|
3221000
|
trusted library allocation
|
page read and write
|
 |
|
|
| Name: |
00000002.00000002.1402738388.0000000003221000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3221000
|
| Size: |
737280
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Found malware configuration |
AV Detection |
|
| Yara detected Snake Keylogger |
Stealing of Sensitive Information, Remote Access Functionality |
|
| URLs found in memory or binary data |
Networking |
|
|
|
5D20000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1329881080.0000000005D20000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
5D20000
|
| Size: |
471040
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Costura Assembly Loader |
Data Obfuscation |
|
|
|
5870000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1404170899.0000000005870000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
5870000
|
| Size: |
290816
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected Telegram RAT |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara detected VIP Keylogger |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara detected Credential Stealer |
Stealing of Sensitive Information |
|
| Yara signature match |
System Summary |
|
| URLs found in memory or binary data |
Networking |
|
|
|
2D51000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002D51000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D51000
|
| Size: |
1163264
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Tries to detect sandboxes and other dynamic analysis tools (process name or module or function) |
Malware Analysis System Evasion |
Security Software Discovery
|
| Yara detected Costura Assembly Loader |
Data Obfuscation |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
| URLs found in memory or binary data |
Networking |
|
|
|
2A01000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002A01000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2A01000
|
| Size: |
1163264
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Tries to detect sandboxes and other dynamic analysis tools (process name or module or function) |
Malware Analysis System Evasion |
Security Software Discovery
|
| Yara detected Costura Assembly Loader |
Data Obfuscation |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3160000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1402037659.0000000003160000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
3160000
|
| Size: |
299008
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected Telegram RAT |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara detected VIP Keylogger |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara detected Credential Stealer |
Stealing of Sensitive Information |
|
| Yara signature match |
System Summary |
|
| URLs found in memory or binary data |
Networking |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
2D8F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1401435862.0000000002D8F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2D8F000
|
| Size: |
565248
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected Telegram RAT |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara detected VIP Keylogger |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara detected Credential Stealer |
Stealing of Sensitive Information |
|
| Yara signature match |
System Summary |
|
| URLs found in memory or binary data |
Networking |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
2B21000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002B21000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B21000
|
| Size: |
307200
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Snake Keylogger |
Stealing of Sensitive Information, Remote Access Functionality |
|
| URLs found in memory or binary data |
Networking |
|
|
|
4225000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1403273749.0000000004225000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4225000
|
| Size: |
602112
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected Telegram RAT |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara detected VIP Keylogger |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara detected Credential Stealer |
Stealing of Sensitive Information |
|
| Yara signature match |
System Summary |
|
| URLs found in memory or binary data |
Networking |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
303C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000303C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
303C000
|
| Size: |
4096
|
|
|
2BC9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002BC9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2BC9000
|
| Size: |
4096
|
|
|
121D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1399654904.000000000121D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
121D000
|
| Size: |
73728
|
|
|
331D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000331D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
331D000
|
| Size: |
4096
|
|
|
2F7A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F7A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F7A000
|
| Size: |
4096
|
|
|
2C2B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C2B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C2B000
|
| Size: |
4096
|
|
|
6C8AEFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1418592864.0000006C8AEFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6C8AEFF000
|
| Size: |
4096
|
|
|
327F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000327F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
327F000
|
| Size: |
12288
|
|
|
2E66000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E66000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E66000
|
| Size: |
4096
|
|
|
3377000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003377000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3377000
|
| Size: |
4096
|
|
|
2B83000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002B83000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B83000
|
| Size: |
4096
|
|
|
30D1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000030D1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30D1000
|
| Size: |
4096
|
|
|
6C8B3FC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1418679090.0000006C8B3FC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6C8B3FC000
|
| Size: |
16384
|
|
|
2C8E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002C8E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C8E000
|
| Size: |
4096
|
|
|
57F0000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1326101100.00000000057F0000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
57F0000
|
| Size: |
1163264
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
|
|
12D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1400467465.00000000012D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12D0000
|
| Size: |
8192
|
|
|
333F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000333F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
333F000
|
| Size: |
4096
|
|
|
3087000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003087000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3087000
|
| Size: |
53248
|
|
|
2868000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2533588590.0000000002868000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2868000
|
| Size: |
4096
|
|
|
31DD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1402259795.00000000031DD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31DD000
|
| Size: |
4096
|
|
|
3F2C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2537958260.0000000003F2C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3F2C000
|
| Size: |
4096
|
|
|
2F4A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F4A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F4A000
|
| Size: |
4096
|
|
|
2E74000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002E74000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E74000
|
| Size: |
12288
|
|
|
30C5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.00000000030C5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30C5000
|
| Size: |
4096
|
|
|
309B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000309B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
309B000
|
| Size: |
4096
|
|
|
315B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000315B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
315B000
|
| Size: |
139264
|
|
|
2FC1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002FC1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FC1000
|
| Size: |
4096
|
|
|
2FC5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002FC5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FC5000
|
| Size: |
4096
|
|
|
B45000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2531311779.0000000000B45000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B45000
|
| Size: |
12288
|
|
|
3E56000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2537958260.0000000003E56000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E56000
|
| Size: |
16384
|
|
|
2DD1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002DD1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DD1000
|
| Size: |
4096
|
|
|
52CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2540909177.00000000052CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
52CE000
|
| Size: |
8192
|
|
|
30FA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000030FA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30FA000
|
| Size: |
4096
|
|
|
12A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437490402.00000000012A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12A0000
|
| Size: |
16384
|
|
|
3E21000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2537958260.0000000003E21000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E21000
|
| Size: |
8192
|
|
|
2C91000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C91000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C91000
|
| Size: |
4096
|
|
|
2E30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E30000
|
| Size: |
4096
|
|
|
66A5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2542869939.00000000066A5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
66A5000
|
| Size: |
45056
|
|
|
2FBB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002FBB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FBB000
|
| Size: |
4096
|
|
|
2C14000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C14000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C14000
|
| Size: |
4096
|
|
|
6630000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1330775872.0000000006630000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6630000
|
| Size: |
131072
|
|
|
2F89000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002F89000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F89000
|
| Size: |
4096
|
|
|
2ED9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002ED9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2ED9000
|
| Size: |
4096
|
|
|
2FFC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002FFC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FFC000
|
| Size: |
4096
|
|
|
2F9E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F9E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F9E000
|
| Size: |
36864
|
|
|
2BDA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002BDA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2BDA000
|
| Size: |
4096
|
|
|
337D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000337D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
337D000
|
| Size: |
4096
|
|
|
2F7E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F7E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F7E000
|
| Size: |
57344
|
|
|
5B80000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1458914504.0000000005B80000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5B80000
|
| Size: |
61440
|
|
|
3EFA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2537958260.0000000003EFA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3EFA000
|
| Size: |
4096
|
|
|
2FF9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002FF9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FF9000
|
| Size: |
4096
|
|
|
2C61000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C61000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C61000
|
| Size: |
4096
|
|
|
3CC2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2537958260.0000000003CC2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3CC2000
|
| Size: |
4096
|
|
|
5BA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1459071141.0000000005BA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5BA0000
|
| Size: |
4096
|
|
|
3E79000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2537958260.0000000003E79000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E79000
|
| Size: |
8192
|
|
|
B40000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2531311779.0000000000B40000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B40000
|
| Size: |
16384
|
|
|
2ED3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002ED3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2ED3000
|
| Size: |
12288
|
|
|
31A5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000031A5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31A5000
|
| Size: |
4096
|
|
|
4F7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1325667398.0000000004F7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4F7E000
|
| Size: |
8192
|
|
|
3026000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000003026000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3026000
|
| Size: |
49152
|
|
|
2F24000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002F24000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F24000
|
| Size: |
4096
|
|
|
2D9D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D9D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D9D000
|
| Size: |
24576
|
|
|
2EEE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002EEE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EEE000
|
| Size: |
4096
|
|
|
2E8C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E8C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E8C000
|
| Size: |
4096
|
|
|
3BA8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2537958260.0000000003BA8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BA8000
|
| Size: |
8192
|
|
|
B30000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1305803705.0000000000B30000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B30000
|
| Size: |
4096
|
|
|
4A08000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1325396312.0000000004A08000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4A08000
|
| Size: |
8192
|
|
|
121B000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1437299772.000000000121B000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
121B000
|
| Size: |
4096
|
|
|
CE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1308157851.0000000000CE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
CE0000
|
| Size: |
8192
|
|
|
331B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000331B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
331B000
|
| Size: |
4096
|
|
|
3091000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000003091000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3091000
|
| Size: |
4096
|
|
|
2EA3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002EA3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EA3000
|
| Size: |
4096
|
|
|
3FA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2537958260.0000000003FA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3FA0000
|
| Size: |
12288
|
|
|
5CE0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1459699065.0000000005CE0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5CE0000
|
| Size: |
65536
|
|
|
D50000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1309845505.0000000000D50000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
D50000
|
| Size: |
65536
|
|
|
31BE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000031BE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31BE000
|
| Size: |
4096
|
|
|
307E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000307E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
307E000
|
| Size: |
4096
|
|
|
4B9E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1325490884.0000000004B9E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4B9E000
|
| Size: |
8192
|
|
|
2CF2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002CF2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2CF2000
|
| Size: |
4096
|
|
|
2C35000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C35000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C35000
|
| Size: |
4096
|
|
|
2C63000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C63000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C63000
|
| Size: |
4096
|
|
|
3004000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003004000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3004000
|
| Size: |
4096
|
|
|
2D41000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D41000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D41000
|
| Size: |
4096
|
|
|
5480000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1325965393.0000000005480000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5480000
|
| Size: |
20480
|
|
|
2B89000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002B89000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B89000
|
| Size: |
4096
|
|
|
608E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2541433605.000000000608E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
608E000
|
| Size: |
8192
|
|
|
329A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000329A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
329A000
|
| Size: |
36864
|
|
|
2CF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002CF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2CF0000
|
| Size: |
4096
|
|
|
3097000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003097000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3097000
|
| Size: |
4096
|
|
|
3253000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003253000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3253000
|
| Size: |
12288
|
|
|
2B68000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002B68000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B68000
|
| Size: |
4096
|
|
|
26CF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2533087257.00000000026CF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
26CF000
|
| Size: |
4096
|
|
|
2EC6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002EC6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EC6000
|
| Size: |
4096
|
|
|
2F7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1401783355.0000000002F7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2F7E000
|
| Size: |
8192
|
|
|
11CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1399598893.00000000011CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
11CF000
|
| Size: |
4096
|
|
|
2FF7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002FF7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FF7000
|
| Size: |
4096
|
|
|
2C60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1401210456.0000000002C60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C60000
|
| Size: |
65536
|
|
|
2C04000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002C04000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C04000
|
| Size: |
73728
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3096000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000003096000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3096000
|
| Size: |
53248
|
|
|
2C16000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C16000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C16000
|
| Size: |
4096
|
|
|
2C01000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C01000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C01000
|
| Size: |
4096
|
|
|
2F09000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F09000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F09000
|
| Size: |
4096
|
|
|
634F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2541619315.000000000634F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
634F000
|
| Size: |
4096
|
|
|
2B70000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1401032484.0000000002B70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B70000
|
| Size: |
16384
|
|
|
1D4FBE04000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1418760138.000001D4FBE04000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1D4FBE04000
|
| Size: |
16384
|
|
|
300F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000300F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
300F000
|
| Size: |
12288
|
|
|
3140000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003140000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3140000
|
| Size: |
49152
|
|
|
5390000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2541051749.0000000005390000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5390000
|
| Size: |
4096
|
|
|
3132000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003132000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3132000
|
| Size: |
4096
|
|
|
30EF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.00000000030EF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30EF000
|
| Size: |
20480
|
|
|
3BA3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2537958260.0000000003BA3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BA3000
|
| Size: |
12288
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3084000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003084000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3084000
|
| Size: |
4096
|
|
|
5BE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1327920424.0000000005BE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5BE0000
|
| Size: |
57344
|
|
|
694E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405012351.000000000694E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
694E000
|
| Size: |
8192
|
|
|
2C80000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C80000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C80000
|
| Size: |
8192
|
|
|
2E13000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E13000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E13000
|
| Size: |
4096
|
|
|
F82000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1434505258.0000000000F82000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F82000
|
| Size: |
118784
|
|
|
2E1F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002E1F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E1F000
|
| Size: |
4096
|
|
|
1210000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437225070.0000000001210000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1210000
|
| Size: |
4096
|
|
|
2E36000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E36000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E36000
|
| Size: |
4096
|
|
|
2FCD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002FCD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FCD000
|
| Size: |
16384
|
|
|
2F22000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002F22000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F22000
|
| Size: |
4096
|
|
|
2D95000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D95000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D95000
|
| Size: |
4096
|
|
|
2B24000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002B24000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B24000
|
| Size: |
4096
|
|
|
2B28000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002B28000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B28000
|
| Size: |
4096
|
|
|
2E2C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002E2C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E2C000
|
| Size: |
102400
|
|
|
3328000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003328000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3328000
|
| Size: |
20480
|
|
|
3236000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003236000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3236000
|
| Size: |
28672
|
|
|
31D1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000031D1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31D1000
|
| Size: |
4096
|
|
|
301B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000301B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
301B000
|
| Size: |
4096
|
|
|
3309000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003309000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3309000
|
| Size: |
36864
|
|
|
D22000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1309792122.0000000000D22000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
D22000
|
| Size: |
4096
|
|
|
2B53000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002B53000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B53000
|
| Size: |
4096
|
|
|
2DA4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002DA4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DA4000
|
| Size: |
12288
|
|
|
57BA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1403841106.00000000057BA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
57BA000
|
| Size: |
94208
|
|
|
2E8A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E8A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E8A000
|
| Size: |
4096
|
|
|
2DCC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002DCC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DCC000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| SQL strings found in memory and binary data |
System Summary |
|
|
|
2D32000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D32000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D32000
|
| Size: |
4096
|
|
|
