Automated Malware Analysis IOC Report for

Details

Name:	00000015.00000002.1602440878.0000000000AB1000.00000040.00000001.01000000.00000011.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	AB1000
Size:	409600

Signature Hits	Behavior Group	Mitre Attack
Found malware configuration	AV Detection
Yara detected Amadeys Clipper DLL	Stealing of Sensitive Information
Contains functionality to start a terminal service	Remote Access Functionality	Remote Desktop Protocol
Sample uses string decryption to hide its real strings	AV Detection

Details

Name:	00000013.00000002.1570541222.0000000000A11000.00000040.00000001.01000000.0000000E.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	A11000
Size:	409600

Signature Hits	Behavior Group	Mitre Attack
Yara detected Amadeys Clipper DLL	Stealing of Sensitive Information
Contains functionality to start a terminal service	Remote Access Functionality	Remote Desktop Protocol

Details

Name:	00000015.00000003.1561578454.0000000004D10000.00000004.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	4D10000
Size:	409600

Signature Hits	Behavior Group	Mitre Attack
Yara detected Amadeys Clipper DLL	Stealing of Sensitive Information
Contains functionality to start a terminal service	Remote Access Functionality	Remote Desktop Protocol

Details

Name:	00000013.00000003.1529477271.0000000004940000.00000004.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	4940000
Size:	409600

Signature Hits	Behavior Group	Mitre Attack
Yara detected Amadeys Clipper DLL	Stealing of Sensitive Information
Contains functionality to start a terminal service	Remote Access Functionality	Remote Desktop Protocol

Details

Name:	00000014.00000003.1552207485.0000000005280000.00000004.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	5280000
Size:	409600

Signature Hits	Behavior Group	Mitre Attack
Yara detected Amadeys Clipper DLL	Stealing of Sensitive Information
Contains functionality to start a terminal service	Remote Access Functionality	Remote Desktop Protocol

Details

Name:	00000014.00000002.1592540708.0000000000AB1000.00000040.00000001.01000000.00000011.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	AB1000
Size:	409600

Signature Hits	Behavior Group	Mitre Attack
Yara detected Amadeys Clipper DLL	Stealing of Sensitive Information
Contains functionality to start a terminal service	Remote Access Functionality	Remote Desktop Protocol

Details

Name:	00000009.00000002.949970233.000002C70F95C000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2C70F95C000
Size:	782336

Details

Name:	00000006.00000002.1555595801.0000000008D0C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	8D0C000
Size:	16384

Details

Name:	0000000C.00000002.2123444694.0000003B327FE000.00000002.00000001.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3B327FE000
Size:	4096

Details

Name:	00000006.00000002.1545090692.0000000007650000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7650000
Size:	4096

Details

Name:	00000015.00000002.1602520567.0000000000B1F000.00000040.00000001.01000000.00000011.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	B1F000
Size:	1564672

Details

Name:	00000014.00000002.1593786854.0000000003DBF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3DBF000
Size:	4096

Details

Name:	00000015.00000003.1561960992.0000000004E80000.00000040.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4E80000
Size:	4096

Details

Name:	00000014.00000002.1594312852.0000000004A7E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4A7E000
Size:	8192

Details

Name:	00000015.00000002.1604425237.000000000414E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	414E000
Size:	8192

Details

Name:	00000014.00000003.1552207485.00000000052E5000.00000004.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	52E5000
Size:	12288

Details

Name:	00000013.00000003.1526684229.00000000006C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000006.00000002.1524706600.0000000004B2E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4B2E000
Size:	8192

Details

Name:	00000015.00000002.1602501099.0000000000B1D000.00000008.00000001.01000000.00000011.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page write copy
Base address:	B1D000
Size:	4096

Details

Name:	00000008.00000003.905238589.0000020F4127C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F4127C000
Size:	4096

Details

Name:	00000006.00000002.1523222749.0000000003238000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3238000
Size:	20480

Details

Name:	00000014.00000002.1593520334.000000000353E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	353E000
Size:	8192

Details

Name:	00000002.00000003.877891953.00000000031D8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31D8000
Size:	32768

Details

Name:	00000006.00000002.1552792847.00000000079EF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	79EF000
Size:	4096

Details

Name:	00000009.00000002.949153541.000002C70C439000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C70C439000
Size:	12288

Details

Name:	00000014.00000003.1545650734.0000000001620000.00000004.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	1620000
Size:	53248

Details

Name:	00000013.00000002.1572559182.0000000004A7F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4A7F000
Size:	4096

Details

Name:	00000000.00000003.867329925.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	53248

Details

Name:	00000013.00000003.1533509877.00000000006C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000015.00000002.1602440878.0000000000B16000.00000040.00000001.01000000.00000011.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	B16000
Size:	16384

Details

Name:	00000000.00000003.867495705.0000000001107000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1107000
Size:	32768

Details

Name:	00000013.00000003.1527919482.00000000044A0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	44A0000
Size:	53248

Details

Name:	00000000.00000002.873718326.0000000001184000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1184000
Size:	90112

Details

Name:	00000000.00000003.870749042.000000000104C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	104C000
Size:	69632

Details

Name:	00000008.00000003.900356643.0000020F41270000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F41270000
Size:	53248

Details

Name:	0000000C.00000003.1255925454.000001C93AF1A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1C93AF1A000
Size:	4096

Details

Name:	00000006.00000002.1553983498.0000000007AF0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7AF0000
Size:	65536

Details

Name:	00000009.00000002.949970233.000002C70EF5C000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2C70EF5C000
Size:	10485760

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000008.00000003.907426354.0000021743BE2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	21743BE2000
Size:	4096

