|
7AC0000
|
trusted library section
|
page read and write
|
 |
|
|
| Name: |
00000001.00000002.3769904910.0000000007AC0000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
7AC0000
|
| Size: |
290816
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Found malware configuration |
AV Detection |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected Telegram RAT |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara detected VIP Keylogger |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara detected Credential Stealer |
Stealing of Sensitive Information |
|
| Yara signature match |
System Summary |
|
| URLs found in memory or binary data |
Networking |
|
|
|
2F74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3766763749.0000000002F74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2F74000
|
| Size: |
299008
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected Telegram RAT |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara detected VIP Keylogger |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara detected Credential Stealer |
Stealing of Sensitive Information |
|
| Yara signature match |
System Summary |
|
| URLs found in memory or binary data |
Networking |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
7A00000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3769669323.0000000007A00000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
7A00000
|
| Size: |
299008
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected Telegram RAT |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara detected VIP Keylogger |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara detected Credential Stealer |
Stealing of Sensitive Information |
|
| Yara signature match |
System Summary |
|
| URLs found in memory or binary data |
Networking |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
532A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.000000000532A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
532A000
|
| Size: |
249856
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Telegram RAT |
Stealing of Sensitive Information, Remote Access Functionality |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
| URLs found in memory or binary data |
Networking |
|
|
|
2E6E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1308761588.0000000002E6E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E6E000
|
| Size: |
307200
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected Telegram RAT |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara detected VIP Keylogger |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara detected Credential Stealer |
Stealing of Sensitive Information |
|
| Yara signature match |
System Summary |
|
| URLs found in memory or binary data |
Networking |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
5161000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.0000000005161000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5161000
|
| Size: |
339968
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Snake Keylogger |
Stealing of Sensitive Information, Remote Access Functionality |
|
| URLs found in memory or binary data |
Networking |
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1468345039.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
24576
|
|
|
7963000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1579230250.0000000007963000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7963000
|
| Size: |
4096
|
|
|
733E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3769462179.000000000733E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
733E000
|
| Size: |
8192
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330742216.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
12288
|
|
|
8ABE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3770077578.0000000008ABE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8ABE000
|
| Size: |
8192
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1329292117.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1463529010.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
12288
|
|
|
426000
|
system
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3766278532.0000000000426000.00000040.80000000.00040000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
system
|
| Protect: |
page execute and read and write
|
| Base address: |
426000
|
| Size: |
4096
|
|
|
63C7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1474070849.00000000063C7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
63C7000
|
| Size: |
8192
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1462538811.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
12288
|
|
|
8E60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1460296163.0000000008E60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E60000
|
| Size: |
16384
|
|
|
2A77000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3766366520.0000000002A77000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2A77000
|
| Size: |
36864
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1465651038.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
12288
|
|
|
9200000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1579911817.0000000009200000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
9200000
|
| Size: |
65536
|
|
|
63C4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1474070849.00000000063C4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
63C4000
|
| Size: |
4096
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1462491981.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
12288
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1462594988.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
12288
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1329947731.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
65536
|
|
|
2E51000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1306251786.0000000002E51000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E51000
|
| Size: |
8192
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1466912134.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
24576
|
|
|
2C00000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3766462906.0000000002C00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C00000
|
| Size: |
4096
|
|
|
3360000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1304661701.0000000003360000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3360000
|
| Size: |
1187840
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
8D3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3770117971.0000000008D3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8D3E000
|
| Size: |
8192
|
|
|
3483000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1304661701.0000000003483000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3483000
|
| Size: |
507904
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1463148552.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
12288
|
|
|
5429000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.0000000005429000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5429000
|
| Size: |
12288
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330540765.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
20480
|
|
|
7B30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1318715732.0000000007B30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B30000
|
| Size: |
16384
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1464156139.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
12288
|
|
|
8E60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1460187045.0000000008E60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E60000
|
| Size: |
12288
|
|
|
8EC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3770404145.0000000008EC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8EC0000
|
| Size: |
65536
|
|
|
7A6E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3769713982.0000000007A6E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7A6E000
|
| Size: |
12288
|
|
|
8E60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1460709684.0000000008E60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E60000
|
| Size: |
12288
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330704181.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
51000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000000.00000001.1292148954.0000000000051000.00000020.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
image loaded
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
51000
|
| Size: |
249856
|
|
|
54CB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.00000000054CB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
54CB000
|
| Size: |
4096
|
|
|
63FF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.00000000063FF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
63FF000
|
| Size: |
16384
|
|
|
8E60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1459857387.0000000008E60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E60000
|
| Size: |
40960
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1331958863.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1463328182.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
12288
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1467287843.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
24576
|
|
|
63F3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.00000000063F3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
63F3000
|
| Size: |
4096
|
|
|
B34000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1292611843.0000000000B34000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B34000
|
| Size: |
4096
|
|
|
7936000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1358754446.0000000007936000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7936000
|
| Size: |
12288
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330254838.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
12288
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1331549081.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
8F40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1478773428.0000000008F40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8F40000
|
| Size: |
36864
|
|
|
91F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1580017811.00000000091F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
91F0000
|
| Size: |
53248
|
|
|
8F40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1476959496.0000000008F40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8F40000
|
| Size: |
16384
|
|
|
5214000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.0000000005214000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5214000
|
| Size: |
8192
|
|
|
8ED0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3770433743.0000000008ED0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
8ED0000
|
| Size: |
65536
|
|
|
8F66000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3770522958.0000000008F66000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8F66000
|
| Size: |
4096
|
|
|
4A00000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3766886963.0000000004A00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A00000
|
| Size: |
4096
|
|
|
9010000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3770770170.0000000009010000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9010000
|
| Size: |
4096
|
|
|
8E60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1461452611.0000000008E60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E60000
|
| Size: |
16384
|
|
|
4BC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767120641.0000000004BC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4BC0000
|
| Size: |
4096
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1465814337.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
12288
|
|
|
7AA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3769869098.0000000007AA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7AA0000
|
| Size: |
65536
|
|
|
3443000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1302322054.0000000003443000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3443000
|
| Size: |
507904
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1464073055.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
36864
|
|
|
4BC6000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3767152960.0000000004BC6000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4BC6000
|
| Size: |
8192
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1467990682.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
24576
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1468683940.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
24576
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330927502.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
12288
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1462667195.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
12288
|
|
|
8E80000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3770313250.0000000008E80000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
8E80000
|
| Size: |
65536
|
|
|
3360000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1305532465.0000000003360000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3360000
|
| Size: |
1187840
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1462634083.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
12288
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1329248296.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
B03000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1296701053.0000000000B03000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B03000
|
| Size: |
16384
|
|
|
2ECC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1308210968.0000000002ECC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2ECC000
|
| Size: |
24576
|
|
|
4BA3000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3767023298.0000000004BA3000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4BA3000
|
| Size: |
4096
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1331127824.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
4096
|
|
|
521C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.000000000521C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
521C000
|
| Size: |
8192
|
|
|
2E7B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1327415688.0000000002E7B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E7B000
|
| Size: |
12288
|
|
|
9000000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3770751289.0000000009000000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
9000000
|
| Size: |
4096
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1468283408.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
24576
|
|
|
8FA2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3770573837.0000000008FA2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8FA2000
|
| Size: |
8192
|
|
|
77FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3769542959.00000000077FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
77FF000
|
| Size: |
4096
|
|
|
4BB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767070210.0000000004BB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4BB0000
|
| Size: |
8192
|
|
|
8F50000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3770499591.0000000008F50000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
8F50000
|
| Size: |
65536
|
|
|
91F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1579937641.00000000091F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
91F0000
|
| Size: |
65536
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1466775781.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
24576
|
|
|
2EA3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3766723517.0000000002EA3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2EA3000
|
| Size: |
401408
|
|
|
AAF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1296701053.0000000000AAF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AAF000
|
| Size: |
65536
|
|
|
7CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1308235422.00000000007CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7CF000
|
| Size: |
4096
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1463367409.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
12288
|
|
|
6299000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3768954330.0000000006299000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6299000
|
| Size: |
4096
|
|
|
