|
| Size: |
8192
|
|
|
106B000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1285490825.000000000106B000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
106B000
|
| Size: |
20480
|
|
|
B41000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000008.00000002.1659016513.0000000000B41000.00000020.00000001.01000000.0000000A.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
B41000
|
| Size: |
24576
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
67A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1651395852.00000000067A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
67A0000
|
| Size: |
45056
|
|
|
8AB0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1655328699.0000000008AB0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
8AB0000
|
| Size: |
65536
|
|
|
2E54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1657881531.0000000002E54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E54000
|
| Size: |
69632
|
|
|
6B8E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1653984343.0000000006B8E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B8E000
|
| Size: |
4096
|
|
|
3440000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638449811.0000000003440000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3440000
|
| Size: |
4096
|
|
|
1054000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1285490825.0000000001054000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
1054000
|
| Size: |
20480
|
|
|
3A88000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003A88000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A88000
|
| Size: |
4096
|
|
|
1B38000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638189972.0000000001B38000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B38000
|
| Size: |
28672
|
|
|
16A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1637409880.00000000016A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16A0000
|
| Size: |
16384
|
|
|
2DE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1656072205.0000000002DE0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2DE0000
|
| Size: |
65536
|
|
|
31AC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1658138109.00000000031AC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
31AC000
|
| Size: |
4096
|
|
|
5F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1842058364.00000000005F0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F0000
|
| Size: |
4096
|
|
|
2E1C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1650979652.0000000002E1C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E1C000
|
| Size: |
57344
|
|
|
6860000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1652726584.0000000006860000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6860000
|
| Size: |
8192
|
|
|
3B21000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003B21000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B21000
|
| Size: |
12288
|
|
|
90E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1842142149.000000000090E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
90E000
|
| Size: |
8192
|
|
|
E44E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1655710222.000000000E44E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E44E000
|
| Size: |
8192
|
|
|
39B5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000039B5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39B5000
|
| Size: |
12288
|
|
|
38CC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000038CC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38CC000
|
| Size: |
4096
|
|
|
7D53000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1654614764.0000000007D53000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7D53000
|
| Size: |
102400
|
|
|
2E54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1655847806.0000000002E54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E54000
|
| Size: |
69632
|
|
|
9CD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1638481951.00000000009CD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9CD000
|
| Size: |
12288
|
|
|
6B20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1653132772.0000000006B20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6B20000
|
| Size: |
61440
|
|
|
515F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1658389423.000000000515F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
515F000
|
| Size: |
4096
|
|
|
2B90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1638645964.0000000002B90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B90000
|
| Size: |
4096
|
|
|
3B80000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003B80000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B80000
|
| Size: |
4096
|
|
|
C35000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1657331245.0000000000C35000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C35000
|
| Size: |
12288
|
|
|
389A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.000000000389A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
389A000
|
| Size: |
4096
|
|
|
3987000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003987000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3987000
|
| Size: |
4096
|
|
|
3A90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003A90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A90000
|
| Size: |
155648
|
|
|
3834000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003834000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3834000
|
| Size: |
4096
|
|
|
1726000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1637648816.0000000001726000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1726000
|
| Size: |
57344
|
|
|
1B30000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638189972.0000000001B30000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B30000
|
| Size: |
24576
|
|
|
2DB8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1657469556.0000000002DB8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2DB8000
|
| Size: |
122880
|
|
|
39E9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000039E9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39E9000
|
| Size: |
4096
|
|
|
E400000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1655655904.000000000E400000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
E400000
|
| Size: |
53248
|
|
|
3740000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003740000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3740000
|
| Size: |
4096
|
|
|
E3F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1655573843.000000000E3F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
E3F0000
|
| Size: |
4096
|
|
|
3932000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003932000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3932000
|
| Size: |
4096
|
|
|
2EF0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1760250249.0000000002EF0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2EF0000
|
| Size: |
4096
|
|
|
6B9F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1654220161.0000000006B9F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B9F000
|
| Size: |
4096
|
|
|
3B65000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003B65000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B65000
|
| Size: |
12288
|
|
|
2E7A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1638869889.0000000002E7A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E7A000
|
| Size: |
16384
|
|
|
3581000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638589416.0000000003581000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3581000
|
| Size: |
16384
|
|
|
3A26000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003A26000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A26000
|
| Size: |
4096
|
|
|
3B51000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003B51000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B51000
|
| Size: |
53248
|
|
|
517E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1639083890.000000000517E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
517E000
