|
3BD8000
|
trusted library allocation
|
page read and write
|
 |
|
|
| Name: |
00000000.00000002.1191013370.0000000003BD8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BD8000
|
| Size: |
98304
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Njrat |
AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality |
|
| May infect USB drives |
Spreading |
Replication Through Removable Media
|
| Yara signature match |
System Summary |
|
|
|
4D2000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1166139859.00000000004D2000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
4D2000
|
| Size: |
94208
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Njrat |
AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality |
|
| May infect USB drives |
Spreading |
Replication Through Removable Media
|
| Yara signature match |
System Summary |
|
|
|
33D1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635663932.00000000033D1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
33D1000
|
| Size: |
401408
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Njrat |
AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality |
|
| May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
|
|
D57000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215719269.0000000000D57000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D57000
|
| Size: |
24576
|
|
|
D58000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1214482671.0000000000D58000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D58000
|
| Size: |
294912
|
|
|
D4E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1217343204.0000000000D4E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D4E000
|
| Size: |
36864
|
|
|
485D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635729482.000000000485D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
485D000
|
| Size: |
147456
|
|
|
3036000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217817996.0000000003036000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3036000
|
| Size: |
36864
|
|
|
4DD8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1260675737.0000000004DD8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DD8000
|
| Size: |
20480
|
|
|
4E00000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297890217.0000000004E00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4E00000
|
| Size: |
20480
|
|
|
15A2000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3634973747.00000000015A2000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
15A2000
|
| Size: |
4096
|
|
|
4DD9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1282345468.0000000004DD9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DD9000
|
| Size: |
16384
|
|
|
D8F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215328781.0000000000D8F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D8F000
|
| Size: |
24576
|
|
|
817000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1257395970.0000000000817000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
817000
|
| Size: |
8192
|
|
|
D46000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1217123548.0000000000D46000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D46000
|
| Size: |
69632
|
|
|
8DD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1276964115.00000000008DD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8DD000
|
| Size: |
204800
|
|
|
4A78000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635729482.0000000004A78000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4A78000
|
| Size: |
147456
|
|
|
94DC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3642453743.00000000094DC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
94DC000
|
| Size: |
16384
|
|
|
740000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1293085226.0000000000740000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
740000
|
| Size: |
81920
|
|
|
D96000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1217070626.0000000000D96000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D96000
|
| Size: |
12288
|
|
|
DFA000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1190624359.0000000000DFA000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
DFA000
|
| Size: |
4096
|
|
|
86A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1277377278.000000000086A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
86A000
|
| Size: |
81920
|
|
|
A08E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3643585868.000000000A08E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A08E000
|
| Size: |
8192
|
|
|
468A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635729482.000000000468A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
468A000
|
| Size: |
147456
|
|
|
526E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191349794.000000000526E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
526E000
|
| Size: |
8192
|
|
|
3AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1292475145.00000000003AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3AE000
|
| Size: |
8192
|
|
|
720000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1292770790.0000000000720000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
720000
|
| Size: |
32768
|
|
|
7AE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1253396835.00000000007AE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7AE000
|
| Size: |
4096
|
|
|
88A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1274594370.000000000088A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
88A000
|
| Size: |
212992
|
|
|
A44E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3643955906.000000000A44E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A44E000
|
| Size: |
8192
|
|
|
5EDE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3638922957.0000000005EDE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5EDE000
|
| Size: |
8192
|
|
|
4330000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1294347562.0000000004330000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4330000
|
| Size: |
4096
|
|
|
822000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1295945724.0000000000822000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
822000
|
| Size: |
53248
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
43F8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635729482.00000000043F8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
43F8000
|
| Size: |
147456
|
|
|
8BEE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3641546415.0000000008BEE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8BEE000
|
| Size: |
8192
|
|
|
17BC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635539274.00000000017BC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
17BC000
|
| Size: |
16384
|
|
|
73E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297148859.000000000073E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
73E000
|
| Size: |
8192
|
|
|
D9E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217717379.0000000000D9E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D9E000
|
| Size: |
4096
|
|
|
C80000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297670753.0000000000C80000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C80000
|
| Size: |
16384
|
|
|
4A02000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635729482.0000000004A02000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4A02000
|
| Size: |
147456
|
|
|
810000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297327946.0000000000810000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
810000
|
| Size: |
32768
|
|
|
173E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635399277.000000000173E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
173E000
|
| Size: |
8192
|
|
|
7FCE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3640336228.0000000007FCE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7FCE000
|
| Size: |
8192
|
|
|
8BB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1266906524.00000000008BB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8BB000
|
| Size: |
12288
|
|
|
D10000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217551151.0000000000D10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D10000
|
| Size: |
32768
|
|
|
76B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1290707127.000000000076B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
76B000
|
| Size: |
8192
|
|
|
5317000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1216308567.0000000005317000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5317000
|
| Size: |
20480
|
|
|
58FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191687480.00000000058FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
58FE000
|
| Size: |
8192
|
|
|
AF3000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217403858.0000000000AF3000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
AF3000
|
| Size: |
20480
|
|
|
448F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1294364759.000000000448F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
448F000
|
| Size: |
4096
|
|
|
288E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1190921945.000000000288E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
288E000
|
| Size: |
8192
|
|
|
4CCD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191092423.0000000004CCD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4CCD000
|
| Size: |
12288
|
|
|
87B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1260590349.000000000087B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
87B000
|
| Size: |
40960
|
|
|
4DA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191155923.0000000004DA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA0000
|
| Size: |
4096
|
|
|
795000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1293712686.0000000000795000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
795000
|
| Size: |
8192
|
|
|
C86E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3646400254.000000000C86E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C86E000
|
| Size: |
8192
|
|
|
4DC4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1256587200.0000000004DC4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DC4000
|
| Size: |
16384
|
|
|
8BB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1254052709.00000000008BB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8BB000
|
| Size: |
12288
|
|
|
76B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1293332277.000000000076B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
76B000
|
| Size: |
8192
|
|
|
CF01000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3646738532.000000000CF01000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
CF01000
|
| Size: |
135168
|
|
|
128E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3633977892.000000000128E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
128E000
|
| Size: |
503808
|
|
|
8470000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3640942246.0000000008470000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
8470000
|
| Size: |
12288
|
|
|
C20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217479330.0000000000C20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C20000
|
| Size: |
4096
|
|
|
868000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1253634965.0000000000868000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
868000
|
| Size: |
139264
|
|
|
78D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1253838938.000000000078D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
78D000
|
| Size: |
94208
|
|
|
7E62000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3639611639.0000000007E62000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7E62000
|
| Size: |
278528
|
|
|
79C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1285791663.000000000079C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79C000
|
| Size: |
73728
|
|
|
D90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1214588029.0000000000D90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D90000
|
| Size: |
20480
|
|
|
E01000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1216349233.0000000000E01000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E01000
|
| Size: |
57344
|
|
|
C3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1190336263.0000000000C3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C3E000
|
| Size: |
8192
|
|
|
4DC4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1282345468.0000000004DC4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DC4000
|
| Size: |
65536
|
|
|
D9E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1214706095.0000000000D9E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D9E000
|
| Size: |
8192
|
|
|
8AB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1254147703.00000000008AB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8AB000
|
| Size: |
12288
|
|
|
D5D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215637103.0000000000D5D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D5D000
|
| Size: |
126976
|
|
|
78D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1279943535.000000000078D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
78D000
|
| Size: |
12288
|
|
|
838E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3640712031.000000000838E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
838E000
|
| Size: |
8192
|
|
|
7A2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1258457934.00000000007A2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7A2000
|
| Size: |
4096
|
|
|
1190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3633661429.0000000001190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1190000
|
| Size: |
8192
|
|
|
AD8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3644861662.000000000AD8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
AD8E000
|
| Size: |
8192
|
|
|
4380000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1288716622.0000000004380000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4380000
|
| Size: |
4096
|
|
|
D8F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215706622.0000000000D8F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D8F000
|
| Size: |
20480
|
|
|
E04000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1216433100.0000000000E04000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E04000
|
| Size: |
45056
|
|
|
159A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3634949479.000000000159A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
159A000
|
| Size: |
8192
|
|
|
7CF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1253581143.00000000007CF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7CF000
|
| Size: |
8192
|
|
|
D9B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1214935156.0000000000D9B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D9B000
|
| Size: |
90112
|
|
|
BEEE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3645584905.000000000BEEE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
BEEE000
|
| Size: |
8192
|
|
|
830000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297385464.0000000000830000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
830000
|
| Size: |
90112
|
|
|