Details

Name:	00000015.00000002.1602520567.0000000000DAE000.00000040.00000001.01000000.00000011.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	DAE000
Size:	40960

Details

Name:	00000014.00000000.1538661207.0000000000B1D000.00000008.00000001.01000000.00000011.sdmp
TargetID:	20
Dumpstage:	process new
Regiontype:	unkown
Protect:	page write copy
Base address:	B1D000
Size:	4096

Details

Name:	00000000.00000003.871035701.0000000001044000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1044000
Size:	32768

Details

Name:	00000014.00000002.1592604219.0000000000B1D000.00000008.00000001.01000000.00000011.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page write copy
Base address:	B1D000
Size:	4096

Details

Name:	00000009.00000002.949084563.000002C70C3A0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C70C3A0000
Size:	16384

Details

Name:	0000000C.00000002.2125448628.000001C93FBC0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1C93FBC0000
Size:	4096

Details

Name:	00000015.00000003.1559501832.0000000000984000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	984000
Size:	4096

Details

Name:	00000014.00000002.1593744762.0000000003C7F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3C7F000
Size:	4096

Details

Name:	0000000C.00000002.2123570836.0000003B3297E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3B3297E000
Size:	8192

Details

Name:	00000006.00000002.1540712581.0000000006019000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6019000
Size:	172032

Details

Name:	00000009.00000002.974419404.000002C7263DB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C7263DB000
Size:	94208

Details

Name:	00000014.00000002.1594100445.000000000443E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	443E000
Size:	8192

Details

Name:	00000013.00000002.1572631855.0000000004AF0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4AF0000
Size:	4096

Details

Name:	00000002.00000002.878850522.00000000031E1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	31E1000
Size:	20480

Details

Name:	00000014.00000003.1545096901.0000000001504000.00000004.00000020.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1504000
Size:	4096

Details

Name:	00000009.00000002.976836248.00007FF9364E0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7FF9364E0000
Size:	65536

Details

Name:	00000009.00000002.974868734.000002C7264D0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C7264D0000
Size:	4096

Details

Name:	00000014.00000003.1551411897.0000000001504000.00000004.00000020.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1504000
Size:	4096

Details

Name:	00000013.00000002.1572059413.00000000040DF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	40DF000
Size:	4096

Details

Name:	00000015.00000002.1603307780.000000000334F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	334F000
Size:	4096

Details

Name:	00000013.00000002.1572817434.0000000004B70000.00000040.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4B70000
Size:	4096

Details

Name:	00000006.00000002.1554204936.0000000007B10000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7B10000
Size:	65536

Details

Name:	00000009.00000002.948832384.000000E3DB37D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	E3DB37D000
Size:	12288

Details

Name:	0000000C.00000002.2125581032.000001C93FC54000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93FC54000
Size:	49152

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000013.00000002.1570501375.0000000000A0E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	A0E000
Size:	8192

Details

Name:	00000008.00000003.905513923.0000020F412C5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F412C5000
Size:	40960

Details

Name:	00000000.00000000.863008323.0000000000292000.00000002.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	292000
Size:	40960

Signature Hits	Behavior Group	Mitre Attack
Binary is likely a compiled AutoIt script file	System Summary

Details

Name:	00000009.00000002.976000543.00007FF936411000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7FF936411000
Size:	12288

Details

Name:	00000013.00000002.1569767170.0000000000570000.00000004.00000020.00040000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	570000
Size:	4096

Details

Name:	00000014.00000002.1593563679.000000000367E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	367E000
Size:	8192

Details

Name:	00000009.00000002.949917732.000002C70E317000.00000040.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page execute and read and write
Base address:	2C70E317000
Size:	4096

Details

Name:	00000014.00000002.1594532621.0000000005410000.00000040.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	5410000
Size:	4096

Details

Name:	00000008.00000003.907629690.00000217431A3000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	217431A3000
Size:	4096

Details

Name:	00000000.00000002.872332790.000000000029C000.00000004.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	29C000
Size:	28672

Details

Name:	00000008.00000003.905513923.0000020F412E1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F412E1000
Size:	65536

Details

Name:	00000013.00000002.1573069468.0000000007FEB000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7FEB000
Size:	20480

Details

Name:	00000002.00000003.876378588.00000000064A3000.00000004.00000800.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	64A3000
Size:	4096

Details

Name:	00000006.00000002.1522876185.0000000003174000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3174000
Size:	36864

Details

Name:	00000006.00000002.1553007864.0000000007A80000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7A80000
Size:	65536

Details

Name:	00000009.00000002.975441717.00007FF936262000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7FF936262000
Size:	4096

Details

Name:	00000014.00000002.1593665487.00000000039FF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	39FF000
Size:	4096

Details

Name:	00000013.00000002.1570036460.0000000000628000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	628000
Size:	98304

Details

Name:	0000000C.00000002.2122382323.0000003B3147B000.00000004.00000010.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3B3147B000
Size:	20480

Details

Name:	00000013.00000003.1526600527.00000000006C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000002.00000003.876378588.00000000064AA000.00000004.00000800.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	64AA000
Size:	4096

Details

Name:	00000006.00000002.1551426731.0000000007879000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7879000
Size:	4096

Details

Name:	00000006.00000002.1544246552.0000000007460000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7460000
Size:	53248

Details

Name:	00000002.00000003.876326096.00000000063B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	63B0000
Size:	12288

Details

Name:	00000000.00000003.870256014.00000000010C8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	10C8000
Size:	8192

Details

Name:	00000013.00000003.1526705045.00000000006C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000009.00000002.948772139.000000E3DAF8E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	E3DAF8E000
Size:	8192