|
| Size: |
8192
|
|
|
31A8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1658138109.00000000031A8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
31A8000
|
| Size: |
8192
|
|
|
35F0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1638905702.00000000035F0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
35F0000
|
| Size: |
4096
|
|
|
4B40000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1658215929.0000000004B40000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B40000
|
| Size: |
4096
|
|
|
6B30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1653180877.0000000006B30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6B30000
|
| Size: |
65536
|
|
|
2E22000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1657881531.0000000002E22000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E22000
|
| Size: |
77824
|
|
|
3917000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003917000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3917000
|
| Size: |
4096
|
|
|
7CCD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1654388173.0000000007CCD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7CCD000
|
| Size: |
12288
|
|
|
B48000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000008.00000002.1659086629.0000000000B48000.00000002.00000001.01000000.0000000A.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
B48000
|
| Size: |
8192
|
|
|
5B5E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1650196156.0000000005B5E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5B5E000
|
| Size: |
8192
|
|
|
38CE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000038CE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38CE000
|
| Size: |
4096
|
|
|
35DE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638846946.00000000035DE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
35DE000
|
| Size: |
8192
|
|
|
3989000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003989000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3989000
|
| Size: |
4096
|
|
|
2E10000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1650979652.0000000002E10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E10000
|
| Size: |
8192
|
|
|
3BAC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003BAC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BAC000
|
| Size: |
4096
|
|
|
3866000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003866000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3866000
|
| Size: |
4096
|
|
|
16D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1637543008.00000000016D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16D0000
|
| Size: |
4096
|
|
|
B4B000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000009.00000000.1759023272.0000000000B4B000.00000002.00000001.01000000.0000000A.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
B4B000
|
| Size: |
8192
|
|
|
882E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1655098681.000000000882E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
882E000
|
| Size: |
8192
|
|
|
393E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.000000000393E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
393E000
|
| Size: |
176128
|
|
|
38E9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000038E9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38E9000
|
| Size: |
4096
|
|
|
2DF8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1657678949.0000000002DF8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2DF8000
|
| Size: |
12288
|
|
|
47F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1658797064.000000000047F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47F000
|
| Size: |
4096
|
|
|
B4B000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000008.00000002.1659086629.0000000000B4B000.00000002.00000001.01000000.0000000A.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
B4B000
|
| Size: |
8192
|
|
|
B48000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000009.00000000.1758982978.0000000000B48000.00000002.00000001.01000000.0000000A.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
B48000
|
| Size: |
8192
|
|
|
1021000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1285490825.0000000001021000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
1021000
|
| Size: |
16384
|
|
|
2DD7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1657469556.0000000002DD7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2DD7000
|
| Size: |
36864
|
|
|
B40000
|
unkown
|
page readonly
|
|
|
|
| Name: |
0000000E.00000000.1923195504.0000000000B40000.00000002.00000001.01000000.0000000A.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
B40000
|
| Size: |
4096
|
|
|
3796000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003796000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3796000
|
| Size: |
4096
|
|
|
37E9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000037E9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37E9000
|
| Size: |
40960
|
|
|
3934000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003934000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3934000
|
| Size: |
12288
|
|
|
2E44000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1655847806.0000000002E44000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E44000
|
| Size: |
61440
|
|
|
6B60000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1653720045.0000000006B60000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B60000
|
| Size: |
20480
|
|
|
3AB9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003AB9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AB9000
|
| Size: |
4096
|
|
|
3A28000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003A28000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A28000
|
| Size: |
4096
|
|
|
803E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1654766898.000000000803E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
803E000
|
| Size: |
8192
|
|
|
850000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1638387193.0000000000850000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
850000
|
| Size: |
4096
|
|
|
6A5D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1652930218.0000000006A5D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6A5D000
|
| Size: |
12288
|
|
|
399C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.000000000399C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
399C000
|
| Size: |
4096
|
|
|
6BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1923646212.00000000006BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6BF000
|
| Size: |
4096
|
|
|
164E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1637247715.000000000164E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
164E000
|
| Size: |
8192
|
|
|
19EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1637971023.00000000019EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
19EE000
|
| Size: |
8192
|
|
|
505E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1658353555.000000000505E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
505E000
|
| Size: |
8192
|
|
|
107C000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1285490825.000000000107C000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
107C000
|
| Size: |
20480
|
|
|
B48000
|
unkown
|
page readonly
|
|
|
|
| Name: |
0000000A.00000002.1842326084.0000000000B48000.00000002.00000001.01000000.0000000A.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
B48000
|
| Size: |
8192
|
|
|
2E04000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1650792712.0000000002E04000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E04000
|
| Size: |
57344
|
|
|
3902000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003902000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3902000
|
| Size: |
20480
|
|
|
3A73000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003A73000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A73000
|
| Size: |
12288
|
|
|
5D5D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1650589642.0000000005D5D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5D5D000