1CA000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1308207139.00000000001CA000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1CA000
|
| Size: |
24576
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1331087503.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
636F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1474070849.000000000636F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
636F000
|
| Size: |
8192
|
|
|
9210000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1580108237.0000000009210000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
9210000
|
| Size: |
12288
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1468935683.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
24576
|
|
|
51000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000000.00000000.1291598058.0000000000051000.00000020.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
51000
|
| Size: |
581632
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1331919813.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
20480
|
|
|
8F40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1478736536.0000000008F40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8F40000
|
| Size: |
36864
|
|
|
63DE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.00000000063DE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
63DE000
|
| Size: |
4096
|
|
|
A54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1309019477.0000000000A54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A54000
|
| Size: |
8192
|
|
|
2A39000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3766346999.0000000002A39000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2A39000
|
| Size: |
28672
|
|
|
7680000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3769477023.0000000007680000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7680000
|
| Size: |
65536
|
|
|
8E60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1460528553.0000000008E60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E60000
|
| Size: |
12288
|
|
|
2ED2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1308103327.0000000002ED2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2ED2000
|
| Size: |
4096
|
|
|
6497000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1474070849.0000000006497000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6497000
|
| Size: |
20480
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469116953.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
24576
|
|
|
5402000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.0000000005402000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5402000
|
| Size: |
118784
|
|
|
63A1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3768954330.00000000063A1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
63A1000
|
| Size: |
20480
|
|
|
5221000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.0000000005221000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5221000
|
| Size: |
4096
|
|
|
7B50000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1316467385.0000000007B50000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B50000
|
| Size: |
16384
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1464422906.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
12288
|
|
|
4BBD000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3767102561.0000000004BBD000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4BBD000
|
| Size: |
4096
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1331261421.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
2E6D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3766629710.0000000002E6D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E6D000
|
| Size: |
24576
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330140763.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
3500000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1305272677.0000000003500000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3500000
|
| Size: |
1196032
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
52EE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.00000000052EE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
52EE000
|
| Size: |
4096
|
|
|
4A10000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3766901109.0000000004A10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A10000
|
| Size: |
4096
|
|
|
3629000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1304854387.0000000003629000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3629000
|
| Size: |
4096
|
|
|
4BF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767281779.0000000004BF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4BF0000
|
| Size: |
4096
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1464524076.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
12288
|
|
|
8EB0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3770385283.0000000008EB0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
8EB0000
|
| Size: |
8192
|
|
|
7168000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3769430032.0000000007168000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7168000
|
| Size: |
4096
|
|
|
AE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1296260179.0000000000AE0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AE0000
|
| Size: |
118784
|
|
|
B14000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1309248647.0000000000B14000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B14000
|
| Size: |
512000
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330837720.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
2ED4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1308045398.0000000002ED4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2ED4000
|
| Size: |
49152
|
|
|
8E60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1460493156.0000000008E60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E60000
|
| Size: |
12288
|
|
|
9010000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1579436203.0000000009010000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
9010000
|
| Size: |
65536
|
|
|
5498000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.0000000005498000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5498000
|
| Size: |
8192
|
|
|
7BA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330462513.0000000007BA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7BA0000
|
| Size: |
36864
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1329209985.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
20480
|
|
|
7926000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1358533985.0000000007926000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7926000
|
| Size: |
36864
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1463977063.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
53248
|
|
|
54F9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.00000000054F9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
54F9000
|
| Size: |
299008
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1462122865.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
12288
|
|
|
7B30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1319950854.0000000007B30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B30000
|
| Size: |
65536
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1331498443.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
54C3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.00000000054C3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
54C3000
|
| Size: |
12288
|
|
|
7B30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1318745762.0000000007B30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B30000
|
| Size: |
12288
|
|
|
2EC8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1308161642.0000000002EC8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2EC8000
|
| Size: |
12288
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330594346.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
2AD0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3766414766.0000000002AD0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AD0000
|
| Size: |
4096
|
|
|
7B30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1318876387.0000000007B30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B30000
|
| Size: |
12288
|
|
|
B03000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1295419305.0000000000B03000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B03000
|
| Size: |
65536
|
|
|
7BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1308235422.00000000007BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7BF000
|
| Size: |
4096
|
|
|
632B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.000000000632B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
632B000
|
| Size: |
20480
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
6474000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.0000000006474000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6474000
|
| Size: |
4096
|
|
|
2AA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3766397724.0000000002AA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AA0000
|
| Size: |
12288
|
|
|
3500000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1305776312.0000000003500000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3500000
|
| Size: |
1196032
|
|
|
3443000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1303837756.0000000003443000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3443000
|
| Size: |
507904
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3770290972.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
65536
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1331518547.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
20480
|
|
|
8EC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1461091709.0000000008EC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8EC0000
|
| Size: |
65536
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1466600549.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
24576
|
|
|
62EB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.00000000062EB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
62EB000
|
| Size: |
8192
|
|
|
2E43000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3766576817.0000000002E43000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E43000
|
| Size: |
40960
|
|
|
6357000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.0000000006357000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6357000
|
| Size: |
12288
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1463567454.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
40960
|
|
|
DF000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000002.1307894527.00000000000DF000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
DF000
|
| Size: |
147456
|
|
|
362D000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1305272677.000000000362D000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
362D000
|
| Size: |
458752
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1466549386.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
24576
|
|
|
548D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.000000000548D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
548D000
|
| Size: |
20480
|
|
|
51D7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.00000000051D7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
51D7000
|
| Size: |
4096
|
|
|
8F40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3770478190.0000000008F40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8F40000
|
| Size: |
65536
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1331298726.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
8E40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1397159709.0000000008E40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E40000
|
| Size: |
16384
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330054331.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
7B30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1318899311.0000000007B30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B30000
|
| Size: |
12288
|
|
|
8F40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1478521171.0000000008F40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8F40000
|
| Size: |
36864
|
|
|
7BA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1329898831.0000000007BA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7BA0000
|
| Size: |
20480
|
|
|
435000
|
system
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3766278532.0000000000435000.00000040.80000000.00040000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
system
|
| Protect: |
page execute and read and write
|
| Base address: |
435000
|
| Size: |
8192
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1462149372.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
12288
|
|
|
6432000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.0000000006432000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6432000
|
| Size: |
8192
|
|
|
4F01000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767357700.0000000004F01000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4F01000
|
| Size: |
4096
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1464008969.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
20480
|
|
|
3443000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1302774767.0000000003443000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3443000
|
| Size: |
507904
|
|
|
B0A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1296260179.0000000000B0A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B0A000
|
| Size: |
28672
|
|
|
639D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1474070849.000000000639D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
639D000
|
| Size: |
16384
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1464383635.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
12288
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1465151155.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
12288
|
|
|
7B30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1319089883.0000000007B30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B30000
|
| Size: |
16384
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1463485102.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
12288
|
|
|
8E40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1398926336.0000000008E40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E40000
|
| Size: |
65536
|
|
|
63A7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1474070849.00000000063A7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
63A7000
|
| Size: |
8192
|
|
|
400000
|
system
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3766278532.0000000000400000.00000040.80000000.00040000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
system
|
| Protect: |
page execute and read and write
|
| Base address: |
400000
|
| Size: |
147456
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara signature match |
System Summary |
|
|
|
633F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.000000000633F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
633F000
|
| Size: |
8192
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1467336165.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
24576
|
|
|
8E60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1460462925.0000000008E60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E60000
|
| Size: |
12288
|
|
|
5270000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.0000000005270000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5270000
|
| Size: |
438272
|
|
|
7B90000
|
remote allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1333337047.0000000007B90000.00000004.00000400.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
remote allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
4096
|
|
|
794A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1416098667.000000000794A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
794A000
|
| Size: |
12288
|
|
|
646B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1474070849.000000000646B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
646B000
|
| Size: |
4096
|
|
|
91F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1579712883.00000000091F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
91F0000
|
| Size: |
53248
|
|
|
63D2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1474070849.00000000063D2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
63D2000
|
| Size: |
8192
|
|
|