Details

Name:	00000006.00000002.1544371118.0000000007479000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7479000
Size:	16384

Details

Name:	00000008.00000003.907629690.00000217431AE000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	217431AE000
Size:	24576

Details

Name:	0000000C.00000002.2124215813.000001C93A613000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93A613000
Size:	94208

Details

Name:	00000002.00000003.871908753.00000000031F6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31F6000
Size:	131072

Details

Name:	00000009.00000002.975702895.00007FF936316000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7FF936316000
Size:	24576

Details

Name:	00000008.00000002.911405708.0000020F414D0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	20F414D0000
Size:	4096

Details

Name:	0000000C.00000003.1223437255.000001C93FA70000.00000004.00000800.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1C93FA70000
Size:	4096

Details

Name:	00000014.00000000.1538600702.0000000000AB1000.00000080.00000001.01000000.00000011.sdmp
TargetID:	20
Dumpstage:	process new
Regiontype:	unkown
Protect:	page execute and write copy
Base address:	AB1000
Size:	188416

Details

Name:	00000014.00000002.1593391426.000000000317E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	317E000
Size:	8192

Details

Name:	00000006.00000002.1553438827.0000000007AA0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7AA0000
Size:	65536

Details

Name:	00000013.00000003.1535134626.000000000066F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	66F000
Size:	135168

Details

Name:	0000000C.00000002.2124086713.000001C93A590000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93A590000
Size:	4096

Details

Name:	00000015.00000002.1602240706.0000000000980000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	980000
Size:	16384

Details

Name:	00000015.00000002.1604788928.000000000474F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	474F000
Size:	4096

Details

Name:	00000008.00000003.909951388.0000020F42C0D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F42C0D000
Size:	8192

Details

Name:	00000013.00000002.1571149841.0000000000EB1000.00000040.00000001.01000000.0000000E.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	EB1000
Size:	8192

Details

Name:	00000014.00000002.1594572007.0000000005430000.00000040.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	5430000
Size:	4096

Details

Name:	00000002.00000003.877662312.00000000031F1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31F1000
Size:	4096

Details

Name:	00000000.00000002.872664869.0000000000C30000.00000004.00000020.00040000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	C30000
Size:	4096

Details

Name:	00000013.00000003.1539825698.0000000000601000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	601000
Size:	106496

Details

Name:	00000009.00000002.948920202.000000E3DB679000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	E3DB679000
Size:	28672

Details

Name:	00000014.00000002.1594049127.00000000042FE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	42FE000
Size:	8192

Details

Name:	00000013.00000003.1535968771.0000000008231000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8231000
Size:	16384

Details

Name:	00000013.00000003.1539310124.0000000000643000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	643000
Size:	90112

Details

Name:	00000013.00000003.1532193110.00000000044B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44B1000
Size:	49152

Details

Name:	00000008.00000002.910625389.0000020F41218000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	20F41218000
Size:	122880

Details

Name:	00000009.00000002.949153541.000002C70C43D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C70C43D000
Size:	12288

Details

Name:	00000000.00000003.870417083.00000000010B8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	10B8000
Size:	24576

Details

Name:	00000009.00000002.975741193.00007FF93631C000.00000040.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7FF93631C000
Size:	12288

Details

Name:	00000008.00000003.907629690.00000217431A5000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	217431A5000
Size:	12288

Details

Name:	00000014.00000002.1593095214.0000000001430000.00000004.00000020.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1430000
Size:	4096

Details

Name:	00000009.00000002.948736401.000000E3DAE83000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	E3DAE83000
Size:	53248

Details

Name:	00000000.00000003.870905897.0000000000FE4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	FE4000
Size:	184320

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	00000013.00000002.1571888156.0000000003BDF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3BDF000
Size:	4096

Details

Name:	00000014.00000003.1545071284.0000000001504000.00000004.00000020.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1504000
Size:	4096

Details

Name:	00000009.00000002.974946666.000002C726680000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C726680000
Size:	4096

Details

Name:	00000008.00000003.906520934.0000020F412A8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F412A8000
Size:	73728

Details

Name:	00000002.00000002.878690301.000000000319D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	319D000
Size:	32768

Details

Name:	00000009.00000002.977798033.00007FF9365C0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7FF9365C0000
Size:	36864

Details

Name:	00000009.00000002.976530262.00007FF9364B0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7FF9364B0000
Size:	65536

Details

Name:	00000013.00000003.1527002042.00000000044A0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	44A0000
Size:	53248

Details

Name:	00000006.00000002.1523050470.00000000031A2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	31A2000
Size:	12288

Details

Name:	00000006.00000002.1554866119.00000000085AD000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	85AD000
Size:	12288

Details

Name:	00000000.00000003.863665152.0000000000FF3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	FF3000
Size:	307200

Details

Name:	0000000C.00000002.2125019146.000001C93B480000.00000002.08000000.00040000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	trusted library section
Protect:	page readonly
Base address:	1C93B480000
Size:	65536

Details

Name:	00000015.00000003.1559856506.0000000002BD0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	2BD0000
Size:	53248

Details

Name:	00000002.00000003.877849036.00000000031E7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31E7000
Size:	4096

Details

Name:	00000015.00000002.1602138214.00000000008FD000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	8FD000
Size:	12288

Details

Name:	00000008.00000003.907074016.0000021743BE2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	21743BE2000
Size:	4096

Details

Name:	00000013.00000002.1572536545.000000000497E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	497E000
Size:	8192

Details

Name:	00000015.00000002.1605158148.0000000004EE0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4EE0000
Size:	4096

Details

Name:	00000013.00000002.1571826549.000000000399E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	399E000
Size:	8192