|
| Size: |
12288
|
|
|
1735000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1637648816.0000000001735000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1735000
|
| Size: |
401408
|
|
|
3A46000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003A46000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A46000
|
| Size: |
53248
|
|
|
6850000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1652451675.0000000006850000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6850000
|
| Size: |
65536
|
|
|
B48000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000009.00000002.1759919450.0000000000B48000.00000002.00000001.01000000.0000000A.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
B48000
|
| Size: |
8192
|
|
|
102C000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1285490825.000000000102C000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
102C000
|
| Size: |
20480
|
|
|
475000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1638213541.0000000000475000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
475000
|
| Size: |
40960
|
|
|
3B84000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003B84000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B84000
|
| Size: |
12288
|
|
|
370C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.000000000370C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
370C000
|
| Size: |
4096
|
|
|
2DF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1657047702.0000000002DF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2DF4000
|
| Size: |
4096
|
|
|
6B50000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1653609092.0000000006B50000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B50000
|
| Size: |
4096
|
|
|
886E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1655173250.000000000886E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
886E000
|
| Size: |
8192
|
|
|
B48000
|
unkown
|
page readonly
|
|
|
|
| Name: |
0000000E.00000000.1923290374.0000000000B48000.00000002.00000001.01000000.0000000A.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
B48000
|
| Size: |
8192
|
|
|
64A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1650946348.00000000064A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
64A0000
|
| Size: |
4096
|
|
|
37C2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000037C2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37C2000
|
| Size: |
4096
|
|
|
3400000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638308723.0000000003400000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3400000
|
| Size: |
4096
|
|
|
31A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1658138109.00000000031A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
31A0000
|
| Size: |
28672
|
|
|
3A20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003A20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A20000
|
| Size: |
4096
|
|
|
2E21000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1633235414.0000000002E21000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E21000
|
| Size: |
45056
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
390B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.000000000390B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
390B000
|
| Size: |
45056
|
|
|
3ADC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003ADC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3ADC000
|
| Size: |
4096
|
|
|
E5AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1655843548.000000000E5AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E5AE000
|
| Size: |
8192
|
|
|
399E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.000000000399E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
399E000
|
| Size: |
12288
|
|
|
2B30000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1638589788.0000000002B30000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B30000
|
| Size: |
4096
|
|
|
4F0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1658280517.0000000004F0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4F0E000
|
| Size: |
8192
|
|
|
6B40000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1653250672.0000000006B40000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B40000
|
| Size: |
12288
|
|
|
398B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.000000000398B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
398B000
|
| Size: |
8192
|
|
|
3840000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003840000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3840000
|
| Size: |
57344
|
|
|
B48000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000008.00000000.1658324736.0000000000B48000.00000002.00000001.01000000.0000000A.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
B48000
|
| Size: |
8192
|
|
|
2E36000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1656158412.0000000002E36000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E36000
|
| Size: |
36864
|
|
|
377D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.000000000377D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
377D000
|
| Size: |
4096
|
|
|
3586000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638589416.0000000003586000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3586000
|
| Size: |
16384
|
|
|
16CA000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1637522732.00000000016CA000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
16CA000
|
| Size: |
8192
|
|
|
3A71000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003A71000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A71000
|
| Size: |
4096
|
|
|
3AC5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003AC5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AC5000
|
| Size: |
49152
|
|
|
2E17000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1650979652.0000000002E17000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E17000
|
| Size: |
12288
|
|
|
6C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1923671393.00000000006C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6C0000
|
| Size: |
4096
|
|
|
5F7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1658879202.00000000005F7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F7000
|
| Size: |
28672
|
|
|
B41000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000008.00000000.1658297395.0000000000B41000.00000020.00000001.01000000.0000000A.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
B41000
|
| Size: |
24576
|
|
|
5BC0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1650488053.0000000005BC0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
5BC0000
|
| Size: |
8192
|
|
|
8200000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1654840308.0000000008200000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8200000
|
| Size: |
49152
|
|
|
396C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.000000000396C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
396C000
|
| Size: |
4096
|
|
|
6820000
|
trusted library section
|
page readonly
|
|
|
|
| Name: |
00000000.00000002.1651938987.0000000006820000.00000002.08000000.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page readonly
|
| Base address: |
6820000
|
| Size: |
65536
|
|
|
37B3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000037B3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37B3000
|
| Size: |
4096
|
|
|
2DF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1657469556.0000000002DF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2DF4000
|
| Size: |
4096
|
|
|
3CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1923537680.00000000003CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3CE000
|
| Size: |
8192
|
|
|
11D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1636803179.00000000011D0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11D0000
|
| Size: |
4096
|
|
|
58E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1842017445.000000000058E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
58E000
|
| Size: |
8192
|
|