6312000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.0000000006312000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6312000
|
| Size: |
8192
|
|
|
9401000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3770791312.0000000009401000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9401000
|
| Size: |
8192
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469070857.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
24576
|
|
|
4E01000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767336669.0000000004E01000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4E01000
|
| Size: |
16384
|
|
|
2EFA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1386880477.0000000002EFA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2EFA000
|
| Size: |
45056
|
|
|
8E5A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3770183026.0000000008E5A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E5A000
|
| Size: |
24576
|
|
|
7B10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3769933890.0000000007B10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B10000
|
| Size: |
65536
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1462207777.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
12288
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469158015.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
24576
|
|
|
970000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1308905236.0000000000970000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
970000
|
| Size: |
20480
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1331698582.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
5225000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.0000000005225000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5225000
|
| Size: |
61440
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
5000000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767373670.0000000005000000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5000000
|
| Size: |
4096
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1468505401.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
24576
|
|
|
62C3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3768954330.00000000062C3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
62C3000
|
| Size: |
12288
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330160580.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
12288
|
|
|
1740000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1309727050.0000000001740000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1740000
|
| Size: |
8192
|
|
|
6161000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3768954330.0000000006161000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6161000
|
| Size: |
20480
|
|
|
8EA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1461850518.0000000008EA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8EA0000
|
| Size: |
65536
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1461901983.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
65536
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1329312561.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
8F40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1478839430.0000000008F40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8F40000
|
| Size: |
12288
|
|
|
7A6B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3769713982.0000000007A6B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7A6B000
|
| Size: |
8192
|
|
|
8F40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1478700576.0000000008F40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8F40000
|
| Size: |
36864
|
|
|
7B40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1315868131.0000000007B40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B40000
|
| Size: |
16384
|
|
|
6464000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3768954330.0000000006464000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6464000
|
| Size: |
16384
|
|
|
6264000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3768954330.0000000006264000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6264000
|
| Size: |
4096
|
|
|
94E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1308825684.000000000094E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
94E000
|
| Size: |
8192
|
|
|
7B40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1319932139.0000000007B40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B40000
|
| Size: |
12288
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1465867648.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
12288
|
|
|
61C8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3768954330.00000000061C8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
61C8000
|
| Size: |
16384
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1331939019.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
12288
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330630385.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
12288
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1464642360.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
12288
|
|
|
8F40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1476796097.0000000008F40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8F40000
|
| Size: |
16384
|
|
|
8E40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1398610436.0000000008E40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E40000
|
| Size: |
16384
|
|
|
7B40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1319837715.0000000007B40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B40000
|
| Size: |
12288
|
|
|
7918000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3769591291.0000000007918000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7918000
|
| Size: |
16384
|
|
|
62D9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.00000000062D9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
62D9000
|
| Size: |
8192
|
|
|
7B91000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1331044800.0000000007B91000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B91000
|
| Size: |
61440
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1331891689.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
24576
|
|
|
53EF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.00000000053EF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
53EF000
|
| Size: |
12288
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| SQL strings found in memory and binary data |
System Summary |
|
|
|
7FC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1308235422.00000000007FC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7FC000
|
| Size: |
16384
|
|
|
7BA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1331590522.0000000007BA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7BA0000
|
| Size: |
28672
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1464556127.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
12288
|
|
|
6362000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1474070849.0000000006362000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6362000
|
| Size: |
8192
|
|
|
63D3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3768954330.00000000063D3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
63D3000
|
| Size: |
4096
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1331406582.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
12288
|
|
|
8E50000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1409411550.0000000008E50000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E50000
|
| Size: |
65536
|
|
|
6447000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.0000000006447000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6447000
|
| Size: |
16384
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1331209227.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
40960
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1331983403.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
8EA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1461165771.0000000008EA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8EA0000
|
| Size: |
65536
|
|
|
34C0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1303468619.00000000034C0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
34C0000
|
| Size: |
1196032
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1465118478.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
12288
|
|
|
7B30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1318771372.0000000007B30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B30000
|
| Size: |
12288
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330176971.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
12288
|
|
|
61ED000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3768954330.00000000061ED000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
61ED000
|
| Size: |
53248
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Credential Stealer |
Stealing of Sensitive Information |
|
|
|
4BB3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767085481.0000000004BB3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4BB3000
|
| Size: |
28672
|
|
|
8E60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1461498870.0000000008E60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E60000
|
| Size: |
40960
|
|
|
8FF0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3770734555.0000000008FF0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
8FF0000
|
| Size: |
45056
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1466697870.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
24576
|
|
|
643C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.000000000643C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
643C000
|
| Size: |
8192
|
|
|
64DF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1474070849.00000000064DF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
64DF000
|
| Size: |
12288
|
|
|
2ECE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1308238039.0000000002ECE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2ECE000
|
| Size: |
16384
|
|
|
53E6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.00000000053E6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
53E6000
|
| Size: |
4096
|
|
|
63CE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.00000000063CE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
63CE000
|
| Size: |
8192
|
|
|
7A86000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3769713982.0000000007A86000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7A86000
|
| Size: |
16384
|
|
|
91F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1579646669.00000000091F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
91F0000
|
| Size: |
24576
|
|
|
B15000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1292437760.0000000000B15000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B15000
|
| Size: |
131072
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1329188045.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
793C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1386966520.000000000793C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
793C000
|
| Size: |
8192
|
|
|
8E60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1460214189.0000000008E60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E60000
|
| Size: |
16384
|
|
|
830000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1308767171.0000000000830000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
830000
|
| Size: |
4096
|
|
|
51CD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.00000000051CD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
51CD000
|
| Size: |
12288
|
|
|
8FC7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3770651443.0000000008FC7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8FC7000
|
| Size: |
36864
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1329620154.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
20480
|
|
|
8E60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1460258883.0000000008E60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E60000
|
| Size: |
32768
|
|
|
8E60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1460674779.0000000008E60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E60000
|
| Size: |
16384
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1462086936.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
12288
|
|
|
A93000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1292648281.0000000000A93000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A93000
|
| Size: |
49152
|
|
|
8FD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1579039071.0000000008FD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8FD0000
|
| Size: |
65536
|
|
|
369E000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1304854387.000000000369E000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
369E000
|
| Size: |
24576
|
|
|
BBC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1296664395.0000000000BBC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BBC000
|
| Size: |
258048
|
|
|
30FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3766825065.00000000030FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
30FF000
|
| Size: |
4096
|
|
|
8F40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1479350807.0000000008F40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8F40000
|
| Size: |
53248
|
|
|
63D5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.00000000063D5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
63D5000
|
| Size: |
4096
|
|
|
3629000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1305776312.0000000003629000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3629000
|
| Size: |
4096
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1329272253.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
12288
|
|
|
7690000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3769493893.0000000007690000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
7690000
|
| Size: |
4096
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1466062439.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
12288
|
|
|
8EA0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3770360016.0000000008EA0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
8EA0000
|
| Size: |
65536
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1462968807.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
12288
|
|
|
6381000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1474070849.0000000006381000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6381000
|
| Size: |
8192
|
|
|
7926000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1350958402.0000000007926000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7926000
|
| Size: |
36864
|
|
|
7BA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3769985003.0000000007BA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7BA0000
|
| Size: |
61440
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1464354120.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
12288
|
|
|
AAF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1295600529.0000000000AAF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AAF000
|
| Size: |
114688
|
|
|
B14000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1296260179.0000000000B14000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B14000
|
| Size: |
512000
|
|
|
7B40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1315560002.0000000007B40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B40000
|
| Size: |
16384
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1462387358.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
12288
|
|
|
6420000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.0000000006420000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6420000
|
| Size: |
8192
|
|
|
8FD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1578725368.0000000008FD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8FD0000
|
| Size: |
12288
|
|
|
2E3E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3766530896.0000000002E3E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E3E000
|
| Size: |
16384
|
|
|
635C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.000000000635C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
635C000
|
| Size: |
8192
|
|
|
51DB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.00000000051DB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
51DB000
|
| Size: |
4096
|
|
|