8D2D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3641638176.0000000008D2D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8D2D000
|
| Size: |
12288
|
|
|
CF75000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3646738532.000000000CF75000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
CF75000
|
| Size: |
311296
|
|
|
7CF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1253514763.00000000007CF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7CF000
|
| Size: |
8192
|
|
|
80F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1260742450.000000000080F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
80F000
|
| Size: |
65536
|
|
|
49CC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635729482.00000000049CC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
49CC000
|
| Size: |
147456
|
|
|
5317000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215532891.0000000005317000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5317000
|
| Size: |
8192
|
|
|
D97000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217704618.0000000000D97000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D97000
|
| Size: |
8192
|
|
|
79D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1293937309.000000000079D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79D000
|
| Size: |
20480
|
|
|
E0A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1190655297.0000000000E0A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
E0A000
|
| Size: |
4096
|
|
|
5311000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217982792.0000000005311000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5311000
|
| Size: |
4096
|
|
|
A68E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3644239897.000000000A68E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A68E000
|
| Size: |
8192
|
|
|
4783000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635729482.0000000004783000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4783000
|
| Size: |
147456
|
|
|
76D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1284165983.000000000076D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
76D000
|
| Size: |
729088
|
|
|
5328000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1217010294.0000000005328000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5328000
|
| Size: |
12288
|
|
|
2C03000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1190939529.0000000002C03000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C03000
|
| Size: |
24576
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
|
|
5326000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1216143957.0000000005326000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5326000
|
| Size: |
20480
|
|
|
814E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3640466711.000000000814E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
814E000
|
| Size: |
8192
|
|
|
7AF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1294108223.00000000007AF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7AF000
|
| Size: |
397312
|
|
|
740000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1289203547.0000000000740000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
740000
|
| Size: |
163840
|
|
|
D8D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1216675053.0000000000D8D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D8D000
|
| Size: |
24576
|
|
|
896E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3641360157.000000000896E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
896E000
|
| Size: |
8192
|
|
|
8AB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1253881773.00000000008AB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8AB000
|
| Size: |
12288
|
|
|
8FAD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3641790511.0000000008FAD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8FAD000
|
| Size: |
12288
|
|
|
5450000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3637699537.0000000005450000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5450000
|
| Size: |
65536
|
|
|
85A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297444799.000000000085A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
85A000
|
| Size: |
20480
|
|
|
78D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1257717955.000000000078D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
78D000
|
| Size: |
12288
|
|
|
890000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1253610787.0000000000890000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
890000
|
| Size: |
12288
|
|
|
D6A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1214807095.0000000000D6A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D6A000
|
| Size: |
290816
|
|
|
A6CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3644294036.000000000A6CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A6CE000
|
| Size: |
8192
|
|
|
9C0D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3643241874.0000000009C0D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9C0D000
|
| Size: |
12288
|
|
|
D7C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215343750.0000000000D7C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D7C000
|
| Size: |
28672
|
|
|
4DA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1294521964.0000000004DA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA0000
|
| Size: |
147456
|
|
|
72A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1292770790.000000000072A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
72A000
|
| Size: |
32768
|
|
|
8A6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3641412434.0000000008A6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8A6E000
|
| Size: |
8192
|
|
|
757000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1293275062.0000000000757000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
757000
|
| Size: |
28672
|
|
|
131A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3633977892.000000000131A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
131A000
|
| Size: |
4096
|
|
|
900000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1277137828.0000000000900000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
900000
|
| Size: |
32768
|
|
|
797000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1260742450.0000000000797000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
797000
|
| Size: |
364544
|
|
|
8F6D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3641761942.0000000008F6D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8F6D000
|
| Size: |
12288
|
|
|
C4ED000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3646041001.000000000C4ED000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C4ED000
|
| Size: |
12288
|
|
|
4DCC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1256587200.0000000004DCC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DCC000
|
| Size: |
4096
|
|
|
790000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1273534561.0000000000790000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
790000
|
| Size: |
28672
|
|
|
88C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1253702652.000000000088C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
88C000
|
| Size: |
16384
|
|
|
C4AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3646007492.000000000C4AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C4AE000
|
| Size: |
8192
|
|
|
AEE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217403858.0000000000AEE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
AEE000
|
| Size: |
8192
|
|
|
75A0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3639490440.00000000075A0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
75A0000
|
| Size: |
16384
|
|
|
BC6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3645415458.000000000BC6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
BC6E000
|
| Size: |
8192
|
|
|
4DCD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1260675737.0000000004DCD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DCD000
|
| Size: |
24576
|
|
|
D6A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217656308.0000000000D6A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D6A000
|
| Size: |
73728
|
|
|
C10000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217467355.0000000000C10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C10000
|
| Size: |
8192
|
|
|
15B6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635017170.00000000015B6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15B6000
|
| Size: |
8192
|
|
|
CC2E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3646674423.000000000CC2E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
CC2E000
|
| Size: |
8192
|
|
|
D63000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215719269.0000000000D63000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D63000
|
| Size: |
102400
|
|
|
A40E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3643923303.000000000A40E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A40E000
|
| Size: |
8192
|
|
|
A910000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3644562636.000000000A910000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A910000
|
| Size: |
274432
|
|
|
D1A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217551151.0000000000D1A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D1A000
|
| Size: |
32768
|
|
|
512E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191317317.000000000512E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
512E000
|
| Size: |
8192
|
|
|
866000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1254052709.0000000000866000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
866000
|
| Size: |
147456
|
|
|
E40000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1190700658.0000000000E40000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
E40000
|
| Size: |
4096
|
|
|
D96000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1217024875.0000000000D96000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D96000
|
| Size: |
12288
|
|
|
5420000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3637639473.0000000005420000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5420000
|
| Size: |
4096
|
|
|
885000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1257409748.0000000000885000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
885000
|
| Size: |
20480
|
|
|
1039000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3633413544.0000000001039000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1039000
|
| Size: |
28672
|
|
|
3BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1292475145.00000000003BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3BE000
|
| Size: |
8192
|
|
|
778000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1253717954.0000000000778000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
778000
|
| Size: |
364544
|
|
|
1140000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1190848361.0000000001140000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
1140000
|
| Size: |
32768
|
|
|
8FD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1277325972.00000000008FD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8FD000
|
| Size: |
12288
|
|
|
7A3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1257034071.00000000007A3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7A3000
|
| Size: |
45056
|
|
|
8BB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1253881773.00000000008BB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8BB000
|
| Size: |
12288
|
|
|
1280000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3633977892.0000000001280000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1280000
|
| Size: |
28672
|
|
|
88D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1254147703.000000000088D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
88D000
|
| Size: |
118784
|
|
|
7A8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1253793971.00000000007A8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7A8000
|
| Size: |
167936
|
|
|
D93000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1216470443.0000000000D93000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D93000
|
| Size: |
49152
|
|
|
4E28000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1277088506.0000000004E28000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4E28000
|
| Size: |
4096
|
|
|
7AB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1258079377.00000000007AB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7AB000
|
| Size: |
12288
|
|
|
529F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217944989.000000000529F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
529F000
|
| Size: |
4096
|
|
|
D96000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1217110629.0000000000D96000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D96000
|
| Size: |
12288
|
|
|
7F1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1260742450.00000000007F1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7F1000
|
| Size: |
28672
|
|
|
D7C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215580365.0000000000D7C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D7C000
|
| Size: |
8192
|
|
|
79F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1281256058.000000000079F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79F000
|
| Size: |
12288
|
|
|
1136000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3633550064.0000000001136000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1136000
|
| Size: |
40960
|
|
|
C76E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3646287395.000000000C76E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C76E000
|
| Size: |
8192
|
|
|
E1B000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1190686567.0000000000E1B000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
E1B000
|
| Size: |
4096
|
|
|
5316000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215659722.0000000005316000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5316000
|
| Size: |
4096
|
|
|
2BB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1292445899.00000000002BB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2BB000
|
| Size: |
20480
|
|
|
865000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1277192235.0000000000865000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
865000
|
| Size: |
131072
|
|
|
844B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3640849404.000000000844B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
844B000
|
| Size: |
20480
|
|
|
AE77000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3644897773.000000000AE77000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
AE77000
|
| Size: |
12288
|
|
|
5310000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1216238610.0000000005310000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5310000
|
| Size: |
65536
|
|
|
536E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191364915.000000000536E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
536E000
|
| Size: |
8192
|
|
|
8AB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1253979181.00000000008AB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8AB000
|
| Size: |
12288
|
|
|