31C8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1402259795.00000000031C8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31C8000
|
| Size: |
4096
|
|
|
5E00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1404811320.0000000005E00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5E00000
|
| Size: |
8192
|
|
|
58C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1404377391.00000000058C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
58C0000
|
| Size: |
28672
|
|
|
5B90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1458987966.0000000005B90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5B90000
|
| Size: |
65536
|
|
|
2C65000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C65000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C65000
|
| Size: |
4096
|
|
|
2B51000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002B51000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B51000
|
| Size: |
4096
|
|
|
3F46000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1455898192.0000000003F46000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3F46000
|
| Size: |
4096
|
|
|
574D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2541184698.000000000574D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
574D000
|
| Size: |
12288
|
|
|
3E8A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1455898192.0000000003E8A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E8A000
|
| Size: |
4096
|
|
|
2EAF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002EAF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EAF000
|
| Size: |
8192
|
|
|
2D93000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D93000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D93000
|
| Size: |
4096
|
|
|
2C70000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1401375636.0000000002C70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C70000
|
| Size: |
16384
|
|
|
2B49000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002B49000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B49000
|
| Size: |
4096
|
|
|
2CCE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437707831.0000000002CCE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2CCE000
|
| Size: |
8192
|
|
|
30B6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000030B6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30B6000
|
| Size: |
4096
|
|
|
3159000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003159000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3159000
|
| Size: |
4096
|
|
|
303A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000303A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
303A000
|
| Size: |
4096
|
|
|
5476000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1325935660.0000000005476000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5476000
|
| Size: |
40960
|
|
|
2B90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437581243.0000000002B90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B90000
|
| Size: |
4096
|
|
|
2BD1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002BD1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2BD1000
|
| Size: |
4096
|
|
|
54FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1458394411.00000000054FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
54FE000
|
| Size: |
8192
|
|
|
2F62000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002F62000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F62000
|
| Size: |
4096
|
|
|
3000000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003000000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3000000
|
| Size: |
4096
|
|
|
31DD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000031DD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31DD000
|
| Size: |
126976
|
|
|
2EE1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002EE1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EE1000
|
| Size: |
4096
|
|
|
2BD2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002BD2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2BD2000
|
| Size: |
28672
|
|
|
3295000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003295000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3295000
|
| Size: |
4096
|
|
|
30B7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.00000000030B7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30B7000
|
| Size: |
12288
|
|
|
CFD000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1309109597.0000000000CFD000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
CFD000
|
| Size: |
4096
|
|
|
426000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1398744455.0000000000426000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
426000
|
| Size: |
4096
|
|
|
6762000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1460857430.0000000006762000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6762000
|
| Size: |
20480
|
|
|
C5E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1305844668.0000000000C5E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C5E000
|
| Size: |
8192
|
|
|
32E5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000032E5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32E5000
|
| Size: |
4096
|
|
|
2F11000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002F11000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F11000
|
| Size: |
4096
|
|
|
2B10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1400733649.0000000002B10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B10000
|
| Size: |
4096
|
|
|
F0C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1434505258.0000000000F0C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F0C000
|
| Size: |
4096
|
|
|
2F60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F60000
|
| Size: |
4096
|
|
|
2AF3000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1400583777.0000000002AF3000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
2AF3000
|
| Size: |
4096
|
|
|
2BFF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002BFF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2BFF000
|
| Size: |
4096
|
|
|
59B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1326952978.00000000059B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
59B0000
|
| Size: |
65536
|
|
|
2B7F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002B7F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B7F000
|
| Size: |
4096
|
|
|
3F83000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1455898192.0000000003F83000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3F83000
|
| Size: |
4096
|
|
|
6650000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.2542684658.0000000006650000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6650000
|
| Size: |
65536
|
|
|
1206000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1437174220.0000000001206000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
1206000
|
| Size: |
8192
|
|
|
7B7000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2531110292.00000000007B7000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7B7000
|
| Size: |
36864
|
|
|
311F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000311F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
311F000
|
| Size: |
4096
|
|
|
2EAC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002EAC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EAC000
|
| Size: |
4096
|
|
|
10D3000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1436724231.00000000010D3000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
10D3000
|
| Size: |
4096
|
|
|
10DD000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1436801109.00000000010DD000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
10DD000
|
| Size: |
4096
|
|
|
58C8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1404377391.00000000058C8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
58C8000
|
| Size: |
4096
|
|
|
DC3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1309912260.0000000000DC3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DC3000
|
| Size: |
176128
|
|
|
3155000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003155000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3155000
|
| Size: |
4096
|
|
|
31B6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1402259795.00000000031B6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31B6000
|
| Size: |
4096
|
|
|
3246000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003246000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3246000
|
| Size: |
4096
|
|
|
26A3000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.2532963080.00000000026A3000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
26A3000
|
| Size: |
4096
|
|
|
3138000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003138000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3138000
|
| Size: |
4096
|
|
|
30FE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000030FE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30FE000
|
| Size: |
4096
|
|
|
310B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000310B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
310B000
|
| Size: |
45056
|
|
|
320D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1402645699.000000000320D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
320D000
|
| Size: |
12288
|
|
|
3D69000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2537958260.0000000003D69000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D69000
|
| Size: |
8192
|
|
|
3121000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003121000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3121000
|
| Size: |
12288
|
|
|
D0D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1309680265.0000000000D0D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
D0D000
|
| Size: |
4096
|
|
|
2CB6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002CB6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2CB6000
|
| Size: |
4096
|
|
|
3106000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003106000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3106000
|
| Size: |
4096
|
|
|
2BE4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002BE4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2BE4000
|
| Size: |
4096
|
|
|
30BB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.00000000030BB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30BB000
|
| Size: |
12288
|
|
|
2C12000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C12000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C12000
|
| Size: |
4096
|
|
|
66A2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2542869939.00000000066A2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
66A2000
|
| Size: |
8192
|
|
|
2E51000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E51000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E51000
|
| Size: |
4096
|
|
|
5C7D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1404703731.0000000005C7D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5C7D000
|
| Size: |
12288
|
|
|
6630000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2542525523.0000000006630000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6630000
|
| Size: |
45056
|
|
|
1204000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1399654904.0000000001204000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1204000
|
| Size: |
45056
|
|
|
3315000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003315000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3315000
|
| Size: |
4096
|
|
|
D2B000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1309825764.0000000000D2B000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
D2B000
|
| Size: |
4096
|
|
|
5DBA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1460096465.0000000005DBA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5DBA000
|
| Size: |
24576
|
|
|
2D17000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D17000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D17000
|
| Size: |
12288
|
|
|
31D1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1402259795.00000000031D1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31D1000
|
| Size: |
8192
|
|
|
2EC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002EC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EC0000
|
| Size: |
4096
|
|
|
31B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000031B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31B0000
|
| Size: |
12288
|
|
|
2D2E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D2E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D2E000
|
| Size: |
4096
|
|
|
5DF0000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1330391302.0000000005DF0000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
5DF0000
|
| Size: |
323584
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
2D80000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D80000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D80000
|
| Size: |
4096
|
|
|
32C5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000032C5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32C5000
|
| Size: |
4096
|
|
|
30AC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.00000000030AC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30AC000
|
| Size: |
4096
|
|
|
2D9A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002D9A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D9A000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| SQL strings found in memory and binary data |
System Summary |
|
|
|
31D6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1402259795.00000000031D6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31D6000
|
| Size: |
16384
|
|
|
2D4D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D4D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D4D000
|
| Size: |
4096
|
|
|
2ACE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1400490185.0000000002ACE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2ACE000
|
| Size: |
8192
|
|
|
D10000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1434231729.0000000000D10000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D10000
|
| Size: |
4096
|
|
|
D20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1434365841.0000000000D20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D20000
|
| Size: |
8192
|
|
|
3F58000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2537958260.0000000003F58000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3F58000
|
| Size: |
20480
|
|
|
C68000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2531540943.0000000000C68000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C68000
|
| Size: |
155648
|
|
|
570D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2541123768.000000000570D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
570D000
|
| Size: |
12288
|
|
|
3184000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003184000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3184000
|
| Size: |
4096
|
|
|
5AE2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1327410038.0000000005AE2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5AE2000
|
| Size: |
8192
|
|
|
10C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1436436749.00000000010C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
10C0000
|
| Size: |
8192
|
|
|
2E62000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002E62000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E62000
|
| Size: |
303104
|
|
|
2DC5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002DC5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DC5000
|
| Size: |
4096
|
|
|
27F7000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.2533486567.00000000027F7000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
27F7000
|
| Size: |
4096
|
|
|
2D74000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D74000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D74000
|
| Size: |
4096
|
|
|
2D13000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D13000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D13000
|
| Size: |
4096
|
|
|
5DB4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1460096465.0000000005DB4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5DB4000
|
| Size: |
20480
|
|
|
2FAC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002FAC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FAC000
|
| Size: |
4096
|
|
|
3044000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000003044000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3044000
|
| Size: |
45056
|
|
|
2FE1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002FE1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FE1000
|
| Size: |
4096
|
|
|
2C5D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C5D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C5D000
|
| Size: |
4096
|
|
|
2D47000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D47000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D47000
|
| Size: |
4096
|
|
|
5CF0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1329763684.0000000005CF0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5CF0000
|
| Size: |
65536
|
|
|
1D4FBD50000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1418760138.000001D4FBD50000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1D4FBD50000
|
| Size: |
28672
|
|
|
3A01000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1323855666.0000000003A01000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A01000
|
| Size: |
1122304
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
6640000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2542592460.0000000006640000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6640000
|
| Size: |
65536
|
|
|
319B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000319B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
319B000
|
| Size: |
4096
|
|
|
5D10000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1329823090.0000000005D10000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5D10000
|
| Size: |
65536
|
|
|
31A3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000031A3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31A3000
|
| Size: |
4096
|
|
|
2E7F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002E7F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E7F000
|
| Size: |
45056
|
|
|
3338000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003338000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3338000
|
| Size: |
4096
|
|
|
6516000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2541773472.0000000006516000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6516000
|
| Size: |
8192
|
|
|
3274000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003274000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
2C59000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C59000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C59000
|
| Size: |
4096
|
|
|
2940000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.2533679670.0000000002940000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
2940000
|
| Size: |
65536
|
|
|
1D4FBC20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1418699253.000001D4FBC20000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1D4FBC20000
|
| Size: |
4096
|
|
|
3069000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000003069000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3069000
|
| Size: |
4096
|
|
|
2CFC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002CFC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2CFC000
|
| Size: |
4096
|
|
|
3300000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003300000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3300000
|
| Size: |
4096
|
|
|
5950000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1404593637.0000000005950000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5950000
|
| Size: |
65536
|
|
|
2FC3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002FC3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FC3000
|
| Size: |
4096
|
|
|
650E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2541743813.000000000650E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
650E000
|
| Size: |
8192
|
|
|
F36000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1399443968.0000000000F36000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F36000
|
| Size: |
40960
|
|
|
2EA5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002EA5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EA5000
|
| Size: |
4096
|
|
|
2EDD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002EDD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EDD000
|
| Size: |
57344
|
|
|
2F83000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002F83000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F83000
|
| Size: |
12288
|
|
|
5B75000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1458853936.0000000005B75000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5B75000
|
| Size: |
36864
|
|
|
2670000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2532828377.0000000002670000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
2670000
|
| Size: |
4096
|
|
|
3E67000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2537958260.0000000003E67000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E67000
|
| Size: |
8192
|
|
|
10D4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1436766387.00000000010D4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
10D4000
|
| Size: |
4096
|
|
|
2B8F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002B8F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B8F000
|
| Size: |
4096
|
|
|
3379000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003379000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3379000
|
| Size: |
4096
|
|
|
2DB6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002DB6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DB6000
|
| Size: |
4096
|
|
|
CF4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1308794672.0000000000CF4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
CF4000
|
| Size: |
4096
|
|
|
2E4F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002E4F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E4F000
|
| Size: |
12288
|
|
|
3CF4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2537958260.0000000003CF4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3CF4000
|
| Size: |
4096
|
|
|
270F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2533087257.000000000270F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
270F000
|
| Size: |
4096
|
|
|
2FE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002FE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FE0000
|
| Size: |
4096
|
|
|
EC8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1434505258.0000000000EC8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EC8000
|
| Size: |
49152
|
|
|
2CF6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002CF6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2CF6000
|
| Size: |
4096
|
|
|
2E68000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E68000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E68000
|
| Size: |
94208
|
|
|
2D0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437734228.0000000002D0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2D0E000
|
| Size: |
8192
|
|
|
69E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2543333488.00000000069E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
69E0000
|
| Size: |
4096
|
|
|
3F00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1455898192.0000000003F00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3F00000
|
| Size: |
4096
|
|
|
31B6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000031B6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31B6000
|
| Size: |
4096
|
|
|
30A4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.00000000030A4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30A4000
|
| Size: |
4096
|
|
|
5ED0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1460425192.0000000005ED0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5ED0000
|
| Size: |
65536
|
|
|
6740000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1404965654.0000000006740000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6740000
|
| Size: |
4096
|
|
|
5975000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1326733366.0000000005975000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5975000
|
| Size: |
36864
|
|
|
2690000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2532887183.0000000002690000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2690000
|
| Size: |
20480
|
|
|
10CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1399566630.00000000010CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
10CE000
|
| Size: |
8192
|
|
|
31B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1402259795.00000000031B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31B0000
|
| Size: |
12288
|
|
|
3157000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003157000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3157000
|
| Size: |
4096
|
|
|
2EB3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002EB3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EB3000
|
| Size: |
110592
|
|
|
2F07000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F07000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F07000
|
| Size: |
4096
|
|
|
523E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1325858638.000000000523E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
523E000
|
| Size: |
8192
|
|
|
10ED000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1437016720.00000000010ED000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
10ED000
|
| Size: |
4096
|
|
|
42D9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1403273749.00000000042D9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
42D9000
|
| Size: |
163840
|
|
|
336A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000336A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
336A000
|
| Size: |
49152
|
|
|