631E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1474070849.000000000631E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
631E000
|
| Size: |
8192
|
|
|
8F40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1478626891.0000000008F40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8F40000
|
| Size: |
36864
|
|
|
6342000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1474070849.0000000006342000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6342000
|
| Size: |
8192
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1465596933.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
12288
|
|
|
64C9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1474070849.00000000064C9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
64C9000
|
| Size: |
4096
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1468379957.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
24576
|
|
|
8E40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1396053679.0000000008E40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E40000
|
| Size: |
32768
|
|
|
8E60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1459801444.0000000008E60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E60000
|
| Size: |
20480
|
|
|
166E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1309668566.000000000166E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
166E000
|
| Size: |
8192
|
|
|
7E8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3770007972.0000000007E8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7E8E000
|
| Size: |
8192
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1464491843.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
12288
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1329431538.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
12288
|
|
|
8E60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1460369460.0000000008E60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E60000
|
| Size: |
20480
|
|
|
8F40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1478660210.0000000008F40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8F40000
|
| Size: |
36864
|
|
|
647C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.000000000647C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
647C000
|
| Size: |
8192
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1465899542.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
12288
|
|
|
8F30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3770459899.0000000008F30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8F30000
|
| Size: |
45056
|
|
|
7B90000
|
remote allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1333321510.0000000007B90000.00000004.00000400.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
remote allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
4096
|
|
|
2BFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3766447677.0000000002BFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2BFE000
|
| Size: |
8192
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330646709.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
8F40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1476872586.0000000008F40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8F40000
|
| Size: |
8192
|
|
|
BA2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1309449348.0000000000BA2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BA2000
|
| Size: |
106496
|
|
|
AE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1309199509.0000000000AE0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AE0000
|
| Size: |
118784
|
|
|
8FD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1579136133.0000000008FD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8FD0000
|
| Size: |
28672
|
|
|
2E12000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3766512264.0000000002E12000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E12000
|
| Size: |
102400
|
|
|
A50000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1309019477.0000000000A50000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A50000
|
| Size: |
8192
|
|
|
7951000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1579186496.0000000007951000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7951000
|
| Size: |
40960
|
|
|
6349000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1474070849.0000000006349000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6349000
|
| Size: |
4096
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1463117580.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
12288
|
|
|
369E000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1305776312.000000000369E000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
369E000
|
| Size: |
24576
|
|
|
54A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.00000000054A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
54A0000
|
| Size: |
102400
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1331661509.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
12288
|
|
|
54D6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.00000000054D6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
54D6000
|
| Size: |
135168
|
|
|
6307000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.0000000006307000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6307000
|
| Size: |
12288
|
|
|
64A1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3768954330.00000000064A1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
64A1000
|
| Size: |
12288
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1465510174.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
12288
|
|
|
8940000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1337497752.0000000008940000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8940000
|
| Size: |
16384
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1461198700.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
53248
|
|
|
2ED3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1308079663.0000000002ED3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2ED3000
|
| Size: |
4096
|
|
|
2E20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1305763394.0000000002E20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E20000
|
| Size: |
36864
|
|
|
4BAD000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3767055955.0000000004BAD000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4BAD000
|
| Size: |
4096
|
|
|
8FE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1479260267.0000000008FE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8FE0000
|
| Size: |
61440
|
|
|
6437000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.0000000006437000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6437000
|
| Size: |
8192
|
|
|
7B30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1318797776.0000000007B30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B30000
|
| Size: |
12288
|
|
|
112000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000000.00000000.1291847621.0000000000112000.00000008.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
112000
|
| Size: |
8192
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1329366380.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
12288
|
|
|
4BDB000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3767262678.0000000004BDB000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4BDB000
|
| Size: |
4096
|
|
|
8E40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1396118231.0000000008E40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E40000
|
| Size: |
16384
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1465935384.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
12288
|
|
|
B0A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1309248647.0000000000B0A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B0A000
|
| Size: |
8192
|
|
|
8EA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1463808484.0000000008EA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8EA0000
|
| Size: |
12288
|
|
|
61B3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3768954330.00000000061B3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
61B3000
|
| Size: |
4096
|
|
|
53F9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.00000000053F9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
53F9000
|
| Size: |
4096
|
|
|
8E40000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3770158855.0000000008E40000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
8E40000
|
| Size: |
65536
|
|
|
8E40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1396074868.0000000008E40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E40000
|
| Size: |
32768
|
|
|
B0C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1296413335.0000000000B0C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B0C000
|
| Size: |
20480
|
|
|
63BE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1474070849.00000000063BE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
63BE000
|
| Size: |
8192
|
|
|
4B80000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3766977982.0000000004B80000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
4B80000
|
| Size: |
4096
|
|
|
8FE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3770716066.0000000008FE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8FE0000
|
| Size: |
32768
|
|
|
2ED0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1308264739.0000000002ED0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2ED0000
|
| Size: |
8192
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1463296549.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
12288
|
|
|
7A7E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3769713982.0000000007A7E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7A7E000
|
| Size: |
4096
|
|
|
91F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1579501944.00000000091F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
91F0000
|
| Size: |
16384
|
|
|
61D9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3768954330.00000000061D9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
61D9000
|
| Size: |
20480
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3629000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1305272677.0000000003629000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3629000
|
| Size: |
4096
|
|
|
2C13000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1312577338.0000000002C13000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C13000
|
| Size: |
135168
|
|
|
62C7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3768954330.00000000062C7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
62C7000
|
| Size: |
12288
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1465736135.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
12288
|
|
|
63D8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.00000000063D8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
63D8000
|
| Size: |
8192
|
|
|
5010000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3767390801.0000000005010000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
5010000
|
| Size: |
4096
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1329453539.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
12288
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1331105882.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
4BD7000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3767246409.0000000004BD7000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4BD7000
|
| Size: |
4096
|
|
|
633C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1474070849.000000000633C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
633C000
|
| Size: |
8192
|
|
|
5378000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.0000000005378000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5378000
|
| Size: |
323584
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1463255284.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
12288
|
|
|
2E89000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1386904093.0000000002E89000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E89000
|
| Size: |
12288
|
|
|
8E60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1461381849.0000000008E60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E60000
|
| Size: |
36864
|
|
|
61E4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3768954330.00000000061E4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
61E4000
|
| Size: |
8192
|
|
|
369E000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1305272677.000000000369E000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
369E000
|
| Size: |
24576
|
|
|
6336000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.0000000006336000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6336000
|
| Size: |
8192
|
|
|
76FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3769526803.00000000076FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
76FE000
|
| Size: |
8192
|
|
|
505E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767408983.000000000505E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
505E000
|
| Size: |
8192
|
|
|
64D6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3768954330.00000000064D6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
64D6000
|
| Size: |
16384
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1332006540.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
51B5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.00000000051B5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
51B5000
|
| Size: |
28672
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
8E60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1460398773.0000000008E60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E60000
|
| Size: |
12288
|
|
|
35E9000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1303468619.00000000035E9000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
35E9000
|
| Size: |
4096
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1329334184.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
24576
|
|
|
91F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1580065136.00000000091F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
91F0000
|
| Size: |
57344
|
|
|
2C13000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1313746145.0000000002C13000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C13000
|
| Size: |
278528
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1462025132.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
12288
|
|
|
2ECB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1308137510.0000000002ECB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2ECB000
|
| Size: |
28672
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1329991881.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
20480
|
|
|
3320000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1303837756.0000000003320000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3320000
|
| Size: |
1187840
|
|
|
8E60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1459997631.0000000008E60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E60000
|
| Size: |
12288
|
|
|
4A6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3766932016.0000000004A6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4A6E000
|
| Size: |
8192
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330191740.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
63EC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.00000000063EC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
63EC000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
8F50000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1477236648.0000000008F50000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8F50000
|
| Size: |
53248
|
|
|
2E92000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3766686825.0000000002E92000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E92000
|
| Size: |
65536
|
|
|
8F60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1476693921.0000000008F60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8F60000
|
| Size: |
4096
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1329539944.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
8BBE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3770100416.0000000008BBE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8BBE000
|
| Size: |
8192
|
|
|
8F40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1477270706.0000000008F40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8F40000
|
| Size: |
65536
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1462914673.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