Details

Name:	00000013.00000002.1571506881.00000000030DE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	30DE000
Size:	8192

Details

Name:	00000000.00000003.867292347.0000000001141000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1141000
Size:	114688

Details

Name:	00000013.00000002.1570627749.0000000000A7F000.00000040.00000001.01000000.0000000E.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	A7F000
Size:	1564672

Details

Name:	00000002.00000002.878105783.0000000002B80000.00000004.00000020.00040000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2B80000
Size:	4096

Details

Name:	00000009.00000002.949040721.000002C70C320000.00000004.00000020.00040000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C70C320000
Size:	4096

Details

Name:	00000015.00000003.1562029569.0000000004E80000.00000040.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4E80000
Size:	4096

Details

Name:	00000014.00000002.1594182666.00000000046BE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	46BE000
Size:	8192

Details

Name:	00000008.00000002.910997347.0000020F412E1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	20F412E1000
Size:	65536

Details

Name:	00000013.00000003.1526501323.00000000045B0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	45B0000
Size:	147456

Details

Name:	0000000C.00000002.2123414791.0000003B3277E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3B3277E000
Size:	8192

Details

Name:	00000013.00000003.1528259717.00000000044A0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	44A0000
Size:	53248

Details

Name:	00000002.00000003.871908753.00000000031D8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31D8000
Size:	65536

Details

Name:	00000014.00000002.1593074241.0000000001350000.00000004.00000020.00040000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1350000
Size:	4096

Details

Name:	00000013.00000002.1570995079.0000000000D1E000.00000080.00000001.01000000.0000000E.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and write copy
Base address:	D1E000
Size:	1650688

Details

Name:	00000006.00000002.1522822765.0000000003173000.00000040.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	3173000
Size:	4096

Details

Name:	00000006.00000002.1525328601.000000000538B000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	538B000
Size:	40960

Details

Name:	00000006.00000002.1551426731.000000000785A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	785A000
Size:	12288

Details

Name:	00000013.00000003.1538525117.00000000068A1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	68A1000
Size:	4096

Details

Name:	00000006.00000002.1544649458.0000000007585000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7585000
Size:	36864

Details

Name:	0000000C.00000002.2122485653.0000003B317F7000.00000004.00000010.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3B317F7000
Size:	36864

Details

Name:	00000014.00000002.1594406567.0000000004CFE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4CFE000
Size:	8192

Details

Name:	00000015.00000002.1603801060.0000000003D4F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3D4F000
Size:	4096

Details

Name:	0000000C.00000002.2125205119.000001C93B9E0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1C93B9E0000
Size:	4096

Details

Name:	00000002.00000002.878895196.00000000031F1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	31F1000
Size:	4096

Details

Name:	00000008.00000002.910860303.0000020F41289000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	20F41289000
Size:	8192

Details

Name:	00000002.00000002.879317054.0000000003360000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3360000
Size:	16384

Details

Name:	00000013.00000002.1573108781.000000000812B000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	812B000
Size:	20480

Details

Name:	00000008.00000002.910997347.0000020F412F2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	20F412F2000
Size:	4096

Details

Name:	00000013.00000002.1569745883.000000000053A000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	53A000
Size:	24576

Details

Name:	00000006.00000002.1550506327.000000000782A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	782A000
Size:	65536

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000013.00000002.1571601408.000000000335E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	335E000
Size:	8192

Details

Name:	00000009.00000002.949970233.000002C710075000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2C710075000
Size:	4096

Details

Name:	0000000C.00000002.2123663782.0000003B32A7E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3B32A7E000
Size:	8192

Details

Name:	00000014.00000002.1593158618.0000000001500000.00000004.00000020.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1500000
Size:	16384

Details

Name:	00000009.00000002.975680565.00007FF936310000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7FF936310000
Size:	8192

Details

Name:	00000015.00000000.1554734710.0000000000DBD000.00000080.00000001.01000000.00000011.sdmp
TargetID:	21
Dumpstage:	process new
Regiontype:	unkown
Protect:	page execute and write copy
Base address:	DBD000
Size:	1662976

Details

Name:	00000000.00000003.870053665.00000000010A6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	10A6000
Size:	4096

Details

Name:	00000000.00000003.871035701.0000000001041000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1041000
Size:	8192

Details

Name:	00000009.00000002.948980744.000000E3DB87B000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	E3DB87B000
Size:	20480

Details

Name:	0000000C.00000002.2125870956.000001C941000000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C941000000
Size:	4096

Details

Name:	00000008.00000003.909728943.0000021742F50000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	21742F50000
Size:	4096

Details

Name:	00000002.00000003.872187983.00000000031F6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31F6000
Size:	131072

Details

Name:	00000006.00000002.1523222749.0000000003230000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3230000
Size:	28672

Details

Name:	00000008.00000003.907245828.0000021743BF2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	21743BF2000
Size:	24576

Details

Name:	00000013.00000003.1533127740.00000000006C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000008.00000002.910345567.000000ECB304E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	ECB304E000
Size:	8192

Details

Name:	00000002.00000002.880431574.0000000005AEE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	5AEE000
Size:	8192

Details

Name:	00000009.00000002.949153541.000002C70C478000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C70C478000
Size:	430080

Details

Name:	00000000.00000002.872870053.0000000000DD0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	DD0000
Size:	20480

Details

Name:	00000015.00000002.1605026515.0000000004EA0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4EA0000
Size:	4096

Details

Name:	00000002.00000003.877662312.00000000031F3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31F3000
Size:	8192

Details

Name:	00000015.00000003.1560990038.0000000000984000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	984000
Size:	4096