4DD2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1294561406.0000000004DD2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DD2000
|
| Size: |
8192
|
|
|
4DDC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1294577926.0000000004DDC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DDC000
|
| Size: |
4096
|
|
|
90E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297621226.000000000090E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
90E000
|
| Size: |
4096
|
|
|
B86000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1294253778.0000000000B86000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B86000
|
| Size: |
36864
|
|
|
158A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3634905791.000000000158A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
158A000
|
| Size: |
12288
|
|
|
D9E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215290831.0000000000D9E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D9E000
|
| Size: |
143360
|
|
|
855000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1253881773.0000000000855000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
855000
|
| Size: |
16384
|
|
|
D91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217688929.0000000000D91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D91000
|
| Size: |
8192
|
|
|
130A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3633977892.000000000130A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
130A000
|
| Size: |
12288
|
|
|
4E07000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297890217.0000000004E07000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4E07000
|
| Size: |
8192
|
|
|
AFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217403858.0000000000AFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
AFE000
|
| Size: |
8192
|
|
|
79D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1253325255.000000000079D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79D000
|
| Size: |
73728
|
|
|
90E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189594180.000000000090E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
90E000
|
| Size: |
102400
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
|
|
896000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1277045281.0000000000896000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
896000
|
| Size: |
163840
|
|
|
D64000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215165436.0000000000D64000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D64000
|
| Size: |
380928
|
|
|
D9E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1216630866.0000000000D9E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D9E000
|
| Size: |
4096
|
|
|
48C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297835832.00000000048C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48C0000
|
| Size: |
40960
|
|
|
79D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1281201275.000000000079D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79D000
|
| Size: |
20480
|
|
|
C270000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3645822900.000000000C270000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C270000
|
| Size: |
8192
|
|
|
BDED000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3645533526.000000000BDED000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
BDED000
|
| Size: |
12288
|
|
|
C86000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297670753.0000000000C86000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C86000
|
| Size: |
36864
|
|
|
AC4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3644742345.000000000AC4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
AC4E000
|
| Size: |
8192
|
|
|
C80000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1190398810.0000000000C80000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C80000
|
| Size: |
4096
|
|
|
670000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1292632611.0000000000670000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
670000
|
| Size: |
8192
|
|
|
587D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3638207495.000000000587D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
587D000
|
| Size: |
12288
|
|
|
855000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1274513939.0000000000855000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
855000
|
| Size: |
40960
|
|
|
98F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189594180.000000000098F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
98F000
|
| Size: |
53248
|
|
|
4E22000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1276998124.0000000004E22000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4E22000
|
| Size: |
28672
|
|
|
4A42000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635729482.0000000004A42000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4A42000
|
| Size: |
147456
|
|
|
8CED000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3641602880.0000000008CED000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8CED000
|
| Size: |
12288
|
|
|
815000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1289033121.0000000000815000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
815000
|
| Size: |
12288
|
|
|
72E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297148859.000000000072E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
72E000
|
| Size: |
8192
|
|
|
9B0D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3643169968.0000000009B0D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9B0D000
|
| Size: |
12288
|
|
|
932D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3642193844.000000000932D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
932D000
|
| Size: |
12288
|
|
|
8AF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1253881773.00000000008AF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8AF000
|
| Size: |
12288
|
|
|
D31000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1217294161.0000000000D31000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D31000
|
| Size: |
81920
|
|
|
16FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635374952.00000000016FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
16FE000
|
| Size: |
8192
|
|
|
1740000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635422545.0000000001740000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1740000
|
| Size: |
24576
|
|
|
897000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1277259786.0000000000897000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
897000
|
| Size: |
159744
|
|
|
120D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3633820203.000000000120D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
120D000
|
| Size: |
12288
|
|
|
791000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1287278129.0000000000791000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
791000
|
| Size: |
12288
|
|
|
88B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1280897267.000000000088B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
88B000
|
| Size: |
28672
|
|
|
AB4D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3644683464.000000000AB4D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
AB4D000
|
| Size: |
12288
|
|
|
1580000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3634835438.0000000001580000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1580000
|
| Size: |
8192
|
|
|
4690000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1294395054.0000000004690000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4690000
|
| Size: |
40960
|
|
|
D25000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217551151.0000000000D25000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D25000
|
| Size: |
40960
|
|
|
76B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1290192845.000000000076B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
76B000
|
| Size: |
8192
|
|
|
76D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1253098327.000000000076D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
76D000
|
| Size: |
270336
|
|
|
732000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1289203547.0000000000732000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
732000
|
| Size: |
53248
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
7AE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1260854943.00000000007AE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7AE000
|
| Size: |
270336
|
|
|
6D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1292696413.00000000006D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6D0000
|
| Size: |
16384
|
|
|
D64000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215750151.0000000000D64000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D64000
|
| Size: |
98304
|
|
|
888000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297525410.0000000000888000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
888000
|
| Size: |
8192
|
|
|
7EB9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3639611639.0000000007EB9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7EB9000
|
| Size: |
4096
|
|
|
DBE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1214968208.0000000000DBE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DBE000
|
| Size: |
12288
|
|
|
556E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3637812396.000000000556E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
556E000
|
| Size: |
8192
|
|
|
47BA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635729482.00000000047BA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
47BA000
|
| Size: |
147456
|
|
|
E17000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1190670730.0000000000E17000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
E17000
|
| Size: |
4096
|
|
|
4DD9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1283572403.0000000004DD9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DD9000
|
| Size: |
16384
|
|
|
81A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1281273813.000000000081A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
81A000
|
| Size: |
20480
|
|
|
868000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1253719817.0000000000868000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
868000
|
| Size: |
139264
|
|
|
777000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1261273529.0000000000777000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
777000
|
| Size: |
131072
|
|
|
5326000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1216238610.0000000005326000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5326000
|
| Size: |
20480
|
|
|
C8E000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217523197.0000000000C8E000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
C8E000
|
| Size: |
8192
|
|
|
885000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1277155134.0000000000885000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
885000
|
| Size: |
69632
|
|
|
157A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3634786579.000000000157A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
157A000
|
| Size: |
8192
|
|
|
D8D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1214750971.0000000000D8D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D8D000
|
| Size: |
12288
|
|
|
88D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1281899176.000000000088D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
88D000
|
| Size: |
20480
|
|
|
7E2C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3639611639.0000000007E2C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7E2C000
|
| Size: |
212992
|
|
|
4510000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635729482.0000000004510000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4510000
|
| Size: |
147456
|
|
|
1770000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635476904.0000000001770000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1770000
|
| Size: |
20480
|
|
|
75D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3639528067.00000000075D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
75D0000
|
| Size: |
4096
|
|
|
A1CD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3643776456.000000000A1CD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A1CD000
|
| Size: |
12288
|
|
|
76D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1257755336.000000000076D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
76D000
|
| Size: |
40960
|
|
|
5313000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1216659344.0000000005313000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5313000
|
| Size: |
16384
|
|
|
DBF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1190454307.0000000000DBF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
DBF000
|
| Size: |
4096
|
|
|
A80E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3644468124.000000000A80E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A80E000
|
| Size: |
8192
|
|
|
897000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1277214100.0000000000897000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
897000
|
| Size: |
159744
|
|
|
7AB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1294081974.00000000007AB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7AB000
|
| Size: |
12288
|
|
|
E0A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215557547.0000000000E0A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E0A000
|
| Size: |
20480
|
|
|
45FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297784835.00000000045FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
45FE000
|
| Size: |
8192
|
|
|
780000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297234708.0000000000780000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
780000
|
| Size: |
8192
|
|
|
99D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189594180.000000000099D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
99D000
|
| Size: |
135168
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
4EAB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191209499.0000000004EAB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4EAB000
|
| Size: |
20480
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
|
|
D7F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215070591.0000000000D7F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D7F000
|
| Size: |
24576
|
|
|
4DCD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1255086647.0000000004DCD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DCD000
|
| Size: |
61440
|
|
|
3030000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217817996.0000000003030000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3030000
|
| Size: |
16384
|
|
|
96CD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3642919968.00000000096CD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
96CD000
|
| Size: |
12288
|
|
|
846000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1296081488.0000000000846000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
846000
|
| Size: |
61440
|
|
|
D63000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215116673.0000000000D63000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D63000
|
| Size: |
385024
|
|
|
47B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297819930.00000000047B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