12288
|
|
|
64C1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3768954330.00000000064C1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
64C1000
|
| Size: |
4096
|
|
|
644F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1474070849.000000000644F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
644F000
|
| Size: |
12288
|
|
|
7B50000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1318523644.0000000007B50000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B50000
|
| Size: |
65536
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1329787382.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
12288
|
|
|
51DF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.00000000051DF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
51DF000
|
| Size: |
24576
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
8E80000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1461929691.0000000008E80000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E80000
|
| Size: |
65536
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1331281211.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
8FD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1579095433.0000000008FD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8FD0000
|
| Size: |
28672
|
|
|
AE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1296701053.0000000000AE0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AE0000
|
| Size: |
118784
|
|
|
3483000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1305141421.0000000003483000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3483000
|
| Size: |
507904
|
|
|
91F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1579763341.00000000091F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
91F0000
|
| Size: |
24576
|
|
|
35ED000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1302477965.00000000035ED000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
35ED000
|
| Size: |
458752
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330869387.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
12288
|
|
|
8E60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1461416644.0000000008E60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E60000
|
| Size: |
12288
|
|
|
62F1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.00000000062F1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
62F1000
|
| Size: |
12288
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
2E90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3766686825.0000000002E90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E90000
|
| Size: |
4096
|
|
|
7B30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314758349.0000000007B30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B30000
|
| Size: |
20480
|
|
|
2E74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3766629710.0000000002E74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E74000
|
| Size: |
40960
|
|
|
2E7B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1322413615.0000000002E7B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E7B000
|
| Size: |
12288
|
|
|
7B30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314064285.0000000007B30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B30000
|
| Size: |
12288
|
|
|
63E6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.00000000063E6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
63E6000
|
| Size: |
8192
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1463748195.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
4096
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1331475419.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
6451000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.0000000006451000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6451000
|
| Size: |
8192
|
|
|
8F40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1478558486.0000000008F40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8F40000
|
| Size: |
40960
|
|
|
4BCA000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3767169736.0000000004BCA000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4BCA000
|
| Size: |
8192
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330667237.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
28672
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1463211602.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
12288
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1331618168.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
65536
|
|
|
323E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3766856536.000000000323E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
323E000
|
| Size: |
8192
|
|
|
627A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3768954330.000000000627A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
627A000
|
| Size: |
12288
|
|
|
2E4E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3766576817.0000000002E4E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E4E000
|
| Size: |
20480
|
|
|
63AE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1474070849.00000000063AE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
63AE000
|
| Size: |
8192
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1461961577.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
53248
|
|
|
8F40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1477011306.0000000008F40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8F40000
|
| Size: |
12288
|
|
|
91F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1580130756.00000000091F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
91F0000
|
| Size: |
65536
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1462343321.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
12288
|
|
|
7B30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1315073210.0000000007B30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B30000
|
| Size: |
16384
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1468215457.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
24576
|
|
|
6388000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1474070849.0000000006388000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6388000
|
| Size: |
8192
|
|
|
8E6D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3770247190.0000000008E6D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E6D000
|
| Size: |
12288
|
|
|
8FE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1578983122.0000000008FE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8FE0000
|
| Size: |
28672
|
|
|
632B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1474070849.000000000632B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
632B000
|
| Size: |
4096
|
|
|
646E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.000000000646E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
646E000
|
| Size: |
4096
|
|
|
117000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1291987493.0000000000117000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
117000
|
| Size: |
327680
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1331366508.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
12288
|
|
|
6345000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.0000000006345000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6345000
|
| Size: |
8192
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1466864056.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
24576
|
|
|
7A60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3769713982.0000000007A60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7A60000
|
| Size: |
20480
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330238588.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
12288
|
|
|
5423000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.0000000005423000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5423000
|
| Size: |
4096
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| SQL strings found in memory and binary data |
System Summary |
|
|
|
791F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3769605928.000000000791F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
791F000
|
| Size: |
65536
|
|
|
897D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3770035454.000000000897D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
897D000
|
| Size: |
12288
|
|
|
6219000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3768954330.0000000006219000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6219000
|
| Size: |
204800
|
|
|
7B30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1319069023.0000000007B30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B30000
|
| Size: |
12288
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1464295504.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
12288
|
|
|
B14000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1293094388.0000000000B14000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B14000
|
| Size: |
512000
|
|
|
723C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3769446188.000000000723C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
723C000
|
| Size: |
16384
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1467125564.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
24576
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1465760504.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
12288
|
|
|
35ED000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1303468619.00000000035ED000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
35ED000
|
| Size: |
458752
|
|
|
62FD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.00000000062FD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
62FD000
|
| Size: |
8192
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330990110.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
7B40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1315759958.0000000007B40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B40000
|
| Size: |
16384
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1464455707.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
12288
|
|
|
8F50000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1476726351.0000000008F50000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8F50000
|
| Size: |
65536
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1331739033.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1329975251.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1331853582.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
20480
|
|
|
A70000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1309114959.0000000000A70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A70000
|
| Size: |
24576
|
|
|
7BA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1329927643.0000000007BA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7BA0000
|
| Size: |
36864
|
|
|
4B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3766994901.0000000004B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4B90000
|
| Size: |
8192
|
|
|
6477000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3768954330.0000000006477000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6477000
|
| Size: |
4096
|
|
|
5210000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.0000000005210000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5210000
|
| Size: |
8192
|
|
|
8FC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3770651443.0000000008FC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8FC0000
|
| Size: |
8192
|
|
|
52EA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.00000000052EA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
52EA000
|
| Size: |
12288
|
|
|
8E60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3770247190.0000000008E60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E60000
|
| Size: |
49152
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1329821422.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
6262000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3768954330.0000000006262000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6262000
|
| Size: |
4096
|
|
|
6334000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1474070849.0000000006334000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6334000
|
| Size: |
4096
|
|
|
DF000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1291697935.00000000000DF000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
DF000
|
| Size: |
147456
|
|
|
7AC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1310018269.0000000007AC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7AC0000
|
| Size: |
45056
|
|
|
5218000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.0000000005218000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5218000
|
| Size: |
8192
|
|
|
AE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1295419305.0000000000AE0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AE0000
|
| Size: |
118784
|
|
|
4BA4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767040409.0000000004BA4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4BA4000
|
| Size: |
8192
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1463452654.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
12288
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1468177104.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
24576
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1462178051.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
12288
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1465704786.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
12288
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1467040957.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
24576
|
|
|
7BA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1331028765.0000000007BA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7BA0000
|
| Size: |
16384
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330561849.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
49F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3766872265.00000000049F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
49F0000
|
| Size: |
4096
|
|
|
8F40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1478481155.0000000008F40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8F40000
|
| Size: |
65536
|
|
|
3483000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1305532465.0000000003483000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3483000
|
| Size: |
507904
|
|
|
8EB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1461587052.0000000008EB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8EB0000
|
| Size: |
65536
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1463933258.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
65536
|
|
|
8FE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1579284623.0000000008FE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8FE0000
|
| Size: |
45056
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1465785536.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
12288
|
|
|
B0A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1296701053.0000000000B0A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B0A000
|
| Size: |
8192
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1463178601.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
12288
|
|
|
91F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1579675226.00000000091F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
91F0000
|
| Size: |
20480
|
|
|
6359000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3768954330.0000000006359000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6359000
|
| Size: |
12288
|
|
|
644F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3768954330.000000000644F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
644F000
|
| Size: |
4096
|
|
|
2C02000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3766462906.0000000002C02000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C02000
|
| Size: |
20480
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330968595.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
12288
|
|
|
524D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.000000000524D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
524D000
|
| Size: |
69632
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
640C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.000000000640C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
640C000
|
| Size: |
8192
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1467955851.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