|
2E36000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1655635033.0000000002E36000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E36000
|
| Size: |
36864
|
|
|
4758000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1647900850.0000000004758000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4758000
|
| Size: |
188416
|
|
|
3BCF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003BCF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BCF000
|
| Size: |
4096
|
|
|
14F8000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1637152218.00000000014F8000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
14F8000
|
| Size: |
32768
|
|
|
3B63000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003B63000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B63000
|
| Size: |
4096
|
|
|
16D5000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1637578436.00000000016D5000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
16D5000
|
| Size: |
4096
|
|
|
E3F2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1655573843.000000000E3F2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
E3F2000
|
| Size: |
16384
|
|
|
38D000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1923507809.000000000038D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
38D000
|
| Size: |
12288
|
|
|
6B84000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1653940174.0000000006B84000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B84000
|
| Size: |
16384
|
|
|
3B0A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003B0A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B0A000
|
| Size: |
4096
|
|
|
3985000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003985000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3985000
|
| Size: |
4096
|
|
|
3AD8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003AD8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AD8000
|
| Size: |
12288
|
|
|
2DF5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1651316052.0000000002DF5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2DF5000
|
| Size: |
4096
|
|
|
669D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1650979329.000000000669D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
669D000
|
| Size: |
12288
|
|
|
3450000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638511103.0000000003450000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3450000
|
| Size: |
36864
|
|
|
4EA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1658244563.0000000004EA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4EA0000
|
| Size: |
4096
|
|
|
35A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638783106.00000000035A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
35A0000
|
| Size: |
65536
|
|
|
37F8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000037F8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37F8000
|
| Size: |
12288
|
|
|
8B47000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1655474059.0000000008B47000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8B47000
|
| Size: |
12288
|
|
|
39BD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000039BD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39BD000
|
| Size: |
4096
|
|
|
3BC9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003BC9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BC9000
|
| Size: |
4096
|
|
|
37AF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000037AF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37AF000
|
| Size: |
12288
|
|
|
3730000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003730000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3730000
|
| Size: |
53248
|
|
|
10BB000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1285490825.00000000010BB000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
10BB000
|
| Size: |
20480
|
|
|
3B27000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003B27000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B27000
|
| Size: |
4096
|
|
|
7D49000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1654565164.0000000007D49000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7D49000
|
| Size: |
24576
|
|
|
169D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1637388794.000000000169D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
169D000
|
| Size: |
4096
|
|
|
3A58000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003A58000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A58000
|
| Size: |
4096
|
|
|
3B69000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003B69000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B69000
|
| Size: |
4096
|
|
|
3AC1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003AC1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AC1000
|
| Size: |
4096
|
|
|
3729000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003729000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3729000
|
| Size: |
4096
|
|
|
16D7000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1637596289.00000000016D7000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
16D7000
|
| Size: |
4096
|
|
|
3790000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003790000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3790000
|
| Size: |
12288
|
|
|
E6AD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1655897485.000000000E6AD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E6AD000
|
| Size: |
12288
|
|
|
6840000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1652386248.0000000006840000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6840000
|
| Size: |
4096
|
|
|
66A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1651016108.00000000066A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66A0000
|
| Size: |
253952
|
|
|
3A6F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003A6F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A6F000
|
| Size: |
4096
|
|
|
770000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1923730686.0000000000770000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
770000
|
| Size: |
20480
|
|
|
3410000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638328896.0000000003410000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3410000
|
| Size: |
65536
|
|
|
5E5D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1650631791.0000000005E5D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5E5D000
|
| Size: |
12288
|
|
|
3B7E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003B7E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B7E000
|
| Size: |
4096
|
|
|
19F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1637993685.00000000019F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
19F0000
|
| Size: |
4096
|
|
|
B40000
|
unkown
|
page readonly
|
|
|
|
| Name: |
0000000A.00000000.1840748621.0000000000B40000.00000002.00000001.01000000.0000000A.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
B40000
|
| Size: |
4096
|
|
|
B40000
|
unkown
|
page readonly
|
|
|
|
| Name: |
0000000E.00000002.1923799384.0000000000B40000.00000002.00000001.01000000.0000000A.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
B40000
|
| Size: |
4096
|
|
|
B41000
|
unkown
|
page execute read
|
|
|
|
| Name: |
0000000E.00000002.1923819263.0000000000B41000.00000020.00000001.01000000.0000000A.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
B41000
|
| Size: |
24576
|
|
|
3070000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1760323040.0000000003070000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3070000
|
| Size: |
20480
|
|
|
38EF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000038EF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38EF000
|
| Size: |
4096
|
|
|
3A56000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003A56000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A56000
|
| Size: |
4096
|
|
|
59C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1649756814.00000000059C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
59C0000
|
| Size: |
65536
|
|
|