47B0000
|
| Size: |
4096
|
|
|
D9D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215242481.0000000000D9D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D9D000
|
| Size: |
147456
|
|
|
754000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1290192845.0000000000754000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
754000
|
| Size: |
81920
|
|
|
810000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1286672922.0000000000810000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
810000
|
| Size: |
61440
|
|
|
790000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1285861834.0000000000790000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
790000
|
| Size: |
16384
|
|
|
9E0D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3643398359.0000000009E0D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9E0D000
|
| Size: |
12288
|
|
|
7A5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1258457934.00000000007A5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7A5000
|
| Size: |
12288
|
|
|
7B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297270637.00000000007B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7B0000
|
| Size: |
16384
|
|
|
137C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3633977892.000000000137C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
137C000
|
| Size: |
12288
|
|
|
4B0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1294416202.0000000004B0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4B0E000
|
| Size: |
8192
|
|
|
4D4F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1294491314.0000000004D4F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4D4F000
|
| Size: |
4096
|
|
|
9710000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3642987916.0000000009710000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9710000
|
| Size: |
4096
|
|
|
615E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3639303772.000000000615E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
615E000
|
| Size: |
8192
|
|
|
9F0D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3643477624.0000000009F0D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9F0D000
|
| Size: |
12288
|
|
|
830000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1296193975.0000000000830000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
830000
|
| Size: |
90112
|
|
|
8AF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1266906524.00000000008AF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8AF000
|
| Size: |
12288
|
|
|
D22000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1217294161.0000000000D22000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D22000
|
| Size: |
53248
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
E8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1190721890.0000000000E8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E8E000
|
| Size: |
8192
|
|
|
D7D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1217024875.0000000000D7D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D7D000
|
| Size: |
65536
|
|
|
790000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1257116373.0000000000790000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
790000
|
| Size: |
16384
|
|
|
531B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1216365318.000000000531B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
531B000
|
| Size: |
4096
|
|
|
AC8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3644767685.000000000AC8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
AC8E000
|
| Size: |
8192
|
|
|
D93000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215797355.0000000000D93000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D93000
|
| Size: |
4096
|
|
|
886000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1253760993.0000000000886000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
886000
|
| Size: |
16384
|
|
|
A18E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3643721555.000000000A18E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A18E000
|
| Size: |
8192
|
|
|
768000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1253355791.0000000000768000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
768000
|
| Size: |
20480
|
|
|
4654000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635729482.0000000004654000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4654000
|
| Size: |
147456
|
|
|
5E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189371071.00000000005E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5E0000
|
| Size: |
8192
|
|
|
81D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1294183648.000000000081D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
81D000
|
| Size: |
8192
|
|
|
C72E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3646247950.000000000C72E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C72E000
|
| Size: |
8192
|
|
|
5326000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1216276289.0000000005326000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5326000
|
| Size: |
20480
|
|
|
90EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3641929024.00000000090EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
90EE000
|
| Size: |
8192
|
|
|
880000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297505331.0000000000880000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
880000
|
| Size: |
20480
|
|
|
D63000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217642023.0000000000D63000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D63000
|
| Size: |
4096
|
|
|
8AAE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3641435750.0000000008AAE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8AAE000
|
| Size: |
8192
|
|
|
4A3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217897467.0000000004A3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4A3E000
|
| Size: |
8192
|
|
|
BDAE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3645508074.000000000BDAE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
BDAE000
|
| Size: |
8192
|
|
|
4DDB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1285832736.0000000004DDB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DDB000
|
| Size: |
8192
|
|
|
850000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297428229.0000000000850000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
850000
|
| Size: |
20480
|
|
|
47F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635729482.00000000047F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
47F0000
|
| Size: |
147456
|
|
|
573B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3638051161.000000000573B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
573B000
|
| Size: |
20480
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
|
|
894000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1284300243.0000000000894000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
894000
|
| Size: |
8192
|
|
|
A20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1190248020.0000000000A20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A20000
|
| Size: |
16384
|
|
|
D48000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217613638.0000000000D48000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D48000
|
| Size: |
24576
|
|
|
8BB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1253979181.00000000008BB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8BB000
|
| Size: |
12288
|
|
|
87E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1253781752.000000000087E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
87E000
|
| Size: |
32768
|
|
|
849000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297409206.0000000000849000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
849000
|
| Size: |
20480
|
|
|
793000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1293679499.0000000000793000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
793000
|
| Size: |
4096
|
|
|
43D1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635729482.00000000043D1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
43D1000
|
| Size: |
28672
|
|
|
D95000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215222442.0000000000D95000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D95000
|
| Size: |
180224
|
|
|
87E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1277288994.000000000087E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
87E000
|
| Size: |
28672
|
|
|
86A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297464567.000000000086A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
86A000
|
| Size: |
69632
|
|
|
4DDC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1287827009.0000000004DDC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DDC000
|
| Size: |
4096
|
|
|
499E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217871355.000000000499E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
499E000
|
| Size: |
8192
|
|
|
5D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1188834424.00000000005D0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5D0000
|
| Size: |
4096
|
|
|
D64000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1216484353.0000000000D64000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D64000
|
| Size: |
12288
|
|
|
D90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215824139.0000000000D90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D90000
|
| Size: |
12288
|
|
|
4566000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635729482.0000000004566000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4566000
|
| Size: |
147456
|
|
|
7D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1258023547.00000000007D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7D0000
|
| Size: |
4096
|
|
|
595E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191706294.000000000595E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
595E000
|
| Size: |
8192
|
|
|
DBE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1214807095.0000000000DBE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DBE000
|
| Size: |
12288
|
|
|
5DDE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3638783067.0000000005DDE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5DDE000
|
| Size: |
8192
|
|
|
88E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297547498.000000000088E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
88E000
|
| Size: |
8192
|
|
|
CC6D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3646704709.000000000CC6D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
CC6D000
|
| Size: |
12288
|
|
|
D265000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3646738532.000000000D265000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
D265000
|
| Size: |
217088
|
|
|
D86000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215197812.0000000000D86000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D86000
|
| Size: |
241664
|
|
|
76D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1253717954.000000000076D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
76D000
|
| Size: |
24576
|
|
|
D94000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1216545413.0000000000D94000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D94000
|
| Size: |
24576
|
|
|
893000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1253481990.0000000000893000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
893000
|
| Size: |
40960
|
|
|
D60000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1216322142.0000000000D60000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D60000
|
| Size: |
258048
|
|
|
6F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1292748312.00000000006F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6F0000
|
| Size: |
4096
|
|
|
E04000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215673321.0000000000E04000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E04000
|
| Size: |
24576
|
|
|
4DDC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1281225153.0000000004DDC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DDC000
|
| Size: |
4096
|
|
|
4FAD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191260411.0000000004FAD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4FAD000
|
| Size: |
12288
|
|
|
5326000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215532891.0000000005326000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5326000
|
| Size: |
20480
|
|
|
798000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1293741681.0000000000798000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
798000
|
| Size: |
16384
|
|
|
D7E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215462159.0000000000D7E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D7E000
|
| Size: |
593920
|
|
|
87F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1285838714.000000000087F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
87F000
|
| Size: |
24576
|
|
|
CFC2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3646738532.000000000CFC2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
CFC2000
|
| Size: |
2760704
|
|
|
819000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1257067152.0000000000819000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
819000
|
| Size: |
24576
|
|
|
9450000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3642453743.0000000009450000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9450000
|
| Size: |
335872
|
|
|
5316000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215786444.0000000005316000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5316000
|
| Size: |
4096
|
|
|
1170000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1190866535.0000000001170000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1170000
|
| Size: |
16384
|
|
|
906000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297603740.0000000000906000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
906000
|
| Size: |
8192
|
|
|
5315000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1217097823.0000000005315000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5315000
|
| Size: |
8192
|
|
|
D30000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297718999.0000000000D30000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D30000
|
| Size: |
4096
|
|
|
4DDB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1270546844.0000000004DDB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DDB000
|
| Size: |
8192
|
|
|
8450000
|
unclassified section
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3640891346.0000000008450000.00000004.10000000.00040000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unclassified section
|
| Protect: |
page read and write
|
| Base address: |
8450000
|
| Size: |
4096
|
|
|
4D5C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191114379.0000000004D5C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4D5C000
|
| Size: |
16384
|
|
|
734000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297148859.0000000000734000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
734000
|
| Size: |
16384
|
|
|
A25000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1190248020.0000000000A25000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A25000