24576
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1464262343.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
12288
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1329871920.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
20480
|
|
|
B14000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1293483708.0000000000B14000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B14000
|
| Size: |
512000
|
|
|
35E9000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1304044762.00000000035E9000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
35E9000
|
| Size: |
4096
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1462869896.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
12288
|
|
|
5435000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.0000000005435000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5435000
|
| Size: |
188416
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1467775065.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
24576
|
|
|
2E4A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1306251786.0000000002E4A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E4A000
|
| Size: |
20480
|
|
|
7B60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1318443555.0000000007B60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B60000
|
| Size: |
57344
|
|
|
B14000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1296866818.0000000000B14000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B14000
|
| Size: |
512000
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1465542906.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
12288
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1462788672.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
12288
|
|
|
313E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3766841207.000000000313E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
313E000
|
| Size: |
8192
|
|
|
B04000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1295522991.0000000000B04000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B04000
|
| Size: |
61440
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1464837302.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
12288
|
|
|
9010000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1579594021.0000000009010000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
9010000
|
| Size: |
53248
|
|
|
ABF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1296260179.0000000000ABF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
ABF000
|
| Size: |
131072
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1331155265.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
8FA5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3770573837.0000000008FA5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8FA5000
|
| Size: |
45056
|
|
|
35E9000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1302477965.00000000035E9000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
35E9000
|
| Size: |
4096
|
|
|
645E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.000000000645E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
645E000
|
| Size: |
8192
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1329802466.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
12288
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1465841308.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
12288
|
|
|
7B20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1312410863.0000000007B20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B20000
|
| Size: |
65536
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330885202.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
12288
|
|
|
520C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.000000000520C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
520C000
|
| Size: |
8192
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330819091.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
65536
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1468057358.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
24576
|
|
|
8F40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1478806782.0000000008F40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8F40000
|
| Size: |
4096
|
|
|
34C0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1304044762.00000000034C0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
34C0000
|
| Size: |
1196032
|
|
|
7900000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3769572828.0000000007900000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7900000
|
| Size: |
94208
|
|
|
B14000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1296413335.0000000000B14000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B14000
|
| Size: |
512000
|
|
|
7A66000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3769713982.0000000007A66000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7A66000
|
| Size: |
8192
|
|
|
54CD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.00000000054CD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
54CD000
|
| Size: |
4096
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330304773.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
515F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767426689.000000000515F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
515F000
|
| Size: |
4096
|
|
|
7965000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1579230250.0000000007965000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7965000
|
| Size: |
4096
|
|
|
7B40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1316022426.0000000007B40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B40000
|
| Size: |
16384
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1329489614.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
8FC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1479320569.0000000008FC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8FC0000
|
| Size: |
65536
|
|
|
6320000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.0000000006320000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6320000
|
| Size: |
8192
|
|
|
542F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.000000000542F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
542F000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| SQL strings found in memory and binary data |
System Summary |
|
|
|
642B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.000000000642B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
642B000
|
| Size: |
8192
|
|
|
638D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1474070849.000000000638D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
638D000
|
| Size: |
8192
|
|
|
6324000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1474070849.0000000006324000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6324000
|
| Size: |
8192
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1331242654.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
20480
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1331184516.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
8E60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1460962558.0000000008E60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E60000
|
| Size: |
16384
|
|
|
AA2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1292648281.0000000000AA2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AA2000
|
| Size: |
471040
|
|
|
104000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1291697935.0000000000104000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
104000
|
| Size: |
40960
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary is likely a compiled AutoIt script file |
System Summary |
|
|
|
8E5D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1409469115.0000000008E5D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E5D000
|
| Size: |
12288
|
|
|
8E60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1460631776.0000000008E60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E60000
|
| Size: |
16384
|
|
|
2BB0000
|
heap
|
page readonly
|
|
|
|
| Name: |
00000001.00000002.3766432593.0000000002BB0000.00000002.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page readonly
|
| Base address: |
2BB0000
|
| Size: |
4096
|
|
|
8E50000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1409469115.0000000008E50000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E50000
|
| Size: |
49152
|
|
|
6458000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.0000000006458000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6458000
|
| Size: |
8192
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330611171.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
12288
|
|
|
8E60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1409447112.0000000008E60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E60000
|
| Size: |
65536
|
|
|
8E60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1460568845.0000000008E60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E60000
|
| Size: |
16384
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1467495791.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
24576
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1329227393.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
20480
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1329408999.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
20480
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1466005853.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
12288
|
|
|
6293000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3768954330.0000000006293000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6293000
|
| Size: |
12288
|
|
|
35ED000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1304044762.00000000035ED000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
35ED000
|
| Size: |
458752
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1329673950.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
20480
|
|
|
B92000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1309350457.0000000000B92000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B92000
|
| Size: |
61440
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330756172.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
8F50000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1478456011.0000000008F50000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8F50000
|
| Size: |
32768
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1462738523.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
12288
|
|
|
7DB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1308235422.00000000007DB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7DB000
|
| Size: |
20480
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330285915.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
8E60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1460333459.0000000008E60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E60000
|
| Size: |
12288
|
|
|
54C8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.00000000054C8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
54C8000
|
| Size: |
8192
|
|
|
7B30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1318670451.0000000007B30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B30000
|
| Size: |
65536
|
|
|
B14000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1293389251.0000000000B14000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B14000
|
| Size: |
512000
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1468867313.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
24576
|
|
|
2E2D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3766530896.0000000002E2D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E2D000
|
| Size: |
28672
|
|
|
8FE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1578416402.0000000008FE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8FE0000
|
| Size: |
16384
|
|
|
7B30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1319009190.0000000007B30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B30000
|
| Size: |
12288
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1331327281.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1465677758.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
12288
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1463416830.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
12288
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1465477493.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
12288
|
|
|
AAA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1309114959.0000000000AAA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AAA000
|
| Size: |
20480
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1331458893.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
793F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3769651565.000000000793F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
793F000
|
| Size: |
73728
|
|
|
53DB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.00000000053DB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
53DB000
|
| Size: |
4096
|
|
|
8A7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3770055693.0000000008A7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8A7E000
|
| Size: |
8192
|
|
|
6351000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.0000000006351000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6351000
|
| Size: |
8192
|
|
|
549B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.000000000549B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
549B000
|
| Size: |
12288
|
|
|
7B40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1316222865.0000000007B40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B40000
|
| Size: |
16384
|
|
|
5208000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.0000000005208000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5208000
|
| Size: |
8192
|
|
|
793A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1487075796.000000000793A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
793A000
|
| Size: |
16384
|
|
|
8FD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3770694484.0000000008FD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8FD0000
|
| Size: |
40960
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1466390760.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
24576
|
|
|
9210000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1579886374.0000000009210000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
9210000
|
| Size: |
65536
|
|
|
A10000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1308986238.0000000000A10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A10000
|
| Size: |
4096
|
|
|
52F9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.00000000052F9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
52F9000
|
| Size: |
77824
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
7939000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1398578743.0000000007939000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7939000
|
| Size: |
32768
|
|
|
34C0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1302477965.00000000034C0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
34C0000
|
| Size: |
1196032
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1465963029.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
12288
|
|
|
63C1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.00000000063C1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
63C1000
|
| Size: |
8192
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1331818622.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
5204000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.0000000005204000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5204000
|
| Size: |
4096
|
|
|
8FD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1479288548.0000000008FD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8FD0000
|
| Size: |
65536
|
|
|
8E60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1459908980.0000000008E60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E60000
|
| Size: |
36864
|
|
|
64A5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3768954330.00000000064A5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
64A5000
|
| Size: |
12288
|
|
|
8E60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1461341708.0000000008E60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E60000
|
| Size: |
53248
|
|
|