3B99000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003B99000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B99000
|
| Size: |
4096
|
|
|
37F4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000037F4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37F4000
|
| Size: |
4096
|
|
|
B0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1638564348.0000000000B0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B0E000
|
| Size: |
8192
|
|
|
2E44000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1655635033.0000000002E44000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E44000
|
| Size: |
61440
|
|
|
3050000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1760283062.0000000003050000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3050000
|
| Size: |
4096
|
|
|
3A6D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003A6D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A6D000
|
| Size: |
4096
|
|
|
3744000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003744000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3744000
|
| Size: |
12288
|
|
|
3712000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003712000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3712000
|
| Size: |
12288
|
|
|
10C1000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1285490825.00000000010C1000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
10C1000
|
| Size: |
20480
|
|
|
3217000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1760413651.0000000003217000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3217000
|
| Size: |
24576
|
|
|
38D6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000038D6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38D6000
|
| Size: |
4096
|
|
|
37E3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000037E3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37E3000
|
| Size: |
4096
|
|
|
39A2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000039A2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39A2000
|
| Size: |
4096
|
|
|
2E22000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1656584514.0000000002E22000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E22000
|
| Size: |
77824
|
|
|
2DF2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1657469556.0000000002DF2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2DF2000
|
| Size: |
4096
|
|
|
388E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.000000000388E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
388E000
|
| Size: |
45056
|
|
|
3430000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638400166.0000000003430000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3430000
|
| Size: |
16384
|
|
|
3A2B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003A2B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A2B000
|
| Size: |
61440
|
|
|
681B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1651752566.000000000681B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
681B000
|
| Size: |
20480
|
|
|
E54D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1655756812.000000000E54D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E54D000
|
| Size: |
12288
|
|
|
6BB3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1654286847.0000000006BB3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6BB3000
|
| Size: |
4096
|
|
|
2E0F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1651127596.0000000002E0F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E0F000
|
| Size: |
4096
|
|
|
35D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638846946.00000000035D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
35D0000
|
| Size: |
53248
|
|
|
2E0A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1657708410.0000000002E0A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E0A000
|
| Size: |
4096
|
|
|
3A24000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003A24000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A24000
|
| Size: |
4096
|
|
|
3A22000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003A22000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A22000
|
| Size: |
4096
|
|
|
2DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1657469556.0000000002DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2DE1000
|
| Size: |
61440
|
|
|
1A7D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638042687.0000000001A7D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1A7D000
|
| Size: |
12288
|
|
|
3A77000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003A77000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A77000
|
| Size: |
49152
|
|
|
B41000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000009.00000000.1758959129.0000000000B41000.00000020.00000001.01000000.0000000A.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
B41000
|
| Size: |
24576
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
37E5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000037E5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37E5000
|
| Size: |
4096
|
|
|
16C2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1637490433.00000000016C2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16C2000
|
| Size: |
4096
|
|
|
C60000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1657401349.0000000000C60000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C60000
|
| Size: |
4096
|
|
|
3B10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003B10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B10000
|
| Size: |
4096
|
|
|
3872000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003872000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3872000
|
| Size: |
57344
|
|
|
2E2A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1638719878.0000000002E2A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E2A000
|
| Size: |
20480
|
|
|
39A6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000039A6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39A6000
|
| Size: |
4096
|
|
|
FC2000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1285490825.0000000000FC2000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
FC2000
|
| Size: |
385024
|
|
|
593C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1658687730.000000000593C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
593C000
|
| Size: |
16384
|
|
|
37CD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000037CD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37CD000
|
| Size: |
61440
|
|
|
1B1C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638063259.0000000001B1C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1B1C000
|
| Size: |
16384
|
|
|
4601000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1647900850.0000000004601000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4601000
|
| Size: |
24576
|
|
|
393A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.000000000393A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
393A000
|
| Size: |
4096
|
|
|
3BB8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003BB8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BB8000
|
| Size: |
57344
|
|
|
6B67000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1653771277.0000000006B67000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B67000
|
| Size: |
36864
|
|
|
12D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1658613314.000000000012D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
12D000
|
| Size: |
12288
|
|
|
2FEE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1658055837.0000000002FEE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2FEE000
|
| Size: |
8192
|
|
|
3868000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003868000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3868000
|
| Size: |
4096
|
|
|
3ADE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003ADE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3ADE000
|
| Size: |
4096
|
|
|
33E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638287419.00000000033E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
33E0000
|
| Size: |