|
| Size: |
12288
|
|
|
886000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1274513939.0000000000886000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
886000
|
| Size: |
229376
|
|
|
498C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635729482.000000000498C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
498C000
|
| Size: |
147456
|
|
|
9A0D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3643105838.0000000009A0D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9A0D000
|
| Size: |
12288
|
|
|
F6C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1190766349.0000000000F6C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F6C000
|
| Size: |
16384
|
|
|
4E20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297890217.0000000004E20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4E20000
|
| Size: |
4096
|
|
|
85B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1253436611.000000000085B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
85B000
|
| Size: |
270336
|
|
|
15B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635017170.00000000015B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15B0000
|
| Size: |
16384
|
|
|
A30D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3643873921.000000000A30D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A30D000
|
| Size: |
12288
|
|
|
88C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1253634965.000000000088C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
88C000
|
| Size: |
16384
|
|
|
4893000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635729482.0000000004893000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4893000
|
| Size: |
147456
|
|
|
7F7E0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3649131430.000000007F7E0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7F7E0000
|
| Size: |
4096
|
|
|
56BC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191413066.00000000056BC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
56BC000
|
| Size: |
16384
|
|
|
894000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1281899176.0000000000894000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
894000
|
| Size: |
8192
|
|
|
3BD1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191013370.0000000003BD1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BD1000
|
| Size: |
8192
|
|
|
76D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1277814658.000000000076D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
76D000
|
| Size: |
40960
|
|
|
936E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3642262655.000000000936E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
936E000
|
| Size: |
8192
|
|
|
BCAD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3645459854.000000000BCAD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
BCAD000
|
| Size: |
12288
|
|
|
893000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1273699960.0000000000893000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
893000
|
| Size: |
12288
|
|
|
4FFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297961937.0000000004FFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4FFF000
|
| Size: |
4096
|
|
|
8F6000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189522849.00000000008F6000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8F6000
|
| Size: |
40960
|
|
|
5327000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1216365318.0000000005327000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5327000
|
| Size: |
16384
|
|
|
D94000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215615626.0000000000D94000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D94000
|
| Size: |
176128
|
|
|
D31000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1217326255.0000000000D31000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D31000
|
| Size: |
81920
|
|
|
15C7000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3635177222.00000000015C7000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
15C7000
|
| Size: |
4096
|
|
|
D94000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1216484353.0000000000D94000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D94000
|
| Size: |
45056
|
|
|
C06D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3645698083.000000000C06D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C06D000
|
| Size: |
12288
|
|
|
A2CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3643848504.000000000A2CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A2CE000
|
| Size: |
8192
|
|
|
605E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3639153093.000000000605E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
605E000
|
| Size: |
8192
|
|
|
794000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1284814606.0000000000794000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
794000
|
| Size: |
569344
|
|
|
D9C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215767443.0000000000D9C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D9C000
|
| Size: |
143360
|
|
|
772000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1293582948.0000000000772000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
772000
|
| Size: |
20480
|
|
|
7AE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1255286718.00000000007AE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7AE000
|
| Size: |
143360
|
|
|
B30000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217453946.0000000000B30000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B30000
|
| Size: |
4096
|
|
|
4DFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297859244.0000000004DFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4DFF000
|
| Size: |
4096
|
|
|
791000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1281051052.0000000000791000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
791000
|
| Size: |
24576
|
|
|
825000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297327946.0000000000825000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
825000
|
| Size: |
40960
|
|
|
15F7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635259518.00000000015F7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15F7000
|
| Size: |
28672
|
|
|
906000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1277325972.0000000000906000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
906000
|
| Size: |
8192
|
|
|
8AB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1266906524.00000000008AB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8AB000
|
| Size: |
12288
|
|
|
5326000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1216180774.0000000005326000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5326000
|
| Size: |
20480
|
|
|
95B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189594180.000000000095B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
95B000
|
| Size: |
4096
|
|
|
429E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1294300429.000000000429E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
429E000
|
| Size: |
8192
|
|
|
532A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1218008619.000000000532A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
532A000
|
| Size: |
4096
|
|
|
858000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1253527072.0000000000858000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
858000
|
| Size: |
12288
|
|
|
4D0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1166123678.00000000004D0000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
4D0000
|
| Size: |
4096
|
|
|
791000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1286742787.0000000000791000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
791000
|
| Size: |
12288
|
|
|
E02000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1190639800.0000000000E02000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
E02000
|
| Size: |
4096
|
|
|
577C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3638131825.000000000577C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
577C000
|
| Size: |
16384
|
|
|
57FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191668804.00000000057FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
57FE000
|
| Size: |
8192
|
|
|
CF23000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3646738532.000000000CF23000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
CF23000
|
| Size: |
331776
|
|
|
D63000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1216393538.0000000000D63000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D63000
|
| Size: |
245760
|
|
|
C9ED000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3646546350.000000000C9ED000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C9ED000
|
| Size: |
12288
|
|
|
886000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1274621477.0000000000886000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
886000
|
| Size: |
16384
|
|
|
ADF000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297636408.0000000000ADF000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
ADF000
|
| Size: |
4096
|
|
|
75F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1293332277.000000000075F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
75F000
|
| Size: |
36864
|
|
|
45DE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635729482.00000000045DE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
45DE000
|
| Size: |
143360
|
|
|
D7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297736277.0000000000D7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
D7E000
|
| Size: |
8192
|
|
|
D64000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1214877904.0000000000D64000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D64000
|
| Size: |
20480
|
|
|
567E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191397132.000000000567E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
567E000
|
| Size: |
8192
|
|
|
5634000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3637900213.0000000005634000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5634000
|
| Size: |
4096
|
|
|
797000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1258540811.0000000000797000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
797000
|
| Size: |
32768
|
|
|
DC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1190477801.0000000000DC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
DC0000
|
| Size: |
8192
|
|
|
D89000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215264009.0000000000D89000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D89000
|
| Size: |
49152
|
|
|
D4F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217628722.0000000000D4F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D4F000
|
| Size: |
32768
|
|
|
BB6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3645340313.000000000BB6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
BB6E000
|
| Size: |
8192
|
|
|
5F5E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3639028696.0000000005F5E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5F5E000
|
| Size: |
8192
|
|
|
4717000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635729482.0000000004717000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4717000
|
| Size: |
147456
|
|
|
8BC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1288656460.00000000008BC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8BC000
|
| Size: |
8192
|
|
|
4D9C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191135886.0000000004D9C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4D9C000
|
| Size: |
16384
|
|
|
E09000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1216611277.0000000000E09000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E09000
|
| Size: |
24576
|
|
|
8AF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1254052709.00000000008AF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8AF000
|
| Size: |
12288
|
|
|
D99000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215290831.0000000000D99000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D99000
|
| Size: |
16384
|
|
|
818000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1287066881.0000000000818000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
818000
|
| Size: |
28672
|
|
|
C40000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217493097.0000000000C40000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C40000
|
| Size: |
16384
|
|
|
131E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3633977892.000000000131E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
131E000
|
| Size: |
28672
|
|
|
5316000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217994776.0000000005316000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5316000
|
| Size: |
4096
|
|
|
15C2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635157255.00000000015C2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
15C2000
|
| Size: |
4096
|
|
|
444E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635729482.000000000444E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
444E000
|
| Size: |
147456
|
|
|
17E0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3635593210.00000000017E0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
17E0000
|
| Size: |
8192
|
|
|
84A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3641003940.00000000084A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
84A0000
|
| Size: |
32768
|
|
|
CB2D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3646620358.000000000CB2D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
CB2D000
|
| Size: |
12288
|
|
|
810000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1258023547.0000000000810000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
810000
|
| Size: |
24576
|
|
|
87D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297489686.000000000087D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
87D000
|
| Size: |
4096
|
|
|
C3AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3645899422.000000000C3AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C3AE000
|
| Size: |
8192
|
|
|
7510000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3639459121.0000000007510000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7510000
|
| Size: |
4096
|
|
|
A90E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3644534438.000000000A90E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A90E000
|
| Size: |
8192
|
|
|
8AB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1254052709.00000000008AB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8AB000
|
| Size: |
12288
|
|
|
DE7000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1190558899.0000000000DE7000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
DE7000
|
| Size: |
4096
|
|
|
49F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217885074.00000000049F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
49F0000
|
| Size: |
4096
|
|
|
81B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1257395970.000000000081B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
81B000
|
| Size: |
16384
|
|
|
4920000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635729482.0000000004920000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4920000
|
| Size: |
147456
|
|
|