Details

Name:	00000014.00000002.1594591931.0000000005440000.00000040.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	5440000
Size:	4096

Details

Name:	00000015.00000002.1603114997.0000000002D4E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2D4E000
Size:	8192

Details

Name:	00000009.00000002.949970233.000002C70E55C000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2C70E55C000
Size:	10485760

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000013.00000003.1538525117.00000000068B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	68B0000
Size:	8192

Details

Name:	00000009.00000002.949153541.000002C70C4E5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C70C4E5000
Size:	40960

Details

Name:	00000013.00000002.1572013524.0000000003F9F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3F9F000
Size:	4096

Details

Name:	00000009.00000002.975884991.00007FF936380000.00000040.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7FF936380000
Size:	32768

Details

Name:	00000009.00000002.949025867.000000E3DC34E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	E3DC34E000
Size:	8192

Details

Name:	00000009.00000002.975191200.000002C7266CC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C7266CC000
Size:	40960

Details

Name:	00000013.00000003.1540339400.0000000008250000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8250000
Size:	8192

Details

Name:	00000015.00000003.1561869889.0000000004E80000.00000040.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4E80000
Size:	8192

Details

Name:	00000006.00000002.1524963163.0000000004C50000.00000040.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page execute and read and write
Base address:	4C50000
Size:	4096

Details

Name:	0000000C.00000003.1203287000.000001C93FBC0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1C93FBC0000
Size:	4096

Details

Name:	00000000.00000003.867377983.000000000111B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	111B000
Size:	57344

Details

Name:	00000006.00000002.1543175842.00000000071CE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	71CE000
Size:	8192

Details

Name:	00000009.00000002.975639160.00007FF936280000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7FF936280000
Size:	4096

Details

Name:	00000002.00000002.880380372.0000000005920000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5920000
Size:	4096

Details

Name:	00000015.00000003.1562130025.0000000004E50000.00000040.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4E50000
Size:	4096

Details

Name:	00000008.00000003.905513923.0000020F412C1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F412C1000
Size:	12288

Details

Name:	00000002.00000003.877662312.00000000031EA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31EA000
Size:	8192

Details

Name:	00000006.00000002.1554562198.0000000008510000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	8510000
Size:	4096

Details

Name:	00000006.00000002.1552903975.0000000007A70000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7A70000
Size:	61440

Details

Name:	00000008.00000003.909728943.0000021742F69000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	21742F69000
Size:	16384

Details

Name:	00000000.00000003.871128102.000000000114A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	114A000
Size:	32768

Details

Name:	00000013.00000002.1571484817.000000000309F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	309F000
Size:	4096

Details

Name:	0000000C.00000002.2124334417.000001C93A670000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93A670000
Size:	4096

Details

Name:	00000006.00000002.1543462444.00000000072EA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	72EA000
Size:	233472

Details

Name:	00000006.00000002.1523458938.0000000003250000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3250000
Size:	28672

Details

Name:	00000000.00000003.871688621.00000000010F6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	10F6000
Size:	12288

Details

Name:	00000013.00000003.1526864184.00000000044A0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	44A0000
Size:	53248

Details

Name:	00000002.00000003.877891953.00000000031D2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31D2000
Size:	20480

Details

Name:	00000009.00000002.975811897.00007FF936346000.00000040.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7FF936346000
Size:	73728

Details

Name:	00000015.00000002.1602885091.000000000106E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	106E000
Size:	8192

Details

Name:	00000015.00000003.1559698276.0000000002BD0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	2BD0000
Size:	53248

Details

Name:	00000015.00000002.1604054835.0000000003FCE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3FCE000
Size:	8192

Details

Name:	00000008.00000002.910997347.0000020F412BC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	20F412BC000
Size:	20480

Details

Name:	00000009.00000002.977595118.00007FF936590000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7FF936590000
Size:	65536

Details

Name:	00000008.00000003.907629690.00000217431AB000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	217431AB000
Size:	4096

Details

Name:	00000009.00000002.976266963.00007FF936470000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7FF936470000
Size:	65536

Details

Name:	00000013.00000002.1572689000.0000000004B10000.00000040.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4B10000
Size:	4096

Details

Name:	00000009.00000002.949153541.000002C70C4E2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C70C4E2000
Size:	8192

Details

Name:	00000008.00000003.900356643.0000020F41288000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F41288000
Size:	12288

Details

Name:	00000008.00000002.910860303.0000020F41270000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	20F41270000
Size:	49152

Details

Name:	0000000C.00000003.1204368868.000001C93FBF0000.00000004.00000400.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	free memory
Regiontype:	remote allocation
Protect:	page read and write
Base address:	1C93FBF0000
Size:	4096

Details

Name:	00000006.00000002.1525258330.0000000004CA7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4CA7000
Size:	8192

Details

Name:	00000000.00000000.862636856.00000000001D0000.00000002.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	1D0000
Size:	4096

Details

Name:	00000000.00000003.871474977.00000000010F4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	10F4000
Size:	20480

Details

Name:	00000013.00000002.1571224128.000000000295F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	295F000
Size:	4096

Details

Name:	00000002.00000003.872187983.00000000031EA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31EA000
Size:	8192

Details

Name:	00000008.00000003.903661883.0000020F412F2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F412F2000
Size:	4096

Details

Name:	0000000C.00000003.1203177870.000001C93FAD9000.00000004.00000800.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1C93FAD9000
Size:	28672

Details

Name:	00000014.00000002.1593883205.000000000407E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	407E000
Size:	8192

Details

Name:	00000002.00000003.876378588.00000000064B7000.00000004.00000800.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	64B7000
Size:	4096