91F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1579800556.00000000091F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
91F0000
|
| Size: |
45056
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1468433671.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
24576
|
|
|
8FD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1578579179.0000000008FD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8FD0000
|
| Size: |
65536
|
|
|
3360000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1305141421.0000000003360000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3360000
|
| Size: |
1187840
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1464033683.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
20480
|
|
|
7933000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1386923451.0000000007933000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7933000
|
| Size: |
24576
|
|
|
AE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1293026835.0000000000AE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AE1000
|
| Size: |
720896
|
|
|
7B40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1318553158.0000000007B40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B40000
|
| Size: |
20480
|
|
|
62F6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.00000000062F6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
62F6000
|
| Size: |
8192
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1465568753.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
12288
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1331425390.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
91F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1579413506.00000000091F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
91F0000
|
| Size: |
32768
|
|
|
53DF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.00000000053DF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
53DF000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| SQL strings found in memory and binary data |
System Summary |
|
|
|
8E3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3770139658.0000000008E3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8E3E000
|
| Size: |
8192
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330482490.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
65536
|
|
|
7BA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330802227.0000000007BA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7BA0000
|
| Size: |
20480
|
|
|
6439000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1474070849.0000000006439000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6439000
|
| Size: |
4096
|
|
|
7B40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1319809934.0000000007B40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B40000
|
| Size: |
12288
|
|
|
8ED0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1461044679.0000000008ED0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8ED0000
|
| Size: |
45056
|
|
|
4BD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767186136.0000000004BD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4BD0000
|
| Size: |
4096
|
|
|
52E5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.00000000052E5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
52E5000
|
| Size: |
12288
|
|
|
7B46000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1318553158.0000000007B46000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B46000
|
| Size: |
40960
|
|
|
8EC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1466167477.0000000008EC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8EC0000
|
| Size: |
12288
|
|
|
7B30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314146140.0000000007B30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B30000
|
| Size: |
16384
|
|
|
3320000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1302322054.0000000003320000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3320000
|
| Size: |
1187840
|
|
|
4B6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3766948359.0000000004B6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4B6E000
|
| Size: |
8192
|
|
|
8E90000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3770336476.0000000008E90000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
8E90000
|
| Size: |
65536
|
|
|
BFB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1296488413.0000000000BFB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BFB000
|
| Size: |
131072
|
|
|
7A7A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3769713982.0000000007A7A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7A7A000
|
| Size: |
4096
|
|
|
6376000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1474070849.0000000006376000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6376000
|
| Size: |
8192
|
|
|
4BD5000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3767228076.0000000004BD5000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4BD5000
|
| Size: |
4096
|
|
|
B14000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1296701053.0000000000B14000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B14000
|
| Size: |
512000
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1466245942.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
65536
|
|
|
8E60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1409388834.0000000008E60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E60000
|
| Size: |
36864
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1462306806.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
12288
|
|
|
8E50000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1398890351.0000000008E50000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E50000
|
| Size: |
24576
|
|
|
365E000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1302477965.000000000365E000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
365E000
|
| Size: |
24576
|
|
|
793C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1386923451.000000000793C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
793C000
|
| Size: |
8192
|
|
|
54D2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.00000000054D2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
54D2000
|
| Size: |
12288
|
|
|
632E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1474070849.000000000632E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
632E000
|
| Size: |
8192
|
|
|
8F40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1476759686.0000000008F40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8F40000
|
| Size: |
65536
|
|
|
8E60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1460595490.0000000008E60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E60000
|
| Size: |
16384
|
|
|
2F33000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3766763749.0000000002F33000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2F33000
|
| Size: |
262144
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1467861327.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
24576
|
|
|
634A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.000000000634A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
634A000
|
| Size: |
8192
|
|
|
6419000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.0000000006419000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6419000
|
| Size: |
8192
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330270997.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
12288
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1331006014.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
365E000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1303468619.000000000365E000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
365E000
|
| Size: |
24576
|
|
|
76A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3769507579.00000000076A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
76A0000
|
| Size: |
65536
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1467899071.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
24576
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1329163318.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
12288
|
|
|
2E54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3766608173.0000000002E54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E54000
|
| Size: |
98304
|
|
|
4BA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767009256.0000000004BA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4BA0000
|
| Size: |
12288
|
|
|
7AB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3769887489.0000000007AB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7AB0000
|
| Size: |
65536
|
|
|
6317000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1474070849.0000000006317000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6317000
|
| Size: |
8192
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1466035276.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
12288
|
|
|
B14000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1295522991.0000000000B14000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B14000
|
| Size: |
512000
|
|
|
2E8C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1487039798.0000000002E8C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E8C000
|
| Size: |
12288
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1329472391.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
20480
|
|
|
4BD2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767210291.0000000004BD2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4BD2000
|
| Size: |
4096
|
|
|
8FA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3770573837.0000000008FA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8FA0000
|
| Size: |
4096
|
|
|
4BC2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767138053.0000000004BC2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4BC2000
|
| Size: |
4096
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1463066105.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
65536
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1467600411.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
24576
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1464321365.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
12288
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1462696186.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
12288
|
|
|
63C8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.00000000063C8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
63C8000
|
| Size: |
8192
|
|
|
7B91000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330081614.0000000007B91000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B91000
|
| Size: |
57344
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1468547292.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
24576
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1461302377.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
65536
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330124322.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
12288
|
|
|
8E9F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1461198700.0000000008E9F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E9F000
|
| Size: |
4096
|
|
|
7BA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330328590.0000000007BA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7BA0000
|
| Size: |
16384
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1331385024.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
8E80000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1461261254.0000000008E80000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E80000
|
| Size: |
65536
|
|
|
5493000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.0000000005493000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5493000
|
| Size: |
4096
|
|
|
6337000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1474070849.0000000006337000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6337000
|
| Size: |
8192
|
|
|
7A50000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3769696461.0000000007A50000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7A50000
|
| Size: |
65536
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1467705711.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
24576
|
|
|
AA3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1293094388.0000000000AA3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AA3000
|
| Size: |
253952
|
|
|
3500000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1304854387.0000000003500000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3500000
|
| Size: |
1196032
|
|
|
5368000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.0000000005368000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5368000
|
| Size: |
40960
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1466092549.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
45056
|
|
|
365E000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1304044762.000000000365E000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
365E000
|
| Size: |
24576
|
|
|
8F40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1476840650.0000000008F40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8F40000
|
| Size: |
20480
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330724250.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
6392000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1474070849.0000000006392000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6392000
|
| Size: |
8192
|
|
|
B14000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1295419305.0000000000B14000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B14000
|
| Size: |
512000
|
|
|
3320000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1302774767.0000000003320000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3320000
|
| Size: |
1187840
|
|
|
2E7F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3766664977.0000000002E7F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E7F000
|
| Size: |
65536
|
|
|
8E54000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3770183026.0000000008E54000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E54000
|
| Size: |
4096
|
|
|
6468000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.0000000006468000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6468000
|
| Size: |
8192
|
|
|
4B70000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3766963753.0000000004B70000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
4B70000
|
| Size: |
4096
|
|
|
8F94000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3770552308.0000000008F94000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8F94000
|
| Size: |
36864
|
|
|
B0B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1296866818.0000000000B0B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B0B000
|
| Size: |
4096
|
|
|
63CA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1474070849.00000000063CA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
63CA000
|
| Size: |
4096
|
|
|
AA2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1292514312.0000000000AA2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AA2000
|
| Size: |
471040
|
|
|
50000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1291526627.0000000000050000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
50000
|
| Size: |
4096
|
|
|
633A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1474070849.000000000633A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
633A000
|
| Size: |
4096
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330775188.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
12288
|
|
|
8FF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1579311820.0000000008FF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8FF0000
|
| Size: |
28672
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1331783812.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
12288
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1331442260.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
126E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1309510349.000000000126E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
126E000
|
| Size: |
8192
|
|
|
7B90000
|
remote allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1333301531.0000000007B90000.00000004.00000400.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
remote allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
4096
|
|
|
9220000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1579860564.0000000009220000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