4096
|
|
|
3A3B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003A3B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A3B000
|
| Size: |
4096
|
|
|
3919000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003919000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3919000
|
| Size: |
4096
|
|
|
3BB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003BB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BB0000
|
| Size: |
4096
|
|
|
3798000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003798000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3798000
|
| Size: |
4096
|
|
|
2E1C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1651241620.0000000002E1C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E1C000
|
| Size: |
57344
|
|
|
16D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1658654443.000000000016D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
16D000
|
| Size: |
12288
|
|
|
358D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638589416.000000000358D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
358D000
|
| Size: |
69632
|
|
|
2E44000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1656158412.0000000002E44000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E44000
|
| Size: |
61440
|
|
|
5BB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1650414050.0000000005BB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5BB0000
|
| Size: |
65536
|
|
|
388B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.000000000388B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
388B000
|
| Size: |
4096
|
|
|
3BB4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003BB4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BB4000
|
| Size: |
12288
|
|
|
B4B000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000008.00000000.1658360742.0000000000B4B000.00000002.00000001.01000000.0000000A.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
B4B000
|
| Size: |
8192
|
|
|
384F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.000000000384F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
384F000
|
| Size: |
4096
|
|
|
2E4E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1638818362.0000000002E4E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E4E000
|
| Size: |
110592
|
|
|
16B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1637439849.00000000016B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16B0000
|
| Size: |
45056
|
|
|
2DF9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1650670502.0000000002DF9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2DF9000
|
| Size: |
8192
|
|
|
8220000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1654960106.0000000008220000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
8220000
|
| Size: |
73728
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
|
|
103D000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1285490825.000000000103D000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
103D000
|
| Size: |
20480
|
|
|
2E0E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1657708410.0000000002E0E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E0E000
|
| Size: |
12288
|
|
|
37AB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000037AB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37AB000
|
| Size: |
4096
|
|
|
372B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.000000000372B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
372B000
|
| Size: |
4096
|
|
|
3B5F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003B5F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B5F000
|
| Size: |
4096
|
|
|
6F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1923693966.00000000006F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6F0000
|
| Size: |
20480
|
|
|
3923000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003923000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3923000
|
| Size: |
4096
|
|
|
2E12000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1650511393.0000000002E12000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E12000
|
| Size: |
98304
|
|
|
8A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1638424946.00000000008A0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8A0000
|
| Size: |
4096
|
|
|
379D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.000000000379D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
379D000
|
| Size: |
53248
|
|
|
38D2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000038D2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38D2000
|
| Size: |
4096
|
|
|
38D4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000038D4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38D4000
|
| Size: |
4096
|
|
|
813E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1654807762.000000000813E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
813E000
|
| Size: |
8192
|
|
|
391D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.000000000391D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
391D000
|
| Size: |
4096
|
|
|
3ABB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003ABB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3ABB000
|
| Size: |
4096
|
|
|
386A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.000000000386A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
386A000
|
| Size: |
20480
|
|
|
6B8A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1653984343.0000000006B8A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B8A000
|
| Size: |
12288
|
|
|
4CDA000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1638973560.0000000004CDA000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4CDA000
|
| Size: |
24576
|
|
|
37E7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000037E7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37E7000
|
| Size: |
4096
|
|
|
2DF6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1650756789.0000000002DF6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2DF6000
|
| Size: |
12288
|
|
|
2E12000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1638719878.0000000002E12000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E12000
|
| Size: |
94208
|
|
|
3885000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003885000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3885000
|
| Size: |
12288
|
|
|
39DB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000039DB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39DB000
|
| Size: |
45056
|
|
|
1693000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1637338446.0000000001693000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
1693000
|
| Size: |
4096
|
|
|
3420000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638371865.0000000003420000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3420000
|
| Size: |
65536
|
|
|
2C67000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1842395243.0000000002C67000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C67000
|
| Size: |
28672
|
|
|
1065000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1285490825.0000000001065000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
1065000
|
| Size: |
20480
|
|
|
930000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1842208265.0000000000930000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
930000
|
| Size: |
20480
|
|
|
630000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1923565907.0000000000630000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
630000
|
| Size: |
4096
|
|
|
5960000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1658727723.0000000005960000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5960000
|
| Size: |
4096
|
|
|
385B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.000000000385B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
385B000
|
| Size: |
40960
|
|
|
1060000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1285490825.0000000001060000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
1060000
|
| Size: |
16384
|
|
|