Details

Name:	00000000.00000002.873544589.0000000001130000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1130000
Size:	16384

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	00000013.00000002.1571292727.0000000002B9F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2B9F000
Size:	4096

Details

Name:	00000015.00000003.1560532149.0000000002BD0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	2BD0000
Size:	53248

Details

Name:	00000000.00000003.870256014.000000000107E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	107E000
Size:	4096

Details

Name:	00000015.00000002.1604991450.0000000004E90000.00000040.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4E90000
Size:	4096

Details

Name:	00000014.00000003.1552519167.00000000053F0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	53F0000
Size:	8192

Details

Name:	00000002.00000002.880290777.00000000057CF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	57CF000
Size:	4096

Details

Name:	00000015.00000002.1602862696.0000000000F51000.00000040.00000001.01000000.00000011.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	F51000
Size:	8192

Details

Name:	00000013.00000002.1571317038.0000000002BDE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2BDE000
Size:	8192

Details

Name:	00000013.00000003.1530377837.0000000004AB0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4AB0000
Size:	4096

Details

Name:	00000008.00000003.903661883.0000020F412C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F412C4000
Size:	45056

Details

Name:	00000006.00000002.1543306459.000000000728E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	728E000
Size:	8192

Details

Name:	00000002.00000003.876378588.00000000064A5000.00000004.00000800.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	64A5000
Size:	16384

Details

Name:	00000013.00000003.1532884923.00000000006C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	0000000C.00000002.2124607106.000001C93A713000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93A713000
Size:	24576

Details

Name:	00000013.00000002.1571785826.000000000385E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	385E000
Size:	8192

Details

Name:	00000015.00000002.1602520567.0000000000DBD000.00000040.00000001.01000000.00000011.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	DBD000
Size:	4096

Details

Name:	00000015.00000002.1603023344.0000000002BCE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2BCE000
Size:	8192

Details

Name:	00000014.00000002.1594611350.0000000005450000.00000040.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	5450000
Size:	4096

Details

Name:	00000013.00000003.1539875124.0000000000651000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	651000
Size:	32768

Details

Name:	00000015.00000002.1604754493.000000000464E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	464E000
Size:	8192

Details

Name:	00000009.00000002.949788842.000002C70E123000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2C70E123000
Size:	4096

Details

Name:	00000015.00000000.1554640337.0000000000AB0000.00000002.00000001.01000000.00000011.sdmp
TargetID:	21
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	AB0000
Size:	4096

Details

Name:	00000014.00000002.1593280088.00000000016AE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	16AE000
Size:	155648

Details

Name:	00000015.00000002.1605217717.0000000004EF0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4EF0000
Size:	4096

Details

Name:	00000000.00000003.872071566.0000000000FF3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	FF3000
Size:	122880

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	00000008.00000003.901011129.0000020F412C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F412C4000
Size:	45056

Details

Name:	00000015.00000002.1603727118.0000000003B0E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3B0E000
Size:	8192

Details

Name:	00000006.00000002.1555553335.0000000008CCE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	8CCE000
Size:	8192

Details

Name:	00000008.00000003.909728943.0000021742F71000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	21742F71000
Size:	4096

Details

Name:	00000015.00000002.1603045259.0000000002C07000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C07000
Size:	8192

Details

Name:	0000000C.00000002.2124539553.000001C93A6BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93A6BA000
Size:	12288

Details

Name:	00000015.00000003.1560261207.0000000002BD0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	2BD0000
Size:	53248

Details

Name:	0000000C.00000002.2124991220.000001C93B470000.00000002.08000000.00040000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	trusted library section
Protect:	page readonly
Base address:	1C93B470000
Size:	65536

Details

Name:	00000002.00000002.878775472.00000000031C1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	31C1000
Size:	65536

Details

Name:	00000009.00000002.948802513.000000E3DB27E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	E3DB27E000
Size:	8192

Details

Name:	00000009.00000002.977481647.00007FF936570000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7FF936570000
Size:	65536

Details

Name:	00000014.00000002.1594690037.0000000005490000.00000040.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	5490000
Size:	4096

Details

Name:	00000015.00000002.1604030556.0000000003ECE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3ECE000
Size:	8192

Details

Name:	00000008.00000002.910206992.000000ECB2E4F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	ECB2E4F000
Size:	4096

Details

Name:	00000000.00000002.873805791.0000000003354000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3354000
Size:	8192

Details

Name:	00000002.00000003.877633184.000000000319A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	319A000
Size:	45056

Details

Name:	00000006.00000002.1523458938.0000000003288000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3288000
Size:	208896

Details

Name:	00000000.00000003.865042224.000000000117D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	117D000
Size:	118784

Details

Name:	00000006.00000002.1524837595.0000000004BD0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4BD0000
Size:	65536

Details

Name:	00000013.00000003.1539875124.0000000000625000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	625000
Size:	110592

Details

Name:	00000000.00000003.871307869.0000000001058000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1058000
Size:	20480

Details

Name:	00000014.00000003.1552643620.00000000053F0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	53F0000
Size:	4096

Details

Name:	00000015.00000003.1560752145.0000000002BD0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	2BD0000
Size:	53248

Details

Name:	00000015.00000003.1560960685.0000000004891000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4891000
Size:	49152

Details

Name:	00000013.00000003.1533237515.00000000006C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	0000000C.00000002.2125642759.000001C93FC65000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93FC65000
Size:	151552

Details

Name:	00000014.00000002.1593842207.0000000003F3E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3F3E000
Size:	8192

Details

Name:	00000013.00000003.1539441375.0000000000669000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	669000
Size:	192512

Details

Name:	00000013.00000003.1532975549.00000000006C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000000.00000002.872522539.0000000000BEF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	BEF000
Size:	4096