9220000
|
| Size: |
61440
|
|
|
63E9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3768954330.00000000063E9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
63E9000
|
| Size: |
12288
|
|
|
7B40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1315308736.0000000007B40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B40000
|
| Size: |
16384
|
|
|
6465000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.0000000006465000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6465000
|
| Size: |
4096
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1464602987.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
12288
|
|
|
63E4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.00000000063E4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
63E4000
|
| Size: |
4096
|
|
|
7A60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1309935755.0000000007A60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7A60000
|
| Size: |
16384
|
|
|
5466000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.0000000005466000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5466000
|
| Size: |
94208
|
|
|
A78000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1309114959.0000000000A78000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A78000
|
| Size: |
176128
|
|
|
8FD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1578855899.0000000008FD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8FD0000
|
| Size: |
36864
|
|
|
8E56000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3770183026.0000000008E56000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E56000
|
| Size: |
8192
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1462243622.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
12288
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1329750125.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
12288
|
|
|
4D01000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767319721.0000000004D01000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D01000
|
| Size: |
4096
|
|
|
2ECA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1308185847.0000000002ECA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2ECA000
|
| Size: |
4096
|
|
|
63E1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.00000000063E1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
63E1000
|
| Size: |
8192
|
|
|
7930000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3769636044.0000000007930000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7930000
|
| Size: |
57344
|
|
|
8E60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1460433851.0000000008E60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E60000
|
| Size: |
12288
|
|
|
8E60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1460075858.0000000008E60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E60000
|
| Size: |
16384
|
|
|
9010000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1579526821.0000000009010000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
9010000
|
| Size: |
65536
|
|
|
9010000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1579559977.0000000009010000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
9010000
|
| Size: |
40960
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330103617.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1463016172.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
57344
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1462443738.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
12288
|
|
|
2A80000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3766383009.0000000002A80000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A80000
|
| Size: |
4096
|
|
|
8E40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1398065159.0000000008E40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E40000
|
| Size: |
12288
|
|
|
53FD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.00000000053FD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
53FD000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| SQL strings found in memory and binary data |
System Summary |
|
|
|
950000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1308868569.0000000000950000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
950000
|
| Size: |
4096
|
|
|
7B30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1312372555.0000000007B30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B30000
|
| Size: |
40960
|
|
|
7B30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314410267.0000000007B30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B30000
|
| Size: |
12288
|
|
|
52F4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.00000000052F4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
52F4000
|
| Size: |
12288
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
7A72000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3769713982.0000000007A72000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7A72000
|
| Size: |
28672
|
|
|
8E60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1460039130.0000000008E60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E60000
|
| Size: |
20480
|
|
|
5325000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.0000000005325000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5325000
|
| Size: |
12288
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330855007.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
12288
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1462826762.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
12288
|
|
|
63BB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1474070849.00000000063BB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
63BB000
|
| Size: |
4096
|
|
|
7B8D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3769953183.0000000007B8D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7B8D000
|
| Size: |
12288
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1329389182.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
12288
|
|
|
8E60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1460146621.0000000008E60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E60000
|
| Size: |
12288
|
|
|
2C13000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1409531448.0000000002C13000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C13000
|
| Size: |
266240
|
|
|
2E00000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3766493607.0000000002E00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E00000
|
| Size: |
69632
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330579178.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
12288
|
|
|
B03000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1309226376.0000000000B03000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
B03000
|
| Size: |
16384
|
|
|
7B30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314116520.0000000007B30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B30000
|
| Size: |
12288
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1465622711.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
12288
|
|
|
7B30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1318848734.0000000007B30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B30000
|
| Size: |
12288
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1331347223.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
12288
|
|
|
531B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.000000000531B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
531B000
|
| Size: |
12288
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
16F0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1309692942.00000000016F0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
16F0000
|
| Size: |
208896
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
| Yara signature match |
System Summary |
|
|
|
AAF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1293389251.0000000000AAF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AAF000
|
| Size: |
299008
|
|
|
7A8D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3769713982.0000000007A8D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7A8D000
|
| Size: |
69632
|
|
|
8E60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1459941373.0000000008E60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E60000
|
| Size: |
12288
|
|
|
9BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1308942027.00000000009BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9BE000
|
| Size: |
8192
|
|
|
4A20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3766916445.0000000004A20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A20000
|
| Size: |
4096
|
|
|
B03000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1296260179.0000000000B03000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B03000
|
| Size: |
16384
|
|
|
362D000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1304854387.000000000362D000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
362D000
|
| Size: |
458752
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1331067062.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
8192
|
|
|
7801000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3769558536.0000000007801000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
7801000
|
| Size: |
20480
|
|
|
10E000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000000.00000000.1291847621.000000000010E000.00000008.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
10E000
|
| Size: |
8192
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1464781863.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
12288
|
|
|
8E60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1460116393.0000000008E60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E60000
|
| Size: |
12288
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1466318523.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
53248
|
|
|
7B30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1319037960.0000000007B30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B30000
|
| Size: |
12288
|
|
|
63CC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1474070849.00000000063CC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
63CC000
|
| Size: |
8192
|
|
|
8E40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1398961827.0000000008E40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E40000
|
| Size: |
4096
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330903879.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
362D000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1305776312.000000000362D000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
362D000
|
| Size: |
458752
|
|
|
117000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000002.1308116000.0000000000117000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
117000
|
| Size: |
327680
|
|
|
531F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.000000000531F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
531F000
|
| Size: |
4096
|
|
|
8FB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3770630394.0000000008FB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8FB0000
|
| Size: |
40960
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330951939.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
62DF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.00000000062DF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
62DF000
|
| Size: |
8192
|
|
|
8EB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1461127526.0000000008EB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8EB0000
|
| Size: |
65536
|
|
|
104000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000002.1307894527.0000000000104000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
104000
|
| Size: |
40960
|
|
|
5489000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.0000000005489000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5489000
|
| Size: |
12288
|
|
|
8EC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1461556720.0000000008EC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8EC0000
|
| Size: |
36864
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1462060119.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
12288
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330509675.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
12288
|
|
|
2E3C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3766530896.0000000002E3C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E3C000
|
| Size: |
4096
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1468250770.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
24576
|
|
|
6343000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3768954330.0000000006343000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6343000
|
| Size: |
4096
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330008813.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
6355000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1474070849.0000000006355000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6355000
|
| Size: |
16384
|
|
|
6375000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3768954330.0000000006375000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6375000
|
| Size: |
4096
|
|
|
8FE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1579336523.0000000008FE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8FE0000
|
| Size: |
65536
|
|
|
62E4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.00000000062E4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
62E4000
|
| Size: |
8192
|
|
|
7B40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1319905923.0000000007B40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B40000
|
| Size: |
12288
|
|
|
791D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3769605928.000000000791D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
791D000
|
| Size: |
4096
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1468606587.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
24576
|
|
|
10E000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1308082020.000000000010E000.00000004.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
10E000
|
| Size: |
36864
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1330686619.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
12288
|
|
|
6471000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.0000000006471000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6471000
|
| Size: |
8192
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1467413974.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
24576
|
|
|
5316000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.0000000005316000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5316000
|
| Size: |
12288
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469024588.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
24576
|
|
|
7A81000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3769713982.0000000007A81000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7A81000
|
| Size: |
16384
|
|
|
7B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1329767468.0000000007B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7B90000
|
| Size: |
16384
|
|
|
50000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000002.1307743762.0000000000050000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
50000
|
| Size: |
4096
|
|
|
6476000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1469257825.0000000006476000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6476000
|
| Size: |
8192
|
|
|
51C1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767442577.00000000051C1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
51C1000
|
| Size: |
40960
|
|
|
8E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1467661541.0000000008E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E90000
|
| Size: |
24576
|
|
|
51000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000000.00000002.1307797506.0000000000051000.00000020.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
51000
|
| Size: |
581632
|
|
|
4C01000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3767298750.0000000004C01000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4C01000
|
| Size: |
16384
|
|
|
8E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1462273137.0000000008E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8E70000
|
| Size: |
12288
|
|
|
63B4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1474070849.00000000063B4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
63B4000
|
| Size: |
8192
|
|