2DCD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002DCD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DCD000
|
| Size: |
4096
|
|
|
6BA000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2531039432.00000000006BA000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6BA000
|
| Size: |
24576
|
|
|
3F8A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2537958260.0000000003F8A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3F8A000
|
| Size: |
4096
|
|
|
3319000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003319000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3319000
|
| Size: |
4096
|
|
|
30D5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000030D5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30D5000
|
| Size: |
4096
|
|
|
2FB4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002FB4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FB4000
|
| Size: |
32768
|
|
|
D88000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1309912260.0000000000D88000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D88000
|
| Size: |
16384
|
|
|
52B0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1458291634.00000000052B0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
52B0000
|
| Size: |
4096
|
|
|
53BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1458322554.00000000053BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
53BF000
|
| Size: |
4096
|
|
|
1200000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437123036.0000000001200000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1200000
|
| Size: |
4096
|
|
|
2FC2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002FC2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FC2000
|
| Size: |
122880
|
|
|
3269000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003269000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3269000
|
| Size: |
40960
|
|
|
5BE0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1459181401.0000000005BE0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5BE0000
|
| Size: |
28672
|
|
|
111C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310368302.000000000111C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
111C000
|
| Size: |
16384
|
|
|
50C1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2540137719.00000000050C1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
50C1000
|
| Size: |
16384
|
|
|
3052000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000003052000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3052000
|
| Size: |
4096
|
|
|
32CD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000032CD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32CD000
|
| Size: |
4096
|
|
|
2D96000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002D96000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D96000
|
| Size: |
4096
|
|
|
32FA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000032FA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32FA000
|
| Size: |
4096
|
|
|
2E25000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002E25000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E25000
|
| Size: |
4096
|
|
|
2C2A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002C2A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C2A000
|
| Size: |
290816
|
|
|
2B77000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002B77000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B77000
|
| Size: |
28672
|
|
|
32EA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000032EA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32EA000
|
| Size: |
53248
|
|
|
2CB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002CB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2CB0000
|
| Size: |
4096
|
|
|
56EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1326049205.00000000056EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
56EE000
|
| Size: |
8192
|
|
|
EA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1434505258.0000000000EA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EA0000
|
| Size: |
36864
|
|
|
3104000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003104000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3104000
|
| Size: |
4096
|
|
|
1230000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1400098693.0000000001230000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1230000
|
| Size: |
32768
|
|
|
2E34000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E34000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E34000
|
| Size: |
4096
|
|
|
2E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E70000
|
| Size: |
4096
|
|
|
2B4B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002B4B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B4B000
|
| Size: |
4096
|
|
|
2EF6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002EF6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EF6000
|
| Size: |
4096
|
|
|
66C7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2543062356.00000000066C7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
66C7000
|
| Size: |
36864
|
|
|
3B73000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2537958260.0000000003B73000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B73000
|
| Size: |
4096
|
|
|
3134000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003134000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3134000
|
| Size: |
4096
|
|
|
3D78000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1455898192.0000000003D78000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D78000
|
| Size: |
4096
|
|
|
3259000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003259000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3259000
|
| Size: |
12288
|
|
|
2970000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2533871071.0000000002970000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2970000
|
| Size: |
4096
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1398744455.0000000000400000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
400000
|
| Size: |
147456
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara signature match |
System Summary |
|
|
|
5AEA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1327410038.0000000005AEA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5AEA000
|
| Size: |
16384
|
|
|
3D81000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1323855666.0000000003D81000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D81000
|
| Size: |
294912
|
|
|
5930000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1326679162.0000000005930000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5930000
|
| Size: |
49152
|
|
|
50AB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2540137719.00000000050AB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
50AB000
|
| Size: |
8192
|
|
|
2F2C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F2C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F2C000
|
| Size: |
4096
|
|
|
2BDD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002BDD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2BDD000
|
| Size: |
61440
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
2EE4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002EE4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EE4000
|
| Size: |
4096
|
|
|
2F26000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002F26000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F26000
|
| Size: |
4096
|
|
|
5C3F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1404669572.0000000005C3F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5C3F000
|
| Size: |
4096
|
|
|
2F72000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F72000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F72000
|
| Size: |
4096
|
|
|
50C6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2540137719.00000000050C6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
50C6000
|
| Size: |
16384
|
|
|
2F28000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002F28000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F28000
|
| Size: |
4096
|
|
|
C4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2531450199.0000000000C4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C4E000
|
| Size: |
8192
|
|
|
66A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2542869939.00000000066A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
66A0000
|
| Size: |
4096
|
|
|
301C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.000000000301C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
301C000
|
| Size: |
4096
|
|
|
2F45000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F45000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F45000
|
| Size: |
4096
|
|
|
2D83000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D83000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D83000
|
| Size: |
53248
|
|
|
CF3000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1308381554.0000000000CF3000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
CF3000
|
| Size: |
4096
|
|
|
2FF5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002FF5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FF5000
|
| Size: |
4096
|
|
|
2CCA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002CCA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2CCA000
|
| Size: |
172032
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
2E49000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E49000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E49000
|
| Size: |
4096
|
|
|
3E3F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1455898192.0000000003E3F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E3F000
|
| Size: |
4096
|
|
|
2EF9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002EF9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EF9000
|
| Size: |
45056
|
|
|
2FE9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002FE9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FE9000
|
| Size: |
4096
|
|
|
6850000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1461241893.0000000006850000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6850000
|
| Size: |
4096
|
|
|
3244000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003244000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3244000
|
| Size: |
4096
|
|
|
32A8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000032A8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32A8000
|
| Size: |
4096
|
|
|
321B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000321B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
321B000
|
| Size: |
20480
|
|
|
306B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.000000000306B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
306B000
|
| Size: |
4096
|
|
|
32E7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000032E7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32E7000
|
| Size: |
4096
|
|
|
4FC3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2539670031.0000000004FC3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4FC3000
|
| Size: |
430080
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
32B2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000032B2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32B2000
|
| Size: |
4096
|
|
|
6590000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.2542435345.0000000006590000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6590000
|
| Size: |
65536
|
|
|
303F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.000000000303F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
303F000
|
| Size: |
4096
|
|
|
2B4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437526033.0000000002B4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2B4E000
|
| Size: |
8192
|
|
|
31A1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000031A1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31A1000
|
| Size: |
4096
|
|
|
2E2E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E2E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E2E000
|
| Size: |
4096
|
|
|
69B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2543211609.00000000069B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
69B0000
|
| Size: |
32768
|
|
|
3231000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003231000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3231000
|
| Size: |
4096
|
|
|
2E16000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002E16000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E16000
|
| Size: |
8192
|
|
|
2F6C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F6C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F6C000
|
| Size: |
12288
|
|
|
4F68000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2539503118.0000000004F68000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4F68000
|
| Size: |
20480
|
|
|
2E6E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002E6E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E6E000
|
| Size: |
4096
|
|
|
2DC7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002DC7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DC7000
|
| Size: |
4096
|
|
|
5F30000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1460508064.0000000005F30000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F30000
|
| Size: |
212992
|
|
|
2BA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002BA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2BA0000
|
| Size: |
4096
|
|
|
638E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2541647489.000000000638E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
638E000
|
| Size: |
8192
|
|
|
32AA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000032AA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32AA000
|
| Size: |
4096
|
|
|
2E95000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002E95000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E95000
|
| Size: |
4096
|
|
|
2FEE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002FEE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FEE000
|
| Size: |
12288
|
|
|
32DE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000032DE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32DE000
|
| Size: |
4096
|
|
|
3034000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003034000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3034000
|
| Size: |
4096
|
|
|
1080000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1399529248.0000000001080000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1080000
|
| Size: |
16384
|
|
|
604E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2541398372.000000000604E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
604E000
|
| Size: |
8192
|
|
|
26AD000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.2533023074.00000000026AD000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
26AD000
|
| Size: |
4096
|
|
|
3CD9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2537958260.0000000003CD9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3CD9000
|
| Size: |
8192
|
|
|
300E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.000000000300E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
300E000
|
| Size: |
4096
|
|
|
325F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000325F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
325F000
|
| Size: |
4096
|
|
|
3248000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003248000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3248000
|
| Size: |
4096
|
|
|
51F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2540707520.00000000051F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
51F0000
|
| Size: |
65536
|
|
|
3180000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003180000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3180000
|
| Size: |
4096
|
|
|
2E4B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E4B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E4B000
|
| Size: |
4096
|
|
|
59E4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1458606649.00000000059E4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
59E4000
|
| Size: |
4096
|
|
|
6C8AAFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1418529197.0000006C8AAFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6C8AAFE000
|
| Size: |
8192
|
|
|
3251000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003251000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3251000
|
| Size: |
4096
|
|
|
5DBE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1404763166.0000000005DBE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5DBE000
|
| Size: |
8192
|
|
|
2F3F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F3F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F3F000
|
| Size: |
4096
|
|
|
2E20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E20000
|
| Size: |
36864
|
|
|
3261000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003261000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3261000
|
| Size: |
4096
|
|
|
577C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1403841106.000000000577C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
577C000
|
| Size: |
20480
|
|
|
2B0D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1400713230.0000000002B0D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
2B0D000
|
| Size: |
4096
|
|
|
327C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000327C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
327C000
|
| Size: |
4096
|
|
|
2F20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002F20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F20000
|
| Size: |
4096
|
|
|
58CE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1404377391.00000000058CE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
58CE000
|
| Size: |
8192
|
|
|
6C8ADFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1418574025.0000006C8ADFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6C8ADFF000
|
| Size: |
4096
|
|
|
59E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1458606649.00000000059E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
59E0000
|
| Size: |
4096
|
|
|
30DA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.00000000030DA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30DA000
|
| Size: |
4096
|
|
|
30BF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.00000000030BF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30BF000
|
| Size: |
4096
|
|
|
2CF5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002CF5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2CF5000
|
| Size: |
61440
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
DFD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1309912260.0000000000DFD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DFD000
|
| Size: |
139264
|
|
|
30AE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.00000000030AE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30AE000
|
| Size: |
4096
|
|
|
2C94000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002C94000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C94000
|
| Size: |
12288
|
|
|
31A7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000031A7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31A7000
|
| Size: |
16384
|
|
|
2B20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002B20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B20000
|
| Size: |
4096
|
|
|
6520000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2541880739.0000000006520000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6520000
|
| Size: |
49152
|
|
|
1D4FBF45000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1418914501.000001D4FBF45000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1D4FBF45000
|
| Size: |
36864
|
|
|
2D43000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D43000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D43000
|
| Size: |
4096
|
|
|
2F0D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002F0D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F0D000
|
| Size: |
4096
|
|
|
27D3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2533254215.00000000027D3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
27D3000
|
| Size: |
8192
|
|
|
2FC9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002FC9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FC9000
|
| Size: |
4096
|
|
|
528E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1458142360.000000000528E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
528E000
|
| Size: |
8192
|
|
|
2FBF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002FBF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FBF000
|
| Size: |
4096
|
|
|
3019000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003019000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3019000
|
| Size: |
4096
|
|
|
30A4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000030A4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30A4000
|
| Size: |
12288
|
|
|
2B84000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002B84000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B84000
|
| Size: |
16384
|
|
|
2CB4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002CB4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2CB4000
|
| Size: |
4096
|
|
|
6C8B0FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1418613981.0000006C8B0FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6C8B0FE000
|
| Size: |
8192
|
|
|
2BD9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002BD9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2BD9000
|
| Size: |
4096
|
|
|
26A4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2532988553.00000000026A4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
26A4000
|
| Size: |
8192
|
|
|
2B37000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1400899506.0000000002B37000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
2B37000
|
| Size: |
4096
|
|
|
3188000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003188000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3188000
|
| Size: |
4096
|
|
|
2BF7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002BF7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2BF7000
|
| Size: |
4096
|
|
|
2E91000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002E91000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E91000
|
| Size: |
4096
|
|
|
2F87000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002F87000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F87000
|
| Size: |
4096
|
|
|
5BF2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1459229682.0000000005BF2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5BF2000
|
| Size: |
4096
|
|
|
2F97000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F97000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F97000
|
| Size: |
4096
|
|
|
2810000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2533532757.0000000002810000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2810000
|
| Size: |
4096
|
|
|
F0E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1434505258.0000000000F0E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F0E000
|
| Size: |
421888
|
|
|
32DC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000032DC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32DC000
|
| Size: |
4096
|
|
|
2B4D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002B4D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B4D000
|
| Size: |
4096
|
|
|
3B21000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2537958260.0000000003B21000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B21000
|
| Size: |
20480
|
|
|
308B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.000000000308B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
308B000
|
| Size: |
4096
|
|
|
2BC1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002BC1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2BC1000
|
| Size: |
4096
|
|
|
2D05000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002D05000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D05000
|
| Size: |
32768
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
50AE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2540137719.00000000050AE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
50AE000
|
| Size: |
45056
|
|
|
5BA3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1459071141.0000000005BA3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5BA3000
|
| Size: |
8192
|
|
|
61CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2541528129.00000000061CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
61CE000
|
| Size: |
8192
|
|
|
5020000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1325753136.0000000005020000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5020000
|
| Size: |
65536
|
|
|
4F60000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2539503118.0000000004F60000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4F60000
|
| Size: |
4096
|
|
|
2AF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1400563241.0000000002AF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2AF0000
|
| Size: |
8192
|
|
|
2C97000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C97000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C97000
|
| Size: |
4096
|
|
|
2BE2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002BE2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2BE2000
|
| Size: |
4096
|
|
|
2D97000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D97000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D97000
|
| Size: |
4096
|
|
|
3B53000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2537958260.0000000003B53000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B53000
|
| Size: |
12288
|
|
|
2F9E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002F9E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F9E000
|
| Size: |
4096
|
|
|
5F4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2541363346.0000000005F4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5F4E000
|
| Size: |
8192
|
|
|