2E9E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1760218473.0000000002E9E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2E9E000
|
| Size: |
8192
|
|
|
2DFB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1656507730.0000000002DFB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2DFB000
|
| Size: |
57344
|
|
|
3748000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003748000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3748000
|
| Size: |
204800
|
|
|
3564000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638589416.0000000003564000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3564000
|
| Size: |
94208
|
|
|
3B0C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003B0C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B0C000
|
| Size: |
4096
|
|
|
3B97000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003B97000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B97000
|
| Size: |
4096
|
|
|
389C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.000000000389C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
389C000
|
| Size: |
4096
|
|
|
6B75000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1653771277.0000000006B75000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B75000
|
| Size: |
40960
|
|
|
1799000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1637648816.0000000001799000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1799000
|
| Size: |
352256
|
|
|
3723000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003723000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3723000
|
| Size: |
12288
|
|
|
B48000
|
unkown
|
page readonly
|
|
|
|
| Name: |
0000000E.00000002.1923841119.0000000000B48000.00000002.00000001.01000000.0000000A.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
B48000
|
| Size: |
8192
|
|
|
B41000
|
unkown
|
page execute read
|
|
|
|
| Name: |
0000000A.00000000.1840802461.0000000000B41000.00000020.00000001.01000000.0000000A.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
B41000
|
| Size: |
24576
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
3B7C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003B7C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B7C000
|
| Size: |
4096
|
|
|
1D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1658685745.00000000001D0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1D0000
|
| Size: |
4096
|
|
|
3821000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003821000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3821000
|
| Size: |
4096
|
|
|
2E21000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1655847806.0000000002E21000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E21000
|
| Size: |
81920
|
|
|
2E03000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1650635151.0000000002E03000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E03000
|
| Size: |
61440
|
|
|
66E2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1651016108.00000000066E2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66E2000
|
| Size: |
4096
|
|
|
3870000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003870000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3870000
|
| Size: |
4096
|
|
|
67C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1651514951.00000000067C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
67C0000
|
| Size: |
65536
|
|
|
1099000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1285490825.0000000001099000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
1099000
|
| Size: |
20480
|
|
|
4E01000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1639001984.0000000004E01000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4E01000
|
| Size: |
4096
|
|
|
B41000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000009.00000002.1759563529.0000000000B41000.00000020.00000001.01000000.0000000A.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
B41000
|
| Size: |
24576
|
|
|
3A43000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003A43000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A43000
|
| Size: |
4096
|
|
|
1690000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1637311839.0000000001690000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1690000
|
| Size: |
12288
|
|
|
7C50000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1654322204.0000000007C50000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7C50000
|
| Size: |
81920
|
|
|
10A4000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1285490825.00000000010A4000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
10A4000
|
| Size: |
20480
|
|
|
B41000
|
unkown
|
page execute read
|
|
|
|
| Name: |
0000000A.00000002.1842298174.0000000000B41000.00000020.00000001.01000000.0000000A.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
B41000
|
| Size: |
24576
|
|
|
2E36000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1657881531.0000000002E36000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E36000
|
| Size: |
36864
|
|
|
1694000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1637369404.0000000001694000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1694000
|
| Size: |
8192
|
|
|
B4B000
|
unkown
|
page readonly
|
|
|
|
| Name: |
0000000A.00000002.1842326084.0000000000B4B000.00000002.00000001.01000000.0000000A.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
B4B000
|
| Size: |
8192
|
|
|
39E7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000039E7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39E7000
|
| Size: |
4096
|
|
|
3823000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003823000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3823000
|
| Size: |
4096
|
|
|
5EE0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1650808819.0000000005EE0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5EE0000
|
| Size: |
65536
|
|
|
54FC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1639248330.00000000054FC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
54FC000
|
| Size: |
16384
|
|
|
3A69000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003A69000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A69000
|
| Size: |
4096
|
|
|
379A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.000000000379A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
379A000
|
| Size: |
4096
|
|
|
396A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.000000000396A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
396A000
|
| Size: |
4096
|
|
|
6830000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1652322150.0000000006830000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6830000
|
| Size: |
4096
|
|
|
541E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1658471345.000000000541E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
541E000
|
| Size: |
8192
|
|
|
37FC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000037FC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37FC000
|
| Size: |
147456
|
|
|
38F3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000038F3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38F3000
|
| Size: |
57344
|
|
|
6BA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1654253375.0000000006BA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6BA1000
|
| Size: |
8192
|
|
|
2E11000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1656158412.0000000002E11000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E11000
|
| Size: |
65536
|
|
|
2E54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1656584514.0000000002E54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E54000
|
| Size: |
69632
|
|
|
500F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1658316953.000000000500F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
500F000
|
| Size: |
4096
|
|
|
38D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000038D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38D0000
|
| Size: |
4096
|
|
|
1026000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1285490825.0000000001026000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
1026000
|
| Size: |
20480
|
|
|