Details

Name:	00000014.00000002.1594162880.000000000467F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	467F000
Size:	4096

Details

Name:	00000015.00000003.1561046566.0000000000984000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	984000
Size:	4096

Details

Name:	00000015.00000002.1602294875.00000000009AA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	9AA000
Size:	135168

Details

Name:	00000006.00000002.1540712581.0000000005FF1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5FF1000
Size:	28672

Details

Name:	00000006.00000002.1522765390.0000000003160000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3160000
Size:	8192

Details

Name:	00000000.00000002.873777016.0000000001BBE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	1BBE000
Size:	8192

Details

Name:	00000006.00000002.1554593652.0000000008520000.00000040.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	8520000
Size:	28672

Details

Name:	00000009.00000002.976000543.00007FF936415000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7FF936415000
Size:	12288

Details

Name:	00000000.00000003.870256014.00000000010B8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	10B8000
Size:	24576

Details

Name:	00000008.00000003.907792185.0000021743BD4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	21743BD4000
Size:	16384

Details

Name:	00000006.00000002.1543426411.00000000072CF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	72CF000
Size:	4096

Details

Name:	00000008.00000003.903661883.0000020F412E1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F412E1000
Size:	65536

Details

Name:	00000014.00000003.1545187649.0000000001504000.00000004.00000020.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1504000
Size:	4096

Details

Name:	00000015.00000002.1603705454.0000000003ACF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3ACF000
Size:	4096

Details

Name:	00000002.00000002.878895196.00000000031F3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	31F3000
Size:	8192

Details

Name:	00000000.00000002.872522539.0000000000BCF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	BCF000
Size:	4096

Details

Name:	00000013.00000003.1538635142.0000000005DD5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	5DD5000
Size:	8192

Details

Name:	00000006.00000002.1555740291.000000007F0A0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7F0A0000
Size:	4096

Details

Name:	00000002.00000002.878775472.00000000031D2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	31D2000
Size:	20480

Details

Name:	00000014.00000002.1592540708.0000000000B16000.00000040.00000001.01000000.00000011.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	B16000
Size:	16384

Details

Name:	00000002.00000003.872187983.00000000031F1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31F1000
Size:	4096

Details

Name:	00000013.00000002.1571690746.00000000035DE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	35DE000
Size:	8192

Details

Name:	00000014.00000003.1546344901.0000000001620000.00000004.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	1620000
Size:	53248

Details

Name:	00000014.00000002.1593624948.00000000038BF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	38BF000
Size:	4096

Details

Name:	00000009.00000002.949010793.000000E3DB97B000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	E3DB97B000
Size:	20480

Details

Name:	00000015.00000002.1602165059.0000000000930000.00000004.00000020.00040000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	930000
Size:	4096

Details

Name:	00000009.00000002.948967052.000000E3DB7FE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	E3DB7FE000
Size:	8192

Details

Name:	00000013.00000002.1571806938.000000000395F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	395F000
Size:	4096

Details

Name:	00000014.00000002.1593604756.00000000037BE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	37BE000
Size:	8192

Details

Name:	00000002.00000003.877891953.00000000031C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31C0000
Size:	69632

Details

Name:	00000014.00000002.1594251486.00000000048FF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	48FF000
Size:	4096

Details

Name:	00000015.00000003.1561900974.0000000004E80000.00000040.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4E80000
Size:	4096

Details

Name:	00000013.00000003.1539875124.0000000000643000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	643000
Size:	53248

Details

Name:	00000013.00000003.1540448723.000000000060D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	60D000
Size:	57344

Details

Name:	00000015.00000002.1605100015.0000000004ED0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4ED0000
Size:	4096

Details

Name:	00000014.00000002.1593179457.000000000160F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	160F000
Size:	4096

Details

Name:	00000006.00000002.1523137752.00000000031C0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	31C0000
Size:	4096

Details

Name:	00000006.00000002.1554970951.0000000008600000.00000040.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	8600000
Size:	8192

Details

Name:	00000014.00000002.1593493575.00000000034FF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	34FF000
Size:	4096

Details

Name:	0000000C.00000002.2123611153.0000003B329FE000.00000002.00000001.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3B329FE000
Size:	4096

Details

Name:	00000013.00000002.1572648448.0000000004B00000.00000040.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4B00000
Size:	4096

Details

Name:	00000000.00000003.869269665.00000000010B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	10B1000
Size:	53248

Details

Name:	00000000.00000003.867495705.0000000001130000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1130000
Size:	16384

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	00000000.00000002.872768994.0000000000D90000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	D90000
Size:	4096

Details

Name:	00000013.00000002.1570190244.00000000007DE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7DE000
Size:	8192

Details

Name:	00000013.00000002.1571367323.0000000002D1E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2D1E000
Size:	8192

Details

Name:	00000014.00000002.1593584670.000000000377F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	377F000
Size:	4096

Details

Name:	00000013.00000003.1527735948.00000000044A0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	44A0000
Size:	53248

Details

Name:	00000013.00000003.1528571773.00000000006C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000009.00000002.971147131.000002C71E340000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2C71E340000
Size:	372736

Details

Name:	00000008.00000003.903398949.0000020F412D2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F412D2000
Size:	57344

Details

Name:	00000014.00000002.1593218247.0000000001630000.00000004.00000020.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1630000
Size:	16384

Details

Name:	00000013.00000003.1540417650.0000000000650000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	650000
Size:	36864

Details

Name:	00000009.00000002.949153541.000002C70C403000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C70C403000
Size:	167936

Details

Name:	00000006.00000002.1523458938.00000000032BC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	32BC000
Size:	139264