2B1E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534083782.0000000002B1E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2B1E000
|
| Size: |
8192
|
|
|
2C2F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C2F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C2F000
|
| Size: |
4096
|
|
|
3B17000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1323855666.0000000003B17000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B17000
|
| Size: |
516096
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
|
|
2C93000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C93000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C93000
|
| Size: |
4096
|
|
|
3017000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003017000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3017000
|
| Size: |
4096
|
|
|
2660000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2532791657.0000000002660000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2660000
|
| Size: |
16384
|
|
|
2B55000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002B55000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B55000
|
| Size: |
57344
|
|
|
2F81000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002F81000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F81000
|
| Size: |
4096
|
|
|
5DE0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1460330760.0000000005DE0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5DE0000
|
| Size: |
65536
|
|
|
6560000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.2542231649.0000000006560000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6560000
|
| Size: |
65536
|
|
|
109F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1435698181.000000000109F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
109F000
|
| Size: |
4096
|
|
|
D16000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1309740018.0000000000D16000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
D16000
|
| Size: |
8192
|
|
|
30F5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.00000000030F5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30F5000
|
| Size: |
131072
|
|
|
2FB5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002FB5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FB5000
|
| Size: |
4096
|
|
|
5560000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1403759284.0000000005560000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5560000
|
| Size: |
4096
|
|
|
3108000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003108000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3108000
|
| Size: |
8192
|
|
|
5E4F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2541337312.0000000005E4F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5E4F000
|
| Size: |
4096
|
|
|
2D4B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D4B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D4B000
|
| Size: |
4096
|
|
|
2B20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1400813144.0000000002B20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B20000
|
| Size: |
8192
|
|
|
3C5F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2537958260.0000000003C5F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C5F000
|
| Size: |
8192
|
|
|
3221000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003221000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3221000
|
| Size: |
36864
|
|
|
5A00000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1327120201.0000000005A00000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5A00000
|
| Size: |
32768
|
|
|
D12000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1309722091.0000000000D12000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
D12000
|
| Size: |
4096
|
|
|
2B1A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1400792541.0000000002B1A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
2B1A000
|
| Size: |
8192
|
|
|
2FC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002FC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FC0000
|
| Size: |
4096
|
|
|
2EAB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002EAB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EAB000
|
| Size: |
4096
|
|
|
4FBE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1325717643.0000000004FBE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4FBE000
|
| Size: |
8192
|
|
|
2F3D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F3D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F3D000
|
| Size: |
4096
|
|
|
3242000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003242000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3242000
|
| Size: |
4096
|
|
|
2E3A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E3A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E3A000
|
| Size: |
4096
|
|
|
2D40000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1437880737.0000000002D40000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
2D40000
|
| Size: |
4096
|
|
|
31C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000031C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31C0000
|
| Size: |
57344
|
|
|
2BE9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002BE9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2BE9000
|
| Size: |
36864
|
|
|
2E17000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E17000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E17000
|
| Size: |
4096
|
|
|
2D30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D30000
|
| Size: |
4096
|
|
|
3182000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003182000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3182000
|
| Size: |
4096
|
|
|
2C7E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C7E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C7E000
|
| Size: |
4096
|
|
|
D75000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1434420802.0000000000D75000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D75000
|
| Size: |
12288
|
|
|
2C31000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C31000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C31000
|
| Size: |
4096
|
|
|
64CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1404835610.00000000064CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
64CE000
|
| Size: |
8192
|
|
|
30C7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.00000000030C7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30C7000
|
| Size: |
4096
|
|
|
3291000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003291000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3291000
|
| Size: |
4096
|
|
|
2FB9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002FB9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FB9000
|
| Size: |
4096
|
|
|
2DD4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002DD4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DD4000
|
| Size: |
4096
|
|
|
3D21000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2537958260.0000000003D21000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D21000
|
| Size: |
16384
|
|
|
4E4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1458046132.0000000004E4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4E4E000
|
| Size: |
8192
|
|
|
334F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000334F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
334F000
|
| Size: |
4096
|
|
|
2D22000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D22000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D22000
|
| Size: |
28672
|
|
|
2BA6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002BA6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2BA6000
|
| Size: |
176128
|
|
|
2B9C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002B9C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B9C000
|
| Size: |
4096
|
|
|
2EE6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002EE6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EE6000
|
| Size: |
61440
|
|
|
57EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1326074385.00000000057EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
57EE000
|
| Size: |
8192
|
|
|
2FA4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002FA4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FA4000
|
| Size: |
57344
|
|
|
3265000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003265000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3265000
|
| Size: |
4096
|
|
|
3151000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003151000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3151000
|
| Size: |
4096
|
|
|
32E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000032E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32E0000
|
| Size: |
16384
|
|
|
3E67000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1455898192.0000000003E67000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E67000
|
| Size: |
4096
|
|
|
D00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1309556307.0000000000D00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
D00000
|
| Size: |
53248
|
|
|
2F5A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F5A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F5A000
|
| Size: |
4096
|
|
|
3050000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000003050000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3050000
|
| Size: |
4096
|
|
|
4C1E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2539455417.0000000004C1E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4C1E000
|
| Size: |
8192
|
|
|
2E32000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E32000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E32000
|
| Size: |
4096
|
|
|
3089000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000003089000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3089000
|
| Size: |
4096
|
|
|
2AFD000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1400619231.0000000002AFD000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
2AFD000
|
| Size: |
4096
|
|
|
2E2A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E2A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E2A000
|
| Size: |
12288
|
|
|
32F8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000032F8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32F8000
|
| Size: |
4096
|
|
|
313A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000313A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
313A000
|
| Size: |
4096
|
|
|
3334000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003334000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3334000
|
| Size: |
4096
|
|
|
2ED1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002ED1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2ED1000
|
| Size: |
4096
|
|
|
127E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437345220.000000000127E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
127E000
|
| Size: |
8192
|
|
|
2C76000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C76000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C76000
|
| Size: |
4096
|
|
|
2F03000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002F03000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F03000
|
| Size: |
12288
|
|
|
2FAE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002FAE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FAE000
|
| Size: |
4096
|
|
|
5770000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1403841106.0000000005770000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5770000
|
| Size: |
8192
|
|
|
29F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2533898747.00000000029F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
29F0000
|
| Size: |
65536
|
|
|
D80000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1309912260.0000000000D80000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D80000
|
| Size: |
24576
|
|
|
5790000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.2541257383.0000000005790000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5790000
|
| Size: |
65536
|
|
|
2BA2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002BA2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2BA2000
|
| Size: |
4096
|
|
|
2DC9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002DC9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DC9000
|
| Size: |
4096
|
|
|
3D52000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2537958260.0000000003D52000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D52000
|
| Size: |
4096
|
|
|
2D9F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002D9F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D9F000
|
| Size: |
118784
|
|
|
5920000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1326606841.0000000005920000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5920000
|
| Size: |
40960
|
|
|
30E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.00000000030E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30E0000
|
| Size: |
4096
|
|
|
29D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310462828.00000000029D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29D0000
|
| Size: |
4096
|
|
|
2FB2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002FB2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FB2000
|
| Size: |
4096
|
|
|
2FA8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002FA8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FA8000
|
| Size: |
4096
|
|
|
3200000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003200000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3200000
|
| Size: |
45056
|
|
|
2E64000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E64000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E64000
|
| Size: |
4096
|
|
|
3306000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003306000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3306000
|
| Size: |
8192
|
|
|
32AE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000032AE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32AE000
|
| Size: |
4096
|
|
|
3DE6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2537958260.0000000003DE6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3DE6000
|
| Size: |
4096
|
|
|
2D51000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D51000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D51000
|
| Size: |
139264
|
|
|
5250000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2540797692.0000000005250000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5250000
|
| Size: |
65536
|
|
|
2F8B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002F8B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F8B000
|
| Size: |
8192
|
|
|
1202000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437149167.0000000001202000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1202000
|
| Size: |
4096
|
|
|
3199000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003199000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3199000
|
| Size: |
4096
|
|
|
2C87000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C87000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C87000
|
| Size: |
12288
|
|
|
318F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000318F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
318F000
|
| Size: |
36864
|
|
|
3214000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003214000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3214000
|
| Size: |
4096
|
|
|
31CF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000031CF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31CF000
|
| Size: |
4096
|
|
|
2FF2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002FF2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FF2000
|
| Size: |
36864
|
|
|
3153000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003153000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3153000
|
| Size: |
4096
|
|
|
5D20000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1460012868.0000000005D20000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5D20000
|
| Size: |
65536
|
|
|
2E1A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002E1A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E1A000
|
| Size: |
16384
|
|
|
311B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000311B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
311B000
|
| Size: |
4096
|
|
|
2EA8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002EA8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EA8000
|
| Size: |
4096
|
|
|
5686000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1458466348.0000000005686000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5686000
|
| Size: |
40960
|
|
|
2E88000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E88000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E88000
|
| Size: |
4096
|
|
|
2E90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E90000
|
| Size: |
4096
|
|
|
32B7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000032B7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32B7000
|
| Size: |
45056
|
|
|
5CDF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1459603236.0000000005CDF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5CDF000
|
| Size: |
4096
|
|
|
3B29000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2537958260.0000000003B29000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B29000
|
| Size: |
4096
|
|
|
2C2D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C2D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C2D000
|
| Size: |
4096
|
|
|
30E6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.00000000030E6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30E6000
|
| Size: |
8192
|
|
|
651A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2541773472.000000000651A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
651A000
|
| Size: |
24576
|
|
|
2EBC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002EBC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EBC000
|
| Size: |
4096
|
|
|
30B2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000030B2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30B2000
|
| Size: |
4096
|
|
|
2D7C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D7C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D7C000
|
| Size: |
4096
|
|
|
3C12000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2537958260.0000000003C12000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C12000
|
| Size: |
8192
|
|
|
3E72000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2537958260.0000000003E72000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E72000
|
| Size: |
8192
|
|
|
320C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000320C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
320C000
|
| Size: |
4096
|
|
|
2F6E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002F6E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F6E000
|
| Size: |
57344
|
|
|
2D1C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D1C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D1C000
|
| Size: |
4096
|
|
|
3010000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000003010000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3010000
|
| Size: |
4096
|
|
|
2C10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C10000
|
| Size: |
4096
|
|
|
2FAA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002FAA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FAA000
|
| Size: |
4096
|
|
|
2F37000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F37000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F37000
|
| Size: |
4096
|
|
|
2F74000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F74000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F74000
|
| Size: |
4096
|
|
|
301E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.000000000301E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
301E000
|
| Size: |
4096
|
|
|
319F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000319F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
319F000
|
| Size: |
4096
|
|
|
D70000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1309896370.0000000000D70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D70000
|
| Size: |
12288
|
|
|
3087000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000003087000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3087000
|
| Size: |
4096
|
|
|
2B50000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1400947307.0000000002B50000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B50000
|
| Size: |
4096
|
|
|
3008000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003008000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3008000
|
| Size: |
4096
|
|
|
2EFF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002EFF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EFF000
|
| Size: |
12288
|
|
|
3240000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003240000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3240000
|
| Size: |
4096
|
|
|
6A10000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2543466731.0000000006A10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6A10000
|
| Size: |
8192
|
|
|
2E00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E00000
|
| Size: |
4096
|
|
|
2CC5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002CC5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2CC5000
|
| Size: |
172032
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
|
|
2F13000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002F13000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F13000
|
| Size: |
49152
|
|
|
31C4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1402259795.00000000031C4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31C4000
|
| Size: |
8192
|
|
|
2E86000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E86000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E86000
|
| Size: |
4096
|
|
|
2DAC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002DAC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DAC000
|
| Size: |
4096
|
|
|
52E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2540945724.00000000052E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
52E0000
|
| Size: |
61440
|
|
|
3024000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000003024000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
4096
|
|
|
2B79000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002B79000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B79000
|
| Size: |
40960
|
|
|
537C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1325908929.000000000537C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
537C000
|
| Size: |
16384
|
|
|
2C5B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C5B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C5B000
|
| Size: |
4096
|
|
|
300A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000300A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
300A000
|
| Size: |
16384
|
|
|
31FD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000031FD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31FD000
|
| Size: |
8192
|
|
|
2C18000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C18000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C18000
|
| Size: |
4096
|
|
|
2ED7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002ED7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2ED7000
|
| Size: |
4096
|
|
|
5290000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1458178205.0000000005290000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5290000
|
| Size: |
40960
|
|
|
123A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1400142756.000000000123A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
123A000
|
| Size: |
610304
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
31B4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1402259795.00000000031B4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31B4000
|
| Size: |
4096
|
|
|
2B76000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1401032484.0000000002B76000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B76000
|
| Size: |
16384
|
|
|
CF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1308259888.0000000000CF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
CF0000
|
| Size: |
12288
|
|
|
30AA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.00000000030AA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30AA000
|
| Size: |
4096
|
|
|
6670000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1330955956.0000000006670000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6670000
|
| Size: |
65536
|
|
|
3186000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003186000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3186000
|
| Size: |
4096
|
|
|
2B00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1400637552.0000000002B00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B00000
|
| Size: |
8192
|
|
|
2D49000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D49000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D49000
|
| Size: |
4096
|
|
|
30D7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000030D7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30D7000
|
| Size: |
139264
|
|
|
E3A000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1399403997.0000000000E3A000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E3A000
|
| Size: |
24576
|
|
|
2D11000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002D11000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D11000
|
| Size: |
86016
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
69D0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.2543265655.00000000069D0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
69D0000
|
| Size: |
53248
|
|
|
2E15000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E15000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E15000
|
| Size: |
4096
|
|
|
2B22000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002B22000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B22000
|
| Size: |
4096
|
|
|
3302000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003302000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3302000