10C7000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1285490825.00000000010C7000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
10C7000
|
| Size: |
16384
|
|
|
1032000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1285490825.0000000001032000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
1032000
|
| Size: |
40960
|
|
|
16F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1637648816.00000000016F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16F0000
|
| Size: |
49152
|
|
|
3908000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003908000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3908000
|
| Size: |
4096
|
|
|
8AE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1655376809.0000000008AE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8AE0000
|
| Size: |
65536
|
|
|
383C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.000000000383C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
383C000
|
| Size: |
4096
|
|
|
3B82000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003B82000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B82000
|
| Size: |
4096
|
|
|
2E72000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1638844412.0000000002E72000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E72000
|
| Size: |
28672
|
|
|
2E21000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1651440080.0000000002E21000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E21000
|
| Size: |
36864
|
|
|
357E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638589416.000000000357E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
357E000
|
| Size: |
4096
|
|
|
3B25000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003B25000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B25000
|
| Size: |
4096
|
|
|
3883000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003883000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3883000
|
| Size: |
4096
|
|
|
2E4A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1638770031.0000000002E4A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E4A000
|
| Size: |
12288
|
|
|
3727000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003727000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3727000
|
| Size: |
4096
|
|
|
3A54000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003A54000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A54000
|
| Size: |
4096
|
|
|
3B9B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003B9B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B9B000
|
| Size: |
65536
|
|
|
67AD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1651395852.00000000067AD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
67AD000
|
| Size: |
12288
|
|
|
3794000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003794000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3794000
|
| Size: |
4096
|
|
|
37DF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000037DF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37DF000
|
| Size: |
12288
|
|
|
2E54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1655635033.0000000002E54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E54000
|
| Size: |
69632
|
|
|
B40000
|
unkown
|
page readonly
|
|
|
|
| Name: |
0000000A.00000002.1842268495.0000000000B40000.00000002.00000001.01000000.0000000A.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
B40000
|
| Size: |
4096
|
|
|
C30000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1657331245.0000000000C30000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C30000
|
| Size: |
16384
|
|
|
59D0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1650114202.00000000059D0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
59D0000
|
| Size: |
65536
|
|
|
5E9D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1650675159.0000000005E9D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5E9D000
|
| Size: |
12288
|
|
|
37F6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000037F6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37F6000
|
| Size: |
4096
|
|
|
391F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.000000000391F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
391F000
|
| Size: |
4096
|
|
|
33DF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638256460.00000000033DF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
33DF000
|
| Size: |
4096
|
|
|
10AA000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1285490825.00000000010AA000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
10AA000
|
| Size: |
20480
|
|
|
109F000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1285490825.000000000109F000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
109F000
|
| Size: |
16384
|
|
|
3ABD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003ABD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3ABD000
|
| Size: |
4096
|
|
|
3435000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638400166.0000000003435000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3435000
|
| Size: |
45056
|
|
|
B40000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000009.00000002.1759433945.0000000000B40000.00000002.00000001.01000000.0000000A.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
B40000
|
| Size: |
4096
|
|
|
43E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1658769617.000000000043E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
43E000
|
| Size: |
8192
|
|
|
16BD000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1637458008.00000000016BD000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
16BD000
|
| Size: |
4096
|
|
|
83C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1638361296.000000000083C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
83C000
|
| Size: |
16384
|
|
|
3983000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003983000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3983000
|
| Size: |
4096
|
|
|
8240000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1655014863.0000000008240000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
8240000
|
| Size: |
4096
|
|
|
2DF7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1651316052.0000000002DF7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2DF7000
|
| Size: |
8192
|
|
|
B40000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000008.00000000.1658261984.0000000000B40000.00000002.00000001.01000000.0000000A.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
B40000
|
| Size: |
4096
|
|
|
39EB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000039EB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39EB000
|
| Size: |
102400
|
|
|
3881000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003881000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3881000
|
| Size: |
4096
|
|
|
39B3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.00000000039B3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39B3000
|
| Size: |
4096
|
|
|
3B1F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003B1F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B1F000
|
| Size: |
4096
|
|
|
1E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1658730938.00000000001E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E0000
|
| Size: |
4096
|
|
|
1A3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638020529.0000000001A3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1A3E000
|
| Size: |
8192
|
|
|
117A000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1636752068.000000000117A000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
117A000
|
| Size: |
24576
|
|
|
8B20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1655431074.0000000008B20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8B20000
|
| Size: |
4096
|
|
|
3B2A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003B2A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B2A000
|
| Size: |
151552
|
|
|
3B6D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1638934372.0000000003B6D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B6D000
|
| Size: |
49152
|
|