1130000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1190828043.0000000001130000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1130000
|
| Size: |
65536
|
|
|
5D9E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3638729549.0000000005D9E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5D9E000
|
| Size: |
8192
|
|
|
7D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1255008300.00000000007D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7D1000
|
| Size: |
319488
|
|
|
D96000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215797355.0000000000D96000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D96000
|
| Size: |
12288
|
|
|
906000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1277175256.0000000000906000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
906000
|
| Size: |
8192
|
|
|
1326000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3633977892.0000000001326000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1326000
|
| Size: |
339968
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
78E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1258508920.000000000078E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
78E000
|
| Size: |
8192
|
|
|
7A4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1253377730.00000000007A4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7A4000
|
| Size: |
45056
|
|
|
5630000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3637900213.0000000005630000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5630000
|
| Size: |
8192
|
|
|
1572000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3634717057.0000000001572000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
1572000
|
| Size: |
8192
|
|
|
1597000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3634929376.0000000001597000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
1597000
|
| Size: |
4096
|
|
|
531C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1216276289.000000000531C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
531C000
|
| Size: |
16384
|
|
|
C7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1190371972.0000000000C7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C7E000
|
| Size: |
8192
|
|
|
522E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191334531.000000000522E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
522E000
|
| Size: |
8192
|
|
|
88A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1253979181.000000000088A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
88A000
|
| Size: |
131072
|
|
|
C45000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217493097.0000000000C45000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C45000
|
| Size: |
16384
|
|
|
D91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1214606073.0000000000D91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D91000
|
| Size: |
16384
|
|
|
D9F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1216196404.0000000000D9F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D9F000
|
| Size: |
458752
|
|
|
D6A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1214877904.0000000000D6A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D6A000
|
| Size: |
290816
|
|
|
C5ED000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3646112070.000000000C5ED000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C5ED000
|
| Size: |
12288
|
|
|
777000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1284380481.0000000000777000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
777000
|
| Size: |
688128
|
|
|
1110000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1190808465.0000000001110000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1110000
|
| Size: |
16384
|
|
|
474D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635729482.000000000474D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
474D000
|
| Size: |
147456
|
|
|
78E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1286742787.000000000078E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
78E000
|
| Size: |
8192
|
|
|
57BC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191649070.00000000057BC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
57BC000
|
| Size: |
16384
|
|
|
620000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1292571498.0000000000620000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
620000
|
| Size: |
4096
|
|
|
15BA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635017170.00000000015BA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15BA000
|
| Size: |
20480
|
|
|
D9E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1214968208.0000000000D9E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D9E000
|
| Size: |
77824
|
|
|
8E6D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3641711822.0000000008E6D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8E6D000
|
| Size: |
12288
|
|
|
794000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1255158395.0000000000794000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
794000
|
| Size: |
249856
|
|
|
8BE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1276926064.00000000008BE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8BE000
|
| Size: |
331776
|
|
|
93AD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3642333851.00000000093AD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
93AD000
|
| Size: |
12288
|
|
|
D67000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1216445434.0000000000D67000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D67000
|
| Size: |
229376
|
|
|
770000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297214639.0000000000770000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
770000
|
| Size: |
4096
|
|
|
87E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1274621477.000000000087E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
87E000
|
| Size: |
28672
|
|
|
2BD1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1190939529.0000000002BD1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2BD1000
|
| Size: |
147456
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
|
|
87EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3641174771.00000000087EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
87EE000
|
| Size: |
8192
|
|
|
5BFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3638586701.0000000005BFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5BFE000
|
| Size: |
8192
|
|
|
7E0B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3639611639.0000000007E0B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7E0B000
|
| Size: |
126976
|
|
|
4E28000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297945290.0000000004E28000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4E28000
|
| Size: |
4096
|
|
|
D45000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1217266706.0000000000D45000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D45000
|
| Size: |
4096
|
|
|
87F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1287897849.000000000087F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
87F000
|
| Size: |
24576
|
|
|
4A50000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1217232993.0000000004A50000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A50000
|
| Size: |
4096
|
|
|
7F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1255052741.00000000007F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7F0000
|
| Size: |
192512
|
|
|
DC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217729242.0000000000DC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DC0000
|
| Size: |
266240
|
|
|
90E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1277104726.000000000090E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
90E000
|
| Size: |
4096
|
|
|
57B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1188815493.000000000057B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
57B000
|
| Size: |
20480
|
|
|
908000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1277104726.0000000000908000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
908000
|
| Size: |
12288
|
|
|
929000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189594180.0000000000929000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
929000
|
| Size: |
77824
|
|
|
882D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3641226101.000000000882D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
882D000
|
| Size: |
12288
|
|
|
7CB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217387956.00000000007CB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7CB000
|
| Size: |
20480
|
|
|
619E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3639362582.000000000619E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
619E000
|
| Size: |
8192
|
|
|
15F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635259518.00000000015F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15F0000
|
| Size: |
16384
|
|
|
C62E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3646158420.000000000C62E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C62E000
|
| Size: |
8192
|
|
|
4DDB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1255129962.0000000004DDB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DDB000
|
| Size: |
4096
|
|
|
BF2D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3645613047.000000000BF2D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
BF2D000
|
| Size: |
12288
|
|
|
81B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1289033121.000000000081B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
81B000
|
| Size: |
16384
|
|
|
864000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1253881773.0000000000864000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
864000
|
| Size: |
286720
|
|
|
908000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189594180.0000000000908000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
908000
|
| Size: |
16384
|
|
|
D7C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1216689808.0000000000D7C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D7C000
|
| Size: |
69632
|
|
|
79C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1272002475.000000000079C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79C000
|
| Size: |
49152
|
|
|
87B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1285838714.000000000087B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
87B000
|
| Size: |
12288
|
|
|
3B4000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1292475145.00000000003B4000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3B4000
|
| Size: |
16384
|
|
|
15AA000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3634996266.00000000015AA000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
15AA000
|
| Size: |
4096
|
|
|
5ABE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3638437006.0000000005ABE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5ABE000
|
| Size: |
8192
|
|
|
17C0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3635569512.00000000017C0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
17C0000
|
| Size: |
40960
|
|
|
D7F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215580365.0000000000D7F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D7F000
|
| Size: |
262144
|
|
|
E0C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217767213.0000000000E0C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E0C000
|
| Size: |
12288
|
|
|
59BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3638340412.00000000059BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
59BE000
|
| Size: |
8192
|
|
|
C9AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3646502439.000000000C9AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C9AE000
|
| Size: |
8192
|
|
|
66E000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1292600620.000000000066E000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
66E000
|
| Size: |
8192
|
|
|
519E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217921146.000000000519E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
519E000
|
| Size: |
8192
|
|
|
D99000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215686289.0000000000D99000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D99000
|
| Size: |
155648
|
|
|
867000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1253497332.0000000000867000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
867000
|
| Size: |
180224
|
|
|
840C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3640808562.000000000840C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
840C000
|
| Size: |
16384
|
|
|
D64000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1214522591.0000000000D64000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D64000
|
| Size: |
245760
|
|
|
816000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1257333817.0000000000816000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
816000
|
| Size: |
12288
|
|
|
DE2000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1190558899.0000000000DE2000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
DE2000
|
| Size: |
16384
|
|
|
958000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189594180.0000000000958000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
958000
|
| Size: |
4096
|
|
|
9F4D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3643503855.0000000009F4D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9F4D000
|
| Size: |
12288
|
|
|
8E2E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3641689092.0000000008E2E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8E2E000
|
| Size: |
8192
|
|
|
597E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3638303878.000000000597E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
597E000
|
| Size: |
8192
|
|
|
52F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217969733.00000000052F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
52F0000
|
| Size: |
4096
|
|
|
D83000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215264009.0000000000D83000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D83000
|
| Size: |
12288
|
|
|
CAEE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3646595054.000000000CAEE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
CAEE000
|
| Size: |
8192
|
|
|
E10000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217780113.0000000000E10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E10000
|
| Size: |
4096
|
|
|
1250000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3633921523.0000000001250000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1250000
|
| Size: |
4096
|
|
|
DE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1190540153.0000000000DE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
DE0000
|
| Size: |
8192
|
|
|
11C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3633706856.00000000011C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C0000
|
| Size: |
16384
|
|
|
4DD9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1288852233.0000000004DD9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DD9000
|
| Size: |
8192
|
|
|
A974000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3644562636.000000000A974000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A974000
|
| Size: |
8192
|
|
|