|
| Size: |
4096
|
|
|
31DB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000031DB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31DB000
|
| Size: |
4096
|
|
|
2F62000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F62000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F62000
|
| Size: |
36864
|
|
|
2E53000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E53000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E53000
|
| Size: |
4096
|
|
|
2EDF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002EDF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EDF000
|
| Size: |
4096
|
|
|
318C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000318C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
318C000
|
| Size: |
8192
|
|
|
2D2A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D2A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D2A000
|
| Size: |
4096
|
|
|
3278000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003278000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3278000
|
| Size: |
4096
|
|
|
301A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.000000000301A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
301A000
|
| Size: |
4096
|
|
|
2F0D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F0D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F0D000
|
| Size: |
4096
|
|
|
2EBE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002EBE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EBE000
|
| Size: |
4096
|
|
|
5778000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1403841106.0000000005778000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5778000
|
| Size: |
4096
|
|
|
5CE0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1329717868.0000000005CE0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5CE0000
|
| Size: |
53248
|
|
|
11FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437094042.00000000011FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
11FE000
|
| Size: |
8192
|
|
|
3218000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003218000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3218000
|
| Size: |
4096
|
|
|
2BD5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002BD5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2BD5000
|
| Size: |
4096
|
|
|
32FE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000032FE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32FE000
|
| Size: |
4096
|
|
|
5C00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1459346411.0000000005C00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5C00000
|
| Size: |
12288
|
|
|
3DE4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2537958260.0000000003DE4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3DE4000
|
| Size: |
4096
|
|
|
31BE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1402259795.00000000031BE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31BE000
|
| Size: |
12288
|
|
|
2DFA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002DFA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DFA000
|
| Size: |
4096
|
|
|
3287000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003287000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3287000
|
| Size: |
20480
|
|
|
2EAA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002EAA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EAA000
|
| Size: |
4096
|
|
|
2E38000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E38000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E38000
|
| Size: |
4096
|
|
|
30D3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000030D3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30D3000
|
| Size: |
4096
|
|
|
2FB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002FB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FB0000
|
| Size: |
4096
|
|
|
2DB9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002DB9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DB9000
|
| Size: |
45056
|
|
|
553E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1325997307.000000000553E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
553E000
|
| Size: |
8192
|
|
|
2E8F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002E8F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E8F000
|
| Size: |
4096
|
|
|
3212000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003212000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3212000
|
| Size: |
4096
|
|
|
307A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000307A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
307A000
|
| Size: |
4096
|
|
|
2D78000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D78000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D78000
|
| Size: |
4096
|
|
|
6C8ABFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1418554787.0000006C8ABFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6C8ABFE000
|
| Size: |
8192
|
|
|
30B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000030B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30B0000
|
| Size: |
4096
|
|
|
2F2C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002F2C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F2C000
|
| Size: |
4096
|
|
|
30C7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000030C7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30C7000
|
| Size: |
12288
|
|
|
2FE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1401851842.0000000002FE0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2FE0000
|
| Size: |
20480
|
|
|
2D83000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002D83000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D83000
|
| Size: |
4096
|
|
|
2B66000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002B66000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B66000
|
| Size: |
4096
|
|
|
2B16000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1400770052.0000000002B16000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
2B16000
|
| Size: |
8192
|
|
|
5D10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1459938473.0000000005D10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5D10000
|
| Size: |
57344
|
|
|
5C30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1328851166.0000000005C30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5C30000
|
| Size: |
61440
|
|
|
306D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.000000000306D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
306D000
|
| Size: |
4096
|
|
|
11D8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1399654904.00000000011D8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11D8000
|
| Size: |
118784
|
|
|
3041000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000003041000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3041000
|
| Size: |
8192
|
|
|
5AE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1327410038.0000000005AE0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5AE0000
|
| Size: |
4096
|
|
|
2A10000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534060912.0000000002A10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A10000
|
| Size: |
4096
|
|
|
3F8D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1455898192.0000000003F8D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3F8D000
|
| Size: |
4096
|
|
|
3117000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003117000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3117000
|
| Size: |
4096
|
|
|
2B3B000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1400925952.0000000002B3B000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
2B3B000
|
| Size: |
4096
|
|
|
C80000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1305863519.0000000000C80000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C80000
|
| Size: |
16384
|
|
|
325D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000325D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
325D000
|
| Size: |
4096
|
|
|
2FD2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002FD2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FD2000
|
| Size: |
53248
|
|
|
3065000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000003065000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3065000
|
| Size: |
12288
|
|
|
3233000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003233000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3233000
|
| Size: |
4096
|
|
|
3336000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003336000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3336000
|
| Size: |
4096
|
|
|
2B1E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002B1E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B1E000
|
| Size: |
4096
|
|
|
1D4FBD20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1418740619.000001D4FBD20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1D4FBD20000
|
| Size: |
4096
|
|
|
2FFD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002FFD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FFD000
|
| Size: |
49152
|
|
|
2F9A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F9A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F9A000
|
| Size: |
12288
|
|
|
3BAD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2537958260.0000000003BAD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BAD000
|
| Size: |
4096
|
|
|
40D1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1455898192.00000000040D1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
40D1000
|
| Size: |
4096
|
|
|
2F5C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F5C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F5C000
|
| Size: |
4096
|
|
|
2CB9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002CB9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2CB9000
|
| Size: |
45056
|
|
|
2D76000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D76000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D76000
|
| Size: |
4096
|
|
|
435000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1398744455.0000000000435000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
435000
|
| Size: |
8192
|
|
|
2BBD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002BBD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2BBD000
|
| Size: |
4096
|
|
|
2F05000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F05000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F05000
|
| Size: |
4096
|
|
|
2EDD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002EDD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EDD000
|
| Size: |
4096
|
|
|
2EB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002EB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EB0000
|
| Size: |
4096
|
|
|
5CD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1459603236.0000000005CD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5CD0000
|
| Size: |
40960
|
|
|
E8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1434479554.0000000000E8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E8E000
|
| Size: |
8192
|
|
|
3216000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003216000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3216000
|
| Size: |
4096
|
|
|
612000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1285556367.0000000000612000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
612000
|
| Size: |
1183744
|
|
|
59C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1327035427.00000000059C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
59C0000
|
| Size: |
49152
|
|
|
52A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1458238129.00000000052A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
52A0000
|
| Size: |
28672
|
|
|
4F80000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2539503118.0000000004F80000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4F80000
|
| Size: |
8192
|
|
|
2DB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002DB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DB0000
|
| Size: |
4096
|
|
|
3038000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003038000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3038000
|
| Size: |
4096
|
|
|
2E05000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E05000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E05000
|
| Size: |
28672
|
|
|
C99000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2531540943.0000000000C99000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C99000
|
| Size: |
4096
|
|
|
2E62000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E62000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E62000
|
| Size: |
4096
|
|
|
3C3A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1323855666.0000000003C3A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C3A000
|
| Size: |
16384
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
|
|
6C8B1FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1418634522.0000006C8B1FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6C8B1FE000
|
| Size: |
8192
|
|
|
2ED3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002ED3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2ED3000
|
| Size: |
4096
|
|
|
27FB000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.2533509732.00000000027FB000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
27FB000
|
| Size: |
4096
|
|
|
2DA8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002DA8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DA8000
|
| Size: |
12288
|
|
|
5B3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1458823015.0000000005B3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5B3E000
|
| Size: |
8192
|
|
|
2ED1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002ED1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2ED1000
|
| Size: |
4096
|
|
|
D60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1309872506.0000000000D60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
D60000
|
| Size: |
65536
|
|
|
2E7C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002E7C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E7C000
|
| Size: |
8192
|
|
|
2F0F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002F0F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F0F000
|
| Size: |
4096
|
|
|
3341000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003341000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3341000
|
| Size: |
28672
|
|
|
1D4FBF40000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1418914501.000001D4FBF40000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1D4FBF40000
|
| Size: |
16384
|
|
|
3033000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000003033000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3033000
|
| Size: |
4096
|
|
|
2DC5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002DC5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DC5000
|
| Size: |
16384
|
|
|
31D9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000031D9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31D9000
|
| Size: |
4096
|
|
|
F7F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310271814.0000000000F7F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F7F000
|
| Size: |
4096
|
|
|
2F70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F70000
|
| Size: |
4096
|
|
|
2F8D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F8D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F8D000
|
| Size: |
4096
|
|
|
2D4F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D4F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D4F000
|
| Size: |
4096
|
|
|
328D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000328D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
328D000
|
| Size: |
4096
|
|
|
32C9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000032C9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32C9000
|
| Size: |
4096
|
|
|
2E8D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002E8D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E8D000
|
| Size: |
4096
|
|
|
2F93000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F93000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F93000
|
| Size: |
12288
|
|
|
2C83000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C83000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C83000
|
| Size: |
12288
|
|
|
2FF1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002FF1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FF1000
|
| Size: |
12288
|
|
|
2C39000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C39000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C39000
|
| Size: |
126976
|
|
|
3F0F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2537958260.0000000003F0F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3F0F000
|
| Size: |
16384
|
|
|
308D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.000000000308D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
308D000
|
| Size: |
4096
|
|
|
2B03000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1400661804.0000000002B03000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B03000
|
| Size: |
28672
|
|
|
2F0B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F0B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F0B000
|
| Size: |
4096
|
|
|
2F4C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F4C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F4C000
|
| Size: |
36864
|
|
|
312C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000312C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
312C000
|
| Size: |
20480
|
|
|
53FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1458357562.00000000053FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
53FE000
|
| Size: |
8192
|
|
|
27E6000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.2533360051.00000000027E6000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
27E6000
|
| Size: |
8192
|
|
|
2B45000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002B45000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B45000
|
| Size: |
12288
|
|
|
2D0F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D0F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D0F000
|
| Size: |
4096
|
|
|
3102000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003102000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3102000
|
| Size: |
4096
|
|
|
2960000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2533789817.0000000002960000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2960000
|
| Size: |
65536
|
|
|
1217000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1437274474.0000000001217000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
1217000
|
| Size: |
4096
|
|
|
2D36000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D36000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D36000
|
| Size: |
40960
|
|
|
3267000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003267000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3267000
|
| Size: |
4096
|
|
|
30B8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000030B8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30B8000
|
| Size: |
4096
|
|
|
322F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000322F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
322F000
|
| Size: |
4096
|
|
|
3013000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003013000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
12288
|
|
|
27C3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2533174338.00000000027C3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
27C3000
|
| Size: |
8192
|
|
|
5DA0000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1330207502.0000000005DA0000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
5DA0000
|
| Size: |
286720
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
| URLs found in memory or binary data |
Networking |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
5986000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1326785502.0000000005986000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5986000
|
| Size: |
40960
|
|
|
3210000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003210000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3210000
|
| Size: |
4096
|
|
|
301D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000301D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
301D000
|
| Size: |
4096
|
|
|
2BE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002BE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2BE0000
|
| Size: |
4096
|
|
|
2B7B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1401032484.0000000002B7B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B7B000
|
| Size: |
16384
|
|
|
1210000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1399654904.0000000001210000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1210000
|
| Size: |
12288
|
|
|
2D11000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D11000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D11000
|
| Size: |
4096
|
|
|
2DFE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002DFE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DFE000
|
| Size: |
4096
|
|
|
2EAD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002EAD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EAD000
|
| Size: |
4096
|
|
|
2B26000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002B26000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B26000
|
| Size: |
4096
|
|
|
5A10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1327194085.0000000005A10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5A10000
|
| Size: |
65536
|
|
|
31BA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000031BA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31BA000
|
| Size: |
4096
|
|
|
2FE3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002FE3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FE3000
|
| Size: |
4096
|
|
|
2EAE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002EAE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EAE000
|
| Size: |
4096
|
|
|
3B9D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2537958260.0000000003B9D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B9D000
|
| Size: |
8192
|
|
|
6580000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2542350306.0000000006580000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6580000
|
| Size: |
65536
|
|
|
2D29000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002D29000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D29000
|
| Size: |
237568
|
|
|
3200000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1402645699.0000000003200000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3200000
|
| Size: |
49152
|
|
|
3E8E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2537958260.0000000003E8E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E8E000
|
| Size: |
16384
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
32CB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000032CB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32CB000
|
| Size: |
4096
|
|
|
2E93000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002E93000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E93000
|
| Size: |
4096
|
|
|
D8E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1309912260.0000000000D8E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D8E000
|
| Size: |
106496
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
|
|
27DD000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.2533283827.00000000027DD000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
27DD000
|
| Size: |
4096
|
|
|
324A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000324A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
324A000
|
| Size: |
4096
|
|
|
2C04000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C04000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C04000
|
| Size: |
45056
|
|
|
2D99000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D99000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D99000
|
| Size: |
4096
|
|
|
2BA4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002BA4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2BA4000
|
| Size: |
4096
|
|
|
56CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2541088881.00000000056CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
56CE000
|
| Size: |
8192
|
|
|
2FBC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1401806739.0000000002FBC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2FBC000
|
| Size: |
16384
|
|
|
2B85000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002B85000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B85000
|
| Size: |
4096
|
|
|
5CCF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1459449362.0000000005CCF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5CCF000
|
| Size: |
4096
|
|
|
2C1C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C1C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C1C000
|
| Size: |
57344
|
|
|
3032000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003032000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3032000
|
| Size: |
4096
|
|
|
2FE3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002FE3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FE3000
|
| Size: |
53248
|
|
|
2B30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1400859297.0000000002B30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B30000
|
| Size: |
4096
|
|
|
313C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000313C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
313C000
|
| Size: |
4096
|
|
|
2EC2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002EC2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EC2000
|
| Size: |
4096
|
|
|
2F11000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F11000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F11000
|
| Size: |
4096
|
|
|
2FE5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002FE5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FE5000
|
| Size: |
4096
|
|
|