83CD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3640774457.00000000083CD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
83CD000
|
| Size: |
12288
|
|
|
892000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1277214100.0000000000892000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
892000
|
| Size: |
16384
|
|
|
892E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3641299658.000000000892E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
892E000
|
| Size: |
8192
|
|
|
1560000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3634667200.0000000001560000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1560000
|
| Size: |
8192
|
|
|
D9B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1214553616.0000000000D9B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D9B000
|
| Size: |
20480
|
|
|
D85000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215057208.0000000000D85000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D85000
|
| Size: |
32768
|
|
|
D48000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1217266706.0000000000D48000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D48000
|
| Size: |
61440
|
|
|
308F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635642493.000000000308F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
308F000
|
| Size: |
4096
|
|
|
858000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1295776510.0000000000858000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
858000
|
| Size: |
28672
|
|
|
84E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1296213899.000000000084E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
84E000
|
| Size: |
28672
|
|
|
44BA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635729482.00000000044BA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
44BA000
|
| Size: |
147456
|
|
|
79D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1287587473.000000000079D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79D000
|
| Size: |
20480
|
|
|
81A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297327946.000000000081A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
81A000
|
| Size: |
32768
|
|
|
52F1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1216143957.00000000052F1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
52F1000
|
| Size: |
184320
|
|
|
85F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1277377278.000000000085F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
85F000
|
| Size: |
24576
|
|
|
D6A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1216484353.0000000000D6A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D6A000
|
| Size: |
167936
|
|
|
15CB000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3635199045.00000000015CB000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
15CB000
|
| Size: |
4096
|
|
|
896000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1266906524.0000000000896000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
896000
|
| Size: |
81920
|
|
|
5A5F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191743706.0000000005A5F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5A5F000
|
| Size: |
4096
|
|
|
896000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1253560673.0000000000896000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
896000
|
| Size: |
28672
|
|
|
5C3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3638612605.0000000005C3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5C3E000
|
| Size: |
8192
|
|
|
D99000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1214968208.0000000000D99000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D99000
|
| Size: |
8192
|
|
|
154E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3634619223.000000000154E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
154E000
|
| Size: |
8192
|
|
|
78F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1293656587.000000000078F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
78F000
|
| Size: |
4096
|
|
|
E02000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217754362.0000000000E02000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E02000
|
| Size: |
8192
|
|
|
4C60000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217908785.0000000004C60000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4C60000
|
| Size: |
40960
|
|
|
D68000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1214606073.0000000000D68000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D68000
|
| Size: |
163840
|
|
|
476E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297802513.000000000476E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
476E000
|
| Size: |
8192
|
|
|
D31000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217595623.0000000000D31000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D31000
|
| Size: |
81920
|
|
|
942E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3642427238.000000000942E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
942E000
|
| Size: |
8192
|
|
|
968D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3642871188.000000000968D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
968D000
|
| Size: |
12288
|
|
|
86EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3641090715.00000000086EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
86EE000
|
| Size: |
8192
|
|
|
D8E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1217024875.0000000000D8E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D8E000
|
| Size: |
20480
|
|
|
7FE000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297309044.00000000007FE000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
7FE000
|
| Size: |
8192
|
|
|
964D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3642829664.000000000964D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
964D000
|
| Size: |
12288
|
|
|
55FC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3637841086.00000000055FC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
55FC000
|
| Size: |
16384
|
|
|
CC81000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3646738532.000000000CC81000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
CC81000
|
| Size: |
2617344
|
|
|
76B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1289203547.000000000076B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
76B000
|
| Size: |
8192
|
|
|
794000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1281239996.0000000000794000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
794000
|
| Size: |
12288
|
|
|
50EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191299588.00000000050EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
50EE000
|
| Size: |
8192
|
|
|
4C0F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1294435366.0000000004C0F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4C0F000
|
| Size: |
4096
|
|
|
8AF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1253979181.00000000008AF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8AF000
|
| Size: |
12288
|
|
|
4484000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635729482.0000000004484000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4484000
|
| Size: |
147456
|
|
|
4DC8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1255104310.0000000004DC8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DC8000
|
| Size: |
20480
|
|
|
86AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3641063303.00000000086AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
86AE000
|
| Size: |
8192
|
|
|
7AA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1286021078.00000000007AA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7AA000
|
| Size: |
16384
|
|
|
864000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1253527072.0000000000864000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
864000
|
| Size: |
12288
|
|
|
855000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1285004420.0000000000855000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
855000
|
| Size: |
40960
|
|
|
830000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1295945724.0000000000830000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
830000
|
| Size: |
151552
|
|
|
88A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1277306596.000000000088A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
88A000
|
| Size: |
32768
|
|
|
DBE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1214935156.0000000000DBE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DBE000
|
| Size: |
12288
|
|
|
D8D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215015883.0000000000D8D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D8D000
|
| Size: |
49152
|
|
|
90B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1277017615.000000000090B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
90B000
|
| Size: |
16384
|
|
|
C273000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3645822900.000000000C273000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C273000
|
| Size: |
4096
|
|
|
77C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1293625540.000000000077C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
77C000
|
| Size: |
69632
|
|
|
D99000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1216630866.0000000000D99000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D99000
|
| Size: |
4096
|
|
|
790000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297254150.0000000000790000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
790000
|
| Size: |
4096
|
|
|
894000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297564029.0000000000894000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
894000
|
| Size: |
8192
|
|
|
5410000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3637534201.0000000005410000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5410000
|
| Size: |
4096
|
|
|
824E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3640595741.000000000824E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
824E000
|
| Size: |
8192
|
|
|
810000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1275335615.0000000000810000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
810000
|
| Size: |
61440
|
|
|
922E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3642102938.000000000922E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
922E000
|
| Size: |
8192
|
|
|
5F1D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3638979663.0000000005F1D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5F1D000
|
| Size: |
12288
|
|
|
8BB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1254147703.00000000008BB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8BB000
|
| Size: |
12288
|
|
|
5319000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215445478.0000000005319000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5319000
|
| Size: |
73728
|
|
|
1582000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3634869670.0000000001582000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
1582000
|
| Size: |
24576
|
|
|
855000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1253466859.0000000000855000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
855000
|
| Size: |
24576
|
|
|
C16E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3645751902.000000000C16E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C16E000
|
| Size: |
8192
|
|
|
11C5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3633706856.00000000011C5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C5000
|
| Size: |
16384
|
|
|
C170000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3645786728.000000000C170000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C170000
|
| Size: |
16384
|
|
|
D57000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1216393538.0000000000D57000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D57000
|
| Size: |
36864
|
|
|
4DDC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1288852233.0000000004DDC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DDC000
|
| Size: |
4096
|
|
|
D8E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1217070626.0000000000D8E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D8E000
|
| Size: |
20480
|
|
|
88D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1254052709.000000000088D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
88D000
|
| Size: |
118784
|
|
|
B80000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1294253778.0000000000B80000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B80000
|
| Size: |
16384
|
|
|
79E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1253652262.000000000079E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79E000
|
| Size: |
40960
|
|
|
DBE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1216570646.0000000000DBE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DBE000
|
| Size: |
274432
|
|
|
9C5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189594180.00000000009C5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9C5000
|
| Size: |
106496
|
|
|
7A4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1253821736.00000000007A4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7A4000
|
| Size: |
16384
|
|
|
C8AD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3646429091.000000000C8AD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C8AD000
|
| Size: |
12288
|
|
|
4DCD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1284132053.0000000004DCD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DCD000
|
| Size: |
28672
|
|
|
A54E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3644079738.000000000A54E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A54E000
|
| Size: |
8192
|
|
|
88A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1253590679.000000000088A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
88A000
|
| Size: |
36864
|
|
|
740000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1290556661.0000000000740000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
740000
|
| Size: |
81920
|
|
|
455F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297753674.000000000455F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
455F000
|
| Size: |
4096
|
|
|
777000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1257352441.0000000000777000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
777000
|
| Size: |
102400
|
|
|
DBF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215501166.0000000000DBF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DBF000
|
| Size: |
327680
|
|
|
DBE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1214877904.0000000000DBE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DBE000
|
| Size: |
12288
|
|
|
6D5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1292696413.00000000006D5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6D5000
|
| Size: |
12288
|
|
|
80F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1260854943.000000000080F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
80F000
|
| Size: |
65536
|
|
|
779000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1253413490.0000000000779000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
779000
|
| Size: |
147456
|
|
|
7500000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3639411062.0000000007500000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7500000