2C7B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002C7B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C7B000
|
| Size: |
8192
|
|
|
2FC7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002FC7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FC7000
|
| Size: |
4096
|
|
|
5BEF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1327920424.0000000005BEF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5BEF000
|
| Size: |
4096
|
|
|
2EB2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002EB2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EB2000
|
| Size: |
36864
|
|
|
3012000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000003012000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3012000
|
| Size: |
4096
|
|
|
D1A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1309774664.0000000000D1A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
D1A000
|
| Size: |
4096
|
|
|
32D6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1402738388.00000000032D6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32D6000
|
| Size: |
8192
|
|
|
51EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2540642481.00000000051EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
51EE000
|
| Size: |
8192
|
|
|
5CC6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1459449362.0000000005CC6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5CC6000
|
| Size: |
32768
|
|
|
27F2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2533439731.00000000027F2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
27F2000
|
| Size: |
4096
|
|
|
2EA4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002EA4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EA4000
|
| Size: |
4096
|
|
|
3297000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003297000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3297000
|
| Size: |
4096
|
|
|
D70000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1434420802.0000000000D70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D70000
|
| Size: |
16384
|
|
|
DA9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1309912260.0000000000DA9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DA9000
|
| Size: |
49152
|
|
|
3018000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000003018000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3018000
|
| Size: |
4096
|
|
|
2ED7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002ED7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2ED7000
|
| Size: |
4096
|
|
|
50BE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2540137719.00000000050BE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
50BE000
|
| Size: |
4096
|
|
|
2FB7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002FB7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FB7000
|
| Size: |
4096
|
|
|
2DE2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002DE2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DE2000
|
| Size: |
94208
|
|
|
3035000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000003035000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3035000
|
| Size: |
4096
|
|
|
3119000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003119000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3119000
|
| Size: |
4096
|
|
|
59F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1458726098.00000000059F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
59F0000
|
| Size: |
36864
|
|
|
2BF3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002BF3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2BF3000
|
| Size: |
12288
|
|
|
3EBD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1455898192.0000000003EBD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3EBD000
|
| Size: |
159744
|
|
|
50BA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2540137719.00000000050BA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
50BA000
|
| Size: |
4096
|
|
|
2B70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002B70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B70000
|
| Size: |
4096
|
|
|
2A04000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2533974295.0000000002A04000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2A04000
|
| Size: |
49152
|
|
|
1120000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310398002.0000000001120000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1120000
|
| Size: |
16384
|
|
|
1290000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437429526.0000000001290000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1290000
|
| Size: |
65536
|
|
|
306F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.000000000306F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
306F000
|
| Size: |
4096
|
|
|
2C7F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002C7F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C7F000
|
| Size: |
49152
|
|
|
2B9A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002B9A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B9A000
|
| Size: |
4096
|
|
|
7CC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1305728899.00000000007CC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7CC000
|
| Size: |
16384
|
|
|
2EA7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002EA7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EA7000
|
| Size: |
12288
|
|
|
2B2B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002B2B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B2B000
|
| Size: |
102400
|
|
|
303F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000303F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
303F000
|
| Size: |
221184
|
|
|
2E80000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E80000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E80000
|
| Size: |
20480
|
|
|
2C7A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C7A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C7A000
|
| Size: |
4096
|
|
|
1D4FD820000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1418958613.000001D4FD820000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1D4FD820000
|
| Size: |
4096
|
|
|
670E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1404916440.000000000670E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
670E000
|
| Size: |
8192
|
|
|
1D4FBDB3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1418760138.000001D4FBDB3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1D4FBDB3000
|
| Size: |
327680
|
|
|
5BF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1328114676.0000000005BF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5BF0000
|
| Size: |
65536
|
|
|
C60000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2531540943.0000000000C60000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C60000
|
| Size: |
28672
|
|
|
107F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310288475.000000000107F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
107F000
|
| Size: |
4096
|
|
|
513E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1325822395.000000000513E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
513E000
|
| Size: |
8192
|
|
|
6514000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2541773472.0000000006514000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6514000
|
| Size: |
4096
|
|
|
3056000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000003056000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3056000
|
| Size: |
4096
|
|
|
DF5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1309912260.0000000000DF5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DF5000
|
| Size: |
4096
|
|
|
3099000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003099000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3099000
|
| Size: |
4096
|
|
|
2ED9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002ED9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2ED9000
|
| Size: |
4096
|
|
|
59A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1326886390.00000000059A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
59A0000
|
| Size: |
65536
|
|
|
1280000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1437369909.0000000001280000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
1280000
|
| Size: |
65536
|
|
|
676C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1460857430.000000000676C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
676C000
|
| Size: |
8192
|
|
|
30CB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000030CB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30CB000
|
| Size: |
4096
|
|
|
337F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000337F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
337F000
|
| Size: |
4096
|
|
|
2F7C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F7C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F7C000
|
| Size: |
4096
|
|
|
5990000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1326852089.0000000005990000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5990000
|
| Size: |
36864
|
|
|
2E4D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E4D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E4D000
|
| Size: |
4096
|
|
|
11D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1399654904.00000000011D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11D0000
|
| Size: |
28672
|
|
|
305A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.000000000305A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
305A000
|
| Size: |
32768
|
|
|
563E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1326025235.000000000563E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
563E000
|
| Size: |
8192
|
|
|
3293000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003293000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3293000
|
| Size: |
4096
|
|
|
584E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1458557923.000000000584E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
584E000
|
| Size: |
8192
|
|
|
2D20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437758617.0000000002D20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D20000
|
| Size: |
65536
|
|
|
2EDB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002EDB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EDB000
|
| Size: |
4096
|
|
|
3E25000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2537958260.0000000003E25000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E25000
|
| Size: |
8192
|
|
|
30C9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.00000000030C9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30C9000
|
| Size: |
4096
|
|
|
30D8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.00000000030D8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30D8000
|
| Size: |
4096
|
|
|
6570000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.2542318860.0000000006570000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6570000
|
| Size: |
8192
|
|
|
3039000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000003039000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3039000
|
| Size: |
12288
|
|
|
2FFE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002FFE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FFE000
|
| Size: |
4096
|
|
|
2EC4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002EC4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EC4000
|
| Size: |
4096
|
|
|
31F4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1402584246.00000000031F4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31F4000
|
| Size: |
49152
|
|
|
4F96000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2539503118.0000000004F96000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4F96000
|
| Size: |
4096
|
|
|
27E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2533310942.00000000027E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
27E0000
|
| Size: |
4096
|
|
|
2BE6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002BE6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2BE6000
|
| Size: |
4096
|
|
|
5760000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1403804324.0000000005760000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
5760000
|
| Size: |
20480
|
|
|
293C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2533638028.000000000293C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
293C000
|
| Size: |
16384
|
|
|
3E83000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2537958260.0000000003E83000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E83000
|
| Size: |
8192
|
|
|
2F91000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F91000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F91000
|
| Size: |
4096
|
|
|
10D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1436541905.00000000010D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
10D0000
|
| Size: |
12288
|
|
|
2FCB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002FCB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FCB000
|
| Size: |
4096
|
|
|
2B8B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002B8B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B8B000
|
| Size: |
57344
|
|
|
3257000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003257000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3257000
|
| Size: |
4096
|
|
|
30FC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000030FC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30FC000
|
| Size: |
4096
|
|
|
3B57000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2537958260.0000000003B57000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B57000
|
| Size: |
12288
|
|
|
2F43000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F43000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F43000
|
| Size: |
4096
|
|
|
2EDB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002EDB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EDB000
|
| Size: |
4096
|
|
|
322D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000322D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
322D000
|
| Size: |
4096
|
|
|
5A3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1458785194.0000000005A3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5A3E000
|
| Size: |
8192
|
|
|
1230000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437321432.0000000001230000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1230000
|
| Size: |
4096
|
|
|
3073000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000003073000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3073000
|
| Size: |
4096
|
|
|
2EEC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002EEC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EEC000
|
| Size: |
4096
|
|
|
593D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1404478880.000000000593D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
593D000
|
| Size: |
12288
|
|
|
3020000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000003020000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3020000
|
| Size: |
4096
|
|
|
66D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2543153621.00000000066D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
66D0000
|
| Size: |
40960
|
|
|
31D3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000031D3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31D3000
|
| Size: |
4096
|
|
|
3304000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003304000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3304000
|
| Size: |
4096
|
|
|
30B4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000030B4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30B4000
|
| Size: |
4096
|
|
|
319D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000319D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
319D000
|
| Size: |
4096
|
|
|
2EF9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002EF9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EF9000
|
| Size: |
20480
|
|
|
5C20000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1328653886.0000000005C20000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5C20000
|
| Size: |
65536
|
|
|
2E02000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E02000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E02000
|
| Size: |
4096
|
|
|
2D7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1401407770.0000000002D7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2D7E000
|
| Size: |
8192
|
|
|
3136000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003136000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3136000
|
| Size: |
4096
|
|
|
2E57000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002E57000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E57000
|
| Size: |
4096
|
|
|
620F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2541558021.000000000620F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
620F000
|
| Size: |
4096
|
|
|
6720000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1404944947.0000000006720000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6720000
|
| Size: |
4096
|
|
|
2F1A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F1A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F1A000
|
| Size: |
36864
|
|
|
2F56000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F56000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F56000
|
| Size: |
4096
|
|
|
575E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1403779676.000000000575E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
575E000
|
| Size: |
8192
|
|
|
5DFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1404787375.0000000005DFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5DFE000
|
| Size: |
8192
|
|
|
9AC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1434155905.00000000009AC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9AC000
|
| Size: |
16384
|
|
|
2680000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2532856009.0000000002680000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2680000
|
| Size: |
8192
|
|
|
2EF7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002EF7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EF7000
|
| Size: |
4096
|
|
|
2C37000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C37000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C37000
|
| Size: |
4096
|
|
|
29F0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1310493812.00000000029F0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
29F0000
|
| Size: |
4096
|
|
|
2C7C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C7C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C7C000
|
| Size: |
4096
|
|
|
3349000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003349000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3349000
|
| Size: |
4096
|
|
|
2C9E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C9E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C9E000
|
| Size: |
45056
|
|
|
308F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.000000000308F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
308F000
|
| Size: |
4096
|
|
|
2F8E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002F8E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F8E000
|
| Size: |
36864
|
|
|
324E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000324E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
324E000
|
| Size: |
4096
|
|
|
2D34000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D34000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D34000
|
| Size: |
4096
|
|
|
2F31000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002F31000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F31000
|
| Size: |
20480
|
|
|
2E3D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E3D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E3D000
|
| Size: |
36864
|
|
|
2BCD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002BCD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2BCD000
|
| Size: |
4096
|
|
|
3210000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1402716843.0000000003210000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
3210000
|
| Size: |
4096
|
|
|
2D7E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D7E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D7E000
|
| Size: |
4096
|
|
|
5C50000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1329340671.0000000005C50000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
5C50000
|
| Size: |
483328
|
|
|
27C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2533174338.00000000027C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
27C0000
|
| Size: |
4096
|
|
|
317E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000317E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
317E000
|
| Size: |
4096
|
|
|
32FC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000032FC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32FC000
|
| Size: |
4096
|
|
|
5DD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1460288195.0000000005DD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5DD0000
|
| Size: |
16384
|
|
|
2F3B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F3B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F3B000
|
| Size: |
4096
|
|
|
5BF9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1459229682.0000000005BF9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5BF9000
|
| Size: |
28672
|
|
|
2F7D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002F7D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F7D000
|
| Size: |
4096
|
|
|
30B1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.00000000030B1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30B1000
|
| Size: |
20480
|
|
|
300A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.000000000300A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
300A000
|
| Size: |
4096
|
|
|
2F7F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002F7F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F7F000
|
| Size: |
4096
|
|
|
324C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000324C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
324C000
|
| Size: |
4096
|
|
|
29CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310431231.00000000029CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
29CF000
|
| Size: |
4096
|
|
|
31B4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000031B4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31B4000
|
| Size: |
4096
|
|
|
EAE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1434505258.0000000000EAE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EAE000
|
| Size: |
102400
|
|
|
5C10000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1328574657.0000000005C10000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5C10000
|
| Size: |
65536
|
|
|
2E5E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002E5E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E5E000
|
| Size: |
12288
|
|
|
2D7A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D7A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D7A000
|
| Size: |
4096
|
|
|
32A4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000032A4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32A4000
|
| Size: |
12288
|
|
|
3058000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000003058000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3058000
|
| Size: |
4096
|
|
|
3022000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000003022000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3022000
|
| Size: |
4096
|
|
|
313E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000313E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
313E000
|
| Size: |
4096
|
|
|
30A6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.00000000030A6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30A6000
|
| Size: |
4096
|
|
|
660E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1404886445.000000000660E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
660E000
|
| Size: |
8192
|
|
|
3B88000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2537958260.0000000003B88000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B88000
|
| Size: |
16384
|
|
|
2E47000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E47000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E47000
|
| Size: |
4096
|
|
|
30E9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.00000000030E9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30E9000
|
| Size: |
20480
|
|
|
31BC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000031BC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31BC000
|
| Size: |
4096
|
|
|
3313000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003313000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3313000
|
| Size: |
4096
|
|
|
2AE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1400514083.0000000002AE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2AE0000
|
| Size: |
8192
|
|
|
30DC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.00000000030DC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30DC000
|
| Size: |
4096
|
|
|
D10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1309703152.0000000000D10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
D10000
|
| Size: |
4096
|
|
|
D27000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1309808587.0000000000D27000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
D27000
|
| Size: |
4096
|
|
|
2CFA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002CFA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2CFA000
|
| Size: |
4096
|
|
|
2F58000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F58000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F58000
|
| Size: |
4096
|
|
|
2B12000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1400751754.0000000002B12000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B12000
|
| Size: |
4096
|
|
|
2BBE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1401132969.0000000002BBE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2BBE000
|
| Size: |
8192
|
|
|
2D7C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002D7C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D7C000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| SQL strings found in memory and binary data |