|
| Size: |
4096
|
|
|
7A2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1286185224.00000000007A2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7A2000
|
| Size: |
32768
|
|
|
CB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1190426480.0000000000CB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
CB0000
|
| Size: |
16384
|
|
|
7A8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1257585544.00000000007A8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7A8000
|
| Size: |
24576
|
|
|
F70000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1190784608.0000000000F70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F70000
|
| Size: |
16384
|
|
|
828D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3640639967.000000000828D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
828D000
|
| Size: |
12288
|
|
|
D57000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1214807095.0000000000D57000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D57000
|
| Size: |
4096
|
|
|
9D0D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3643322206.0000000009D0D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9D0D000
|
| Size: |
12288
|
|
|
15C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635120041.00000000015C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
15C0000
|
| Size: |
4096
|
|
|
4E21000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1279846014.0000000004E21000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4E21000
|
| Size: |
4096
|
|
|
D9A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1216532883.0000000000D9A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D9A000
|
| Size: |
20480
|
|
|
86A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1274513939.000000000086A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
86A000
|
| Size: |
110592
|
|
|
D57000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215116673.0000000000D57000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D57000
|
| Size: |
4096
|
|
|
124E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3633874915.000000000124E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
124E000
|
| Size: |
8192
|
|
|
A7CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3644420896.000000000A7CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A7CE000
|
| Size: |
8192
|
|
|
78D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1285889953.000000000078D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
78D000
|
| Size: |
12288
|
|
|
63B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297128886.000000000063B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
63B000
|
| Size: |
20480
|
|
|
90AD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3641856976.00000000090AD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
90AD000
|
| Size: |
12288
|
|
|
A58D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3644144388.000000000A58D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A58D000
|
| Size: |
12288
|
|
|
93ED000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3642382256.00000000093ED000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
93ED000
|
| Size: |
12288
|
|
|
91EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3642030161.00000000091EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
91EE000
|
| Size: |
8192
|
|
|
313F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217846181.000000000313F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
313F000
|
| Size: |
4096
|
|
|
D83000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215081920.0000000000D83000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D83000
|
| Size: |
8192
|
|
|
7B5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297270637.00000000007B5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7B5000
|
| Size: |
12288
|
|
|
900000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189594180.0000000000900000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
900000
|
| Size: |
28672
|
|
|
680000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1292663769.0000000000680000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
680000
|
| Size: |
4096
|
|
|
890000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1284300243.0000000000890000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
890000
|
| Size: |
8192
|
|
|
A04E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3643551527.000000000A04E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A04E000
|
| Size: |
8192
|
|
|
79F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1287949994.000000000079F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79F000
|
| Size: |
12288
|
|
|
1180000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3633605901.0000000001180000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1180000
|
| Size: |
4096
|
|
|
8BAD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3641510349.0000000008BAD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8BAD000
|
| Size: |
12288
|
|
|
5312000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215570158.0000000005312000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5312000
|
| Size: |
20480
|
|
|
898000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1297579723.0000000000898000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
898000
|
| Size: |
155648
|
|
|
4FEE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191277794.0000000004FEE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4FEE000
|
| Size: |
8192
|
|
|
4E28000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1279846014.0000000004E28000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4E28000
|
| Size: |
4096
|
|
|
94E4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3642453743.00000000094E4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
94E4000
|
| Size: |
65536
|
|
|
9EF000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1294203447.00000000009EF000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
9EF000
|
| Size: |
4096
|
|
|
7DD0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3639611639.0000000007DD0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7DD0000
|
| Size: |
233472
|
|
|
1288000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3633977892.0000000001288000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1288000
|
| Size: |
16384
|
|
|
4DCA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1294545637.0000000004DCA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DCA000
|
| Size: |
12288
|
|
|
D7E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1215034418.0000000000D7E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D7E000
|
| Size: |
61440
|
|
|
D99000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1214706095.0000000000D99000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D99000
|
| Size: |
8192
|
|
|
79F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1258003863.000000000079F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79F000
|
| Size: |
16384
|
|
|
5AFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3638489703.0000000005AFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5AFE000
|
| Size: |
8192
|
|
|
776000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1253514763.0000000000776000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
776000
|
| Size: |
323584
|
|
|
7A6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1294050282.00000000007A6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7A6000
|
| Size: |
16384
|
|
|
46C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635729482.00000000046C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
46C0000
|
| Size: |
147456
|
|
|
94A5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3642453743.00000000094A5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
94A5000
|
| Size: |
217088
|
|
|
8AF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1254147703.00000000008AF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8AF000
|
| Size: |
12288
|
|
|
943000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189594180.0000000000943000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
943000
|
| Size: |
81920
|
|
|
804E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3640430025.000000000804E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
804E000
|
| Size: |
8192
|
|
|
D61000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1214807095.0000000000D61000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D61000
|
| Size: |
32768
|
|
|
B3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1190309739.0000000000B3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B3E000
|
| Size: |
8192
|
|
|
4DC4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1260722912.0000000004DC4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DC4000
|
| Size: |
36864
|
|
|
75E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1290707127.000000000075E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
75E000
|
| Size: |
40960
|
|
|
970E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3642961748.000000000970E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
970E000
|
| Size: |
8192
|
|
|
791000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1279943535.0000000000791000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
791000
|
| Size: |
24576
|
|
|
D95000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1214570060.0000000000D95000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D95000
|
| Size: |
24576
|
|
|
880000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1296178703.0000000000880000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
880000
|
| Size: |
20480
|
|
|
966000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189594180.0000000000966000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
966000
|
| Size: |
163840
|
|
|
DEC000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1190608624.0000000000DEC000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
DEC000
|
| Size: |
4096
|
|
|
7A2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1274453537.00000000007A2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7A2000
|
| Size: |
24576
|
|
|
557D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191380481.000000000557D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
557D000
|
| Size: |
12288
|
|
|
4C4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1294471734.0000000004C4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4C4E000
|
| Size: |
8192
|
|
|
4620000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1295600185.0000000004620000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4620000
|
| Size: |
4096
|
|
|
DD7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3649055348.000000000DD7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
DD7E000
|
| Size: |
8192
|
|
|
7F1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1260854943.00000000007F1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7F1000
|
| Size: |
28672
|
|
|
C02E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3645666962.000000000C02E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C02E000
|
| Size: |
8192
|
|
|
4826000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635729482.0000000004826000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4826000
|
| Size: |
147456
|
|
|
7A8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1253581143.00000000007A8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7A8000
|
| Size: |
118784
|
|
|
800D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3640384220.000000000800D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
800D000
|
| Size: |
12288
|
|
|
D81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217674279.0000000000D81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D81000
|
| Size: |
49152
|
|
|
735000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1292770790.0000000000735000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
735000
|
| Size: |
40960
|
|
|
1777000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635476904.0000000001777000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1777000
|
| Size: |
28672
|
|
|
3BD4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191013370.0000000003BD4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BD4000
|
| Size: |
8192
|
|
|
768000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1253631230.0000000000768000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
768000
|
| Size: |
20480
|
|
|
813000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1294166270.0000000000813000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
813000
|
| Size: |
8192
|
|
|
DDA000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1190522980.0000000000DDA000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
DDA000
|
| Size: |
8192
|
|
|
540D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3637449993.000000000540D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
540D000
|
| Size: |
12288
|
|
|
864000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1253634965.0000000000864000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
864000
|
| Size: |
12288
|
|
|
797000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1287893849.0000000000797000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
797000
|
| Size: |
20480
|
|
|
2F4F000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217793843.0000000002F4F000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
2F4F000
|
| Size: |
4096
|
|
|
7A8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1268951512.00000000007A8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7A8000
|
| Size: |
24576
|
|
|
DEA000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1190594511.0000000000DEA000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
DEA000
|
| Size: |
4096
|
|
|
7AE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1285620495.00000000007AE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7AE000
|
| Size: |
462848
|
|
|
CCE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1217537193.0000000000CCE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
CCE000
|
| Size: |
8192
|
|
|
2BF7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1190939529.0000000002BF7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2BF7000
|
| Size: |
45056
|
|
|
5312000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1216557247.0000000005312000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5312000
|
| Size: |
20480
|
|
|
1760000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635445674.0000000001760000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1760000
|
| Size: |
65536
|
|
|
4956000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3635729482.0000000004956000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4956000
|
| Size: |
16384
|
|
|
DD2000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1190501222.0000000000DD2000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
DD2000
|
| Size: |
4096
|
|
|
D91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1214750971.0000000000D91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D91000
|
| Size: |
16384
|
|