System Summary |
|
|
|
2CBB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002CBB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2CBB000
|
| Size: |
12288
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
2F2F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F2F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F2F000
|
| Size: |
28672
|
|
|
5040000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2539670031.0000000005040000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5040000
|
| Size: |
4096
|
|
|
6710000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1460719832.0000000006710000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6710000
|
| Size: |
131072
|
|
|
3D51000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1455898192.0000000003D51000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D51000
|
| Size: |
20480
|
|
|
2C99000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C99000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C99000
|
| Size: |
4096
|
|
|
1212000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437249958.0000000001212000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1212000
|
| Size: |
4096
|
|
|
314F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000314F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
314F000
|
| Size: |
4096
|
|
|
4EE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1325523215.0000000004EE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4EE0000
|
| Size: |
65536
|
|
|
2E1B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E1B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E1B000
|
| Size: |
4096
|
|
|
2F2E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002F2E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F2E000
|
| Size: |
8192
|
|
|
2BF9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002BF9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2BF9000
|
| Size: |
12288
|
|
|
2C99000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002C99000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C99000
|
| Size: |
77824
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
5030000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1325797209.0000000005030000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
5030000
|
| Size: |
4096
|
|
|
C8F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2531540943.0000000000C8F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C8F000
|
| Size: |
12288
|
|
|
2EF2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002EF2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EF2000
|
| Size: |
4096
|
|
|
2F28000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F28000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F28000
|
| Size: |
4096
|
|
|
2E0D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E0D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E0D000
|
| Size: |
20480
|
|
|
3317000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003317000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3317000
|
| Size: |
4096
|
|
|
2F47000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F47000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F47000
|
| Size: |
4096
|
|
|
C9B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2531540943.0000000000C9B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C9B000
|
| Size: |
208896
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
32DA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1402738388.00000000032DA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32DA000
|
| Size: |
102400
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
558D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1458430095.000000000558D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
558D000
|
| Size: |
12288
|
|
|
30BC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000030BC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30BC000
|
| Size: |
40960
|
|
|
2E8B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002E8B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E8B000
|
| Size: |
4096
|
|
|
337B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000337B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
337B000
|
| Size: |
4096
|
|
|
30CF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000030CF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30CF000
|
| Size: |
4096
|
|
|
3093000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000003093000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3093000
|
| Size: |
4096
|
|
|
3E7E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2537958260.0000000003E7E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E7E000
|
| Size: |
8192
|
|
|
66B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2542994726.00000000066B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
66B0000
|
| Size: |
45056
|
|
|
509E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2540109567.000000000509E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
509E000
|
| Size: |
8192
|
|
|
D5B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2531540943.0000000000D5B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D5B000
|
| Size: |
16384
|
|
|
2F6C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002F6C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F6C000
|
| Size: |
4096
|
|
|
10BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310307290.00000000010BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
10BE000
|
| Size: |
8192
|
|
|
2F98000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002F98000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F98000
|
| Size: |
4096
|
|
|
624E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2541586552.000000000624E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
624E000
|
| Size: |
8192
|
|
|
50CD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2540137719.00000000050CD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
50CD000
|
| Size: |
69632
|
|
|
3082000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003082000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3082000
|
| Size: |
4096
|
|
|
5D7F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1404737083.0000000005D7F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5D7F000
|
| Size: |
4096
|
|
|
2DB2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002DB2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DB2000
|
| Size: |
4096
|
|
|
2FBD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002FBD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FBD000
|
| Size: |
4096
|
|
|
2F64000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002F64000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F64000
|
| Size: |
4096
|
|
|
2D00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D00000
|
| Size: |
57344
|
|
|
285E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2533557053.000000000285E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
285E000
|
| Size: |
8192
|
|
|
2F76000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F76000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F76000
|
| Size: |
4096
|
|
|
2D45000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D45000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D45000
|
| Size: |
4096
|
|
|
2CF4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002CF4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2CF4000
|
| Size: |
4096
|
|
|
3075000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000003075000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3075000
|
| Size: |
69632
|
|
|
6A00000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2543363880.0000000006A00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6A00000
|
| Size: |
4096
|
|
|
2D2C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D2C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D2C000
|
| Size: |
4096
|
|
|
2F5C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002F5C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F5C000
|
| Size: |
20480
|
|
|
B3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2531248338.0000000000B3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B3E000
|
| Size: |
8192
|
|
|
3100000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003100000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3100000
|
| Size: |
4096
|
|
|
2B24000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1400813144.0000000002B24000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B24000
|
| Size: |
4096
|
|
|
2D9B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D9B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D9B000
|
| Size: |
4096
|
|
|
6530000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2541983151.0000000006530000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6530000
|
| Size: |
65536
|
|
|
2B60000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1400966247.0000000002B60000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
2B60000
|
| Size: |
61440
|
|
|
2AF4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1400602028.0000000002AF4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
2FB3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002FB3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FB3000
|
| Size: |
4096
|
|
|
3263000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003263000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3263000
|
| Size: |
4096
|
|
|
307C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000307C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
307C000
|
| Size: |
4096
|
|
|
31D5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000031D5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31D5000
|
| Size: |
4096
|
|
|
5790000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1403841106.0000000005790000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5790000
|
| Size: |
167936
|
|
|
2BDE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002BDE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2BDE000
|
| Size: |
4096
|
|
|
3037000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000003037000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3037000
|
| Size: |
4096
|
|
|
2F9A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002F9A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F9A000
|
| Size: |
4096
|
|
|
59E6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1458606649.00000000059E6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
59E6000
|
| Size: |
40960
|
|
|
6C8A71A000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1418507654.0000006C8A71A000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6C8A71A000
|
| Size: |
24576
|
|
|
2B64000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002B64000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B64000
|
| Size: |
4096
|
|
|
2F78000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F78000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F78000
|
| Size: |
4096
|
|
|
2FFB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002FFB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FFB000
|
| Size: |
4096
|
|
|
2DD2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002DD2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DD2000
|
| Size: |
229376
|
|
|
C10000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1305824305.0000000000C10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C10000
|
| Size: |
8192
|
|
|
31AC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000031AC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31AC000
|
| Size: |
12288
|
|
|
2BFD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002BFD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2BFD000
|
| Size: |
4096
|
|
|
5CC4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1459449362.0000000005CC4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5CC4000
|
| Size: |
4096
|
|
|
2E8E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E8E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E8E000
|
| Size: |
4096
|
|
|
2CC5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002CC5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2CC5000
|
| Size: |
12288
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
4221000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1403273749.0000000004221000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4221000
|
| Size: |
8192
|
|
|
2E59000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002E59000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E59000
|
| Size: |
4096
|
|
|
3128000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003128000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3128000
|
| Size: |
12288
|
|
|
2D91000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D91000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D91000
|
| Size: |
4096
|
|
|
5C00000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1328439150.0000000005C00000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5C00000
|
| Size: |
65536
|
|
|
2CB2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002CB2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2CB2000
|
| Size: |
4096
|
|
|
81E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405042721.00000000081E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
81E0000
|
| Size: |
4096
|
|
|
327A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000327A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
327A000
|
| Size: |
4096
|
|
|
27E2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2533336433.00000000027E2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
27E2000
|
| Size: |
4096
|
|
|
3F8A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1455898192.0000000003F8A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3F8A000
|
| Size: |
4096
|
|
|
2E56000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E56000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E56000
|
| Size: |
45056
|
|
|
66C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2543062356.00000000066C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
66C0000
|
| Size: |
8192
|
|
|
2F6A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002F6A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F6A000
|
| Size: |
4096
|
|
|
31F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1402584246.00000000031F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31F0000
|
| Size: |
4096
|
|
|
2D8C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002D8C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D8C000
|
| Size: |
12288
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| SQL strings found in memory and binary data |
System Summary |
|
|
|
2F66000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002F66000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F66000
|
| Size: |
4096
|
|
|
2F07000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002F07000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F07000
|
| Size: |
4096
|
|
|
5D00000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1459857467.0000000005D00000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5D00000
|
| Size: |
65536
|
|
|
31CE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1402259795.00000000031CE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31CE000
|
| Size: |
4096
|
|
|
3351000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003351000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3351000
|
| Size: |
98304
|
|
|
2C5F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C5F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C5F000
|
| Size: |
4096
|
|
|
3276000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003276000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3276000
|
| Size: |
4096
|
|
|
5A20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1327284749.0000000005A20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5A20000
|
| Size: |
12288
|
|
|
C85000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1305863519.0000000000C85000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C85000
|
| Size: |
12288
|
|
|
332E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000332E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
332E000
|
| Size: |
4096
|
|
|
318A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000318A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
318A000
|
| Size: |
4096
|
|
|
2FE7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002FE7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FE7000
|
| Size: |
4096
|
|
|
2F39000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F39000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F39000
|
| Size: |
4096
|
|
|
2B6A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002B6A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B6A000
|
| Size: |
4096
|
|
|
333B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000333B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
333B000
|
| Size: |
12288
|
|
|
32B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000032B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32B0000
|
| Size: |
4096
|
|
|
31D7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000031D7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31D7000
|
| Size: |
4096
|
|
|
6750000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1460857430.0000000006750000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6750000
|
| Size: |
61440
|
|
|
2F26000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F26000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F26000
|
| Size: |
4096
|
|
|
2EA1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002EA1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EA1000
|
| Size: |
4096
|
|
|
DB6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1309912260.0000000000DB6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DB6000
|
| Size: |
49152
|
|
|
2CB6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002CB6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2CB6000
|
| Size: |
12288
|
|
|
2CAA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002CAA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2CAA000
|
| Size: |
4096
|
|
|
2C68000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C68000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C68000
|
| Size: |
53248
|
|
|
677E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1460857430.000000000677E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
677E000
|
| Size: |
188416
|
|
|
300C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.000000000300C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
300C000
|
| Size: |
4096
|
|
|
2B6D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002B6D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B6D000
|
| Size: |
28672
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3125000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003125000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3125000
|
| Size: |
8192
|
|
|
50A6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2540137719.00000000050A6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
50A6000
|
| Size: |
8192
|
|
|
2B8C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437552978.0000000002B8C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2B8C000
|
| Size: |
16384
|
|
|
3076000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003076000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3076000
|
| Size: |
12288
|
|
|
27D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2533226791.00000000027D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
27D0000
|
| Size: |
8192
|
|
|
3040000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1401906052.0000000003040000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3040000
|
| Size: |
65536
|
|
|
2DB4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002DB4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DB4000
|
| Size: |
4096
|
|
|
2F9C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002F9C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F9C000
|
| Size: |
4096
|
|
|
65CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1404863324.00000000065CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
65CF000
|
| Size: |
4096
|
|
|
10E8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1436850849.00000000010E8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
10E8000
|
| Size: |
20480
|
|
|
63CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2541679530.00000000063CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
63CE000
|
| Size: |
8192
|
|
|
2F2A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002F2A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F2A000
|
| Size: |
4096
|
|
|
2F68000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002F68000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F68000
|
| Size: |
4096
|
|
|
3095000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003095000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3095000
|
| Size: |
4096
|
|
|
3071000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000003071000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3071000
|
| Size: |
4096
|
|
|
30A8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.00000000030A8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30A8000
|
| Size: |
4096
|
|
|
32C7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000032C7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32C7000
|
| Size: |
4096
|
|
|
2C1A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C1A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C1A000
|
| Size: |
4096
|
|
|
EE2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1434505258.0000000000EE2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EE2000
|
| Size: |
167936
|
|
|
2F2A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F2A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F2A000
|
| Size: |
4096
|
|
|
3024000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003024000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
53248
|
|
|
5BA6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1459071141.0000000005BA6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5BA6000
|
| Size: |
24576
|
|
|
5C40000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1329152737.0000000005C40000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5C40000
|
| Size: |
65536
|
|
|
30E2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.00000000030E2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30E2000
|
| Size: |
4096
|
|
|
FA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1399489255.0000000000FA0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FA0000
|
| Size: |
4096
|
|
|
2EF4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002EF4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EF4000
|
| Size: |
4096
|
|
|
3050000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1401976680.0000000003050000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3050000
|
| Size: |
16384
|
|
|
303D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.000000000303D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
303D000
|
| Size: |
4096
|
|
|
578E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2541222649.000000000578E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
578E000
|
| Size: |
8192
|
|
|
5CD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1329628618.0000000005CD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5CD0000
|
| Size: |
65536
|
|
|
C50000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2531496032.0000000000C50000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C50000
|
| Size: |
8192
|
|
|
3332000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003332000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3332000
|
| Size: |
4096
|
|
|
5C04000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1459346411.0000000005C04000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5C04000
|
| Size: |
49152
|
|
|
328F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000328F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
328F000
|
| Size: |
4096
|
|
|
64A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1330570526.00000000064A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
64A0000
|
| Size: |
221184
|
|
|
2C33000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C33000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C33000
|
| Size: |
4096
|
|
|
50E0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.2540592634.00000000050E0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
50E0000
|
| Size: |
20480
|
|
|
EAA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1434505258.0000000000EAA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EAA000
|
| Size: |
8192
|
|
|
10E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1436850849.00000000010E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
10E0000
|
| Size: |
28672
|
|
|
2B6C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002B6C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B6C000
|
| Size: |
12288
|
|
|
2D1E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D1E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D1E000
|
| Size: |
12288
|
|
|
AFC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1305768626.0000000000AFC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
AFC000
|
| Size: |
16384
|
|
|
3E41000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2537958260.0000000003E41000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E41000
|
| Size: |
4096
|
|
|
10F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437049136.00000000010F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10F0000
|
| Size: |
16384
|
|
|
2B32000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1400879924.0000000002B32000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B32000
|
| Size: |
4096
|
|
|
2ECF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002ECF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2ECF000
|
| Size: |
4096
|
|
|
2B73000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002B73000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B73000
|
| Size: |
12288
|
|
|
2BC5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002BC5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2BC5000
|
| Size: |
4096
|
|
|
5CF0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1459778190.0000000005CF0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5CF0000
|
| Size: |
65536
|
|
|
32AC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000032AC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32AC000
|
| Size: |
4096
|
|
|
5A24000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1327284749.0000000005A24000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5A24000
|
| Size: |
49152
|
|
|
2FBD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002FBD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FBD000
|
| Size: |
4096
|
|
|
2F09000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002F09000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F09000
|
| Size: |
4096
|
|
|
3C40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1323855666.0000000003C40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C40000
|
| Size: |
1302528
|
|
|
3002000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003002000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3002000
|
| Size: |
4096
|
|
|
2C9B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C9B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C9B000
|
| Size: |
4096
|
|
|
2BC8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437622877.0000000002BC8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2BC8000
|
| Size: |
8192
|
|
|
2FC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1401832404.0000000002FC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2FC0000
|
| Size: |
4096
|
|
|
A20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2531190957.0000000000A20000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A20000
|
| Size: |
4096
|
|
|
2650000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2532765875.0000000002650000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
2650000
|
| Size: |
4096
|
|
|
3283000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003283000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3283000
|
| Size: |
12288
|
|
|
3BD9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2537958260.0000000003BD9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BD9000
|
| Size: |
155648
|
|
|
5B00000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1327410038.0000000005B00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5B00000
|
| Size: |
466944
|
|
|
CCF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2531540943.0000000000CCF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
CCF000
|
| Size: |
225280
|
|
|
5910000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1326554893.0000000005910000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5910000
|
| Size: |
65536
|
|
|
3F90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1455898192.0000000003F90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3F90000
|
| Size: |
1191936
|
|
|
1D4FBD58000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1418760138.000001D4FBD58000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1D4FBD58000
|
| Size: |
180224
|
|
|
3021000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003021000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3021000
|
| Size: |
4096
|
|
|
2B4F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002B4F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B4F000
|
| Size: |
4096
|
|
|
50A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2540137719.00000000050A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
50A0000
|
| Size: |
20480
|
|
|
5980000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1326785502.0000000005980000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5980000
|
| Size: |
20480
|
|
|
3330000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003330000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3330000
|
| Size: |
4096
|
|
|
3DA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1455898192.0000000003DA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3DA0000
|
| Size: |
4096
|
|
|
618E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2541472542.000000000618E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
618E000
|
| Size: |
8192
|
|
|
30CD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000030CD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30CD000
|
| Size: |
4096
|
|
|
2CF8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002CF8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2CF8000
|
| Size: |
4096
|
|
|
30CB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.00000000030CB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30CB000
|
| Size: |
49152
|
|
|
2DD6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002DD6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DD6000
|
| Size: |
45056
|
|
|
2C78000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C78000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C78000
|
| Size: |
4096
|
|
|
ED5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1434505258.0000000000ED5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
ED5000
|
| Size: |
49152
|
|
|
6694000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2542816317.0000000006694000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6694000
|
| Size: |
36864
|
|
|
5CC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1459449362.0000000005CC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5CC0000
|
| Size: |
12288
|
|
|
574E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1458524948.000000000574E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
574E000
|
| Size: |
8192
|
|
|
2BB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437602376.0000000002BB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2BB0000
|
| Size: |
4096
|
|
|
309D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000309D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
309D000
|
| Size: |
12288
|
|
|
31E2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1402259795.00000000031E2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31E2000
|
| Size: |
8192
|
|
|
4F3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1325606577.0000000004F3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4F3E000
|
| Size: |
8192
|
|
|
3006000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003006000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3006000
|
| Size: |
4096
|
|
|
334B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000334B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
334B000
|
| Size: |
4096
|
|
|
CCE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1306367237.0000000000CCE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
CCE000
|
| Size: |
8192
|
|
|
2BDC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002BDC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2BDC000
|
| Size: |
4096
|
|
|
315C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1402008528.000000000315C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
315C000
|
| Size: |
16384
|
|
|
3080000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003080000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3080000
|
| Size: |
4096
|
|
|
2EC8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002EC8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EC8000
|
| Size: |
32768
|
|
|
26A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2532929660.00000000026A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
26A0000
|
| Size: |
12288
|
|
|
32C3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000032C3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32C3000
|
| Size: |
4096
|
|
|
3F69000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1455898192.0000000003F69000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3F69000
|
| Size: |
8192
|
|
|
734000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1285698831.0000000000734000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
734000
|
| Size: |
4096
|
|
|
322B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000322B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
322B000
|
| Size: |
4096
|
|
|
2F14000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F14000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F14000
|
| Size: |
20480
|
|
|
320E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000320E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
320E000
|
| Size: |
4096
|
|
|
331F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000331F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
331F000
|
| Size: |
24576
|
|
|
3BB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1323855666.0000000003BB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BB0000
|
| Size: |
540672
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
| URLs found in memory or binary data |
Networking |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
610000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1285453554.0000000000610000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
610000
|
| Size: |
4096
|
|
|
2E7A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002E7A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E7A000
|
| Size: |
4096
|
|
|
5940000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1404551108.0000000005940000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5940000
|
| Size: |
28672
|
|
|
26B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2533056609.00000000026B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
26B0000
|
| Size: |
12288
|
|
|
2F8F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F8F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F8F000
|
| Size: |
4096
|
|
|
1D4FBD85000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1418760138.000001D4FBD85000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1D4FBD85000
|
| Size: |
176128
|
|
|
2CAE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002CAE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2CAE000
|
| Size: |
4096
|
|
|
32B4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000032B4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32B4000
|
| Size: |
4096
|
|
|
5788000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1403841106.0000000005788000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5788000
|
| Size: |
12288
|
|
|
2CAC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002CAC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2CAC000
|
| Size: |
4096
|
|
|
6550000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.2542145877.0000000006550000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6550000
|
| Size: |
65536
|
|
|
2B93000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002B93000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B93000
|
| Size: |
4096
|
|
|
2D78000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002D78000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D78000
|
| Size: |
4096
|
|
|
2F24000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F24000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F24000
|
| Size: |
4096
|
|
|
5BF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1459229682.0000000005BF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5BF0000
|
| Size: |
4096
|
|
|
2F37000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002F37000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F37000
|
| Size: |
12288
|
|
|
40F5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1455898192.00000000040F5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
40F5000
|
| Size: |
4096
|
|
|
2E55000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002E55000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E55000
|
| Size: |
4096
|
|
|
2E92000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E92000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E92000
|
| Size: |
57344
|
|
|
2F0F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F0F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F0F000
|
| Size: |
4096
|
|
|
6C8B2FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1418654783.0000006C8B2FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6C8B2FF000
|
| Size: |
4096
|
|
|
2A00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2533974295.0000000002A00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2A00000
|
| Size: |
4096
|
|
|
27F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2533415145.00000000027F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
27F0000
|
| Size: |
4096
|
|
|
640E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2541711329.000000000640E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
640E000
|
| Size: |
8192
|
|
|
2950000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.2533761275.0000000002950000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
2950000
|
| Size: |
4096
|
|
|
2E19000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E19000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E19000
|
| Size: |
4096
|
|
|
CFB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1434195476.0000000000CFB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
CFB000
|
| Size: |
20480
|
|
|
3014000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000003014000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3014000
|
| Size: |
12288
|
|
|
E20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1309912260.0000000000E20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E20000
|
| Size: |
389120
|
|
|
27EA000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.2533388462.00000000027EA000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
27EA000
|
| Size: |
8192
|
|
|
120A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1437200418.000000000120A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
120A000
|
| Size: |
4096
|
|
|
334D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000334D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
334D000
|
| Size: |
4096
|
|
|
422000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.2530909773.0000000000422000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
422000
|
| Size: |
8192
|
|
|
652D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2541880739.000000000652D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
652D000
|
| Size: |
12288
|
|
|
2E72000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002E72000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E72000
|
| Size: |
4096
|
|
|
303E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1401882481.000000000303E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
303E000
|
| Size: |
8192
|
|
|
30C3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.00000000030C3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30C3000
|
| Size: |
4096
|
|
|
2EF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002EF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EF0000
|
| Size: |
4096
|
|
|
2758000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2533087257.0000000002758000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2758000
|
| Size: |
4096
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
311D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000311D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
311D000
|
| Size: |
4096
|
|
|
30BA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000030BA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30BA000
|
| Size: |
4096
|
|
|
2D15000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002D15000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D15000
|
| Size: |
4096
|
|
|
3054000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000003054000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3054000
|
| Size: |
4096
|
|
|
5DC0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1460222397.0000000005DC0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5DC0000
|
| Size: |
49152
|
|
|
2B81000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002B81000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B81000
|
| Size: |
4096
|
|
|
3BB5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2537958260.0000000003BB5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BB5000
|
| Size: |
20480
|
|
|
31B8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000031B8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31B8000
|
| Size: |
4096
|
|
|
4F6E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2539503118.0000000004F6E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4F6E000
|
| Size: |
4096
|
|
|
2CFE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002CFE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2CFE000
|
| Size: |
4096
|
|
|
2B97000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002B97000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B97000
|
| Size: |
28672
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
2F41000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F41000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F41000
|
| Size: |
4096
|
|
|
533E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1325886743.000000000533E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
533E000
|
| Size: |
8192
|
|
|
2DFC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002DFC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DFC000
|
| Size: |
4096
|
|
|
1D4FBD00000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1418719746.000001D4FBD00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1D4FBD00000
|
| Size: |
8192
|
|
|
DEF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1309912260.0000000000DEF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DEF000
|
| Size: |
4096
|
|
|
2D30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437818198.0000000002D30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D30000
|
| Size: |
65536
|
|
|
323E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000323E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
323E000
|
| Size: |
4096
|
|
|
2E78000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002E78000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E78000
|
| Size: |
4096
|
|
|
30A1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000030A1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30A1000
|
| Size: |
4096
|
|
|
2FA2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002FA2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FA2000
|
| Size: |
4096
|
|
|
2B87000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002B87000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B87000
|
| Size: |
4096
|
|
|
D6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1434393543.0000000000D6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
D6E000
|
| Size: |
8192
|
|
|
D08000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2531540943.0000000000D08000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D08000
|
| Size: |
335872
|
|
|
30C1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.00000000030C1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30C1000
|
| Size: |
4096
|
|
|
3DF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1455898192.0000000003DF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3DF0000
|
| Size: |
4096
|
|
|
5774000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1403841106.0000000005774000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5774000
|
| Size: |
4096
|
|
|
678E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1404986711.000000000678E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
678E000
|
| Size: |
8192
|
|
|
2C28000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002C28000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C28000
|
| Size: |
4096
|
|
|
2C95000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C95000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C95000
|
| Size: |
4096
|
|
|
2DCF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002DCF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DCF000
|
| Size: |
4096
|
|
|
31BC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1402259795.00000000031BC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31BC000
|
| Size: |
4096
|
|
|
2FA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002FA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FA0000
|
| Size: |
4096
|
|
|
2C70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437646906.0000000002C70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C70000
|
| Size: |
65536
|
|
|
3063000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000003063000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3063000
|
| Size: |
4096
|
|
|
27F5000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.2533463232.00000000027F5000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
27F5000
|
| Size: |
4096
|
|
|
30E4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.00000000030E4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30E4000
|
| Size: |
4096
|
|
|
6540000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.2542061136.0000000006540000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6540000
|
| Size: |
65536
|
|
|
5DB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1460096465.0000000005DB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5DB0000
|
| Size: |
4096
|
|
|
2B9E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002B9E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B9E000
|
| Size: |
4096
|
|
|
314D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000314D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
314D000
|
| Size: |
4096
|
|
|
10D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310346233.00000000010D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10D0000
|
| Size: |
4096
|
|
|
2EA6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002EA6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EA6000
|
| Size: |
4096
|
|
|
2F0B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002F0B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F0B000
|
| Size: |
4096
|
|
|
2E97000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002E97000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E97000
|
| Size: |
49152
|
|
|
6666000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2542782238.0000000006666000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6666000
|
| Size: |
4096
|
|
|
2FEB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002FEB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FEB000
|
| Size: |
4096
|
|
|
2E27000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002E27000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E27000
|
| Size: |
12288
|
|
|
31E5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1402259795.00000000031E5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31E5000
|
| Size: |
36864
|
|
|
2C8B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002C8B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C8B000
|
| Size: |
20480
|
|
|
2C8C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002C8C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C8C000
|
| Size: |
4096
|
|
|
30DE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.00000000030DE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30DE000
|
| Size: |
4096
|
|
|
3036000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003036000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3036000
|
| Size: |
4096
|
|
|
2F5E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002F5E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F5E000
|
| Size: |
4096
|
|
|
2ED5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002ED5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2ED5000
|
| Size: |
4096
|
|
|
2E4F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E4F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E4F000
|
| Size: |
4096
|
|
|
2DBF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002DBF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DBF000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| SQL strings found in memory and binary data |
System Summary |
|
|
|
32D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000032D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32D0000
|
| Size: |
45056
|
|
|
2DCB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002DCB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DCB000
|
| Size: |
4096
|
|
|
2E1D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002E1D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E1D000
|
| Size: |
4096
|
|
|
3326000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000003326000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3326000
|
| Size: |
4096
|
|
|
30A8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.00000000030A8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30A8000
|
| Size: |
28672
|
|
|
2F3B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.0000000002F3B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F3B000
|
| Size: |
131072
|
|
|
301F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1437905285.000000000301F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
301F000
|
| Size: |
4096
|
|
|
2DAE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1310523229.0000000002DAE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DAE000
|
| Size: |
4096
|
|
|
2CBF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.2534111938.0000000002CBF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2CBF000
|
| Size: |
4096
|
|