Details

Name:	00000006.00000002.1522581521.00000000030BE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	30BE000
Size:	8192

Details

Name:	00000009.00000002.977263183.00007FF936540000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7FF936540000
Size:	65536

Details

Name:	00000006.00000002.1543138081.000000000718E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	718E000
Size:	8192

Details

Name:	00000002.00000002.878513561.0000000003160000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3160000
Size:	28672

Details

Name:	00000015.00000002.1603753641.0000000003C0F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3C0F000
Size:	4096

Details

Name:	00000013.00000002.1572898046.0000000005F1E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	5F1E000
Size:	8192

Details

Name:	00000006.00000002.1551426731.000000000787B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	787B000
Size:	4096

Details

Name:	00000006.00000002.1551364312.0000000007845000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7845000
Size:	12288

Details

Name:	00000013.00000002.1572952765.000000000615F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	615F000
Size:	4096

Details

Name:	00000013.00000002.1572837388.0000000004D30000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4D30000
Size:	8192

Details

Name:	00000002.00000002.878181533.0000000002EF9000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2EF9000
Size:	28672

Details

Name:	00000002.00000003.871908753.00000000031F1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31F1000
Size:	4096

Details

Name:	00000008.00000003.906437385.0000020F412A8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F412A8000
Size:	73728

Details

Name:	00000014.00000002.1593350652.000000000189F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	189F000
Size:	4096

Details

Name:	00000000.00000002.873025545.0000000000FC0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	FC0000
Size:	24576

Details

Name:	00000002.00000002.878711610.00000000031A6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	31A6000
Size:	4096

Details

Name:	0000000C.00000002.2125285785.000001C93FA60000.00000004.00000800.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1C93FA60000
Size:	4096

Details

Name:	00000015.00000002.1603205405.0000000002FCE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2FCE000
Size:	8192

Details

Name:	00000006.00000002.1524735672.0000000004B30000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4B30000
Size:	4096

Details

Name:	00000013.00000003.1539384624.0000000000650000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	650000
Size:	36864

Details

Name:	00000014.00000002.1593705320.0000000003B3F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3B3F000
Size:	4096

Details

Name:	0000000C.00000002.2123366021.0000003B325FE000.00000002.00000001.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3B325FE000
Size:	4096

Details

Name:	00000013.00000002.1569813763.00000000005A0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5A0000
Size:	36864

Details

Name:	00000009.00000002.949756527.000002C70DDA0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C70DDA0000
Size:	12288

Details

Name:	00000006.00000002.1544783291.00000000075CE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	75CE000
Size:	8192

Details

Name:	0000000C.00000002.2125305569.000001C93FA90000.00000004.00000800.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1C93FA90000
Size:	4096

Details

Name:	00000014.00000002.1592898498.0000000000DBE000.00000080.00000001.01000000.00000011.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and write copy
Base address:	DBE000
Size:	1650688

Details

Name:	00000014.00000003.1551341680.0000000001504000.00000004.00000020.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1504000
Size:	4096

Details

Name:	00000015.00000003.1562072044.0000000004E80000.00000040.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4E80000
Size:	4096

Details

Name:	00000013.00000002.1572127247.000000000425E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	425E000
Size:	8192

Details

Name:	00000009.00000002.975559727.00007FF936270000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7FF936270000
Size:	40960

Details

Name:	00000015.00000002.1604939451.0000000004E4F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4E4F000
Size:	4096

Details

Name:	00000000.00000003.867940948.0000000001101000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1101000
Size:	24576

Details

Name:	00000009.00000002.949153541.000002C70C3F0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C70C3F0000
Size:	73728

Details

Name:	00000002.00000002.878672467.0000000003192000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3192000
Size:	32768

Details

Name:	00000015.00000002.1603779401.0000000003C4E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3C4E000
Size:	8192

Details

Name:	00000002.00000003.871908753.00000000031B9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31B9000
Size:	98304

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000000.00000003.870581831.000000000105D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	105D000
Size:	4096

Details

Name:	00000013.00000002.1569979836.000000000060E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	60E000
Size:	53248

Details

Name:	00000015.00000003.1561926399.0000000004E80000.00000040.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4E80000
Size:	4096

Details

Name:	00000013.00000002.1569717811.000000000043B000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	43B000
Size:	20480

Details

Name:	00000000.00000003.871784543.0000000001045000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1045000
Size:	4096

Details

Name:	00000009.00000002.949153541.000002C70C42F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C70C42F000
Size:	4096

Details

Name:	00000008.00000003.906520934.0000020F41291000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F41291000
Size:	90112

Details

Name:	00000000.00000003.863629737.000000000103E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	103E000
Size:	131072

Details

Name:	00000013.00000003.1539223094.000000000065D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	65D000
Size:	4096

Details

Name:	00000006.00000002.1525328601.0000000004FF1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4FF1000
Size:	393216

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000002.00000003.872187983.00000000031E6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31E6000
Size:	8192

Details

Name:	00000000.00000003.866830933.0000000001129000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1129000
Size:	212992

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	0000000C.00000003.1250882344.000001C93AF1A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1C93AF1A000
Size:	4096

Details

Name:	00000008.00000003.905238589.0000020F412A8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F412A8000
Size:	114688

Details

Name:	00000009.00000002.949120571.000002C70C3B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C70C3B0000
Size:	4096

Details

Name:	0000000C.00000002.2124936193.000001C93B450000.00000002.08000000.00040000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	trusted library section
Protect:	page readonly
Base address:	1C93B450000
Size:	65536

Details

Name:	00000000.00000003.869177315.00000000010CA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	10CA000
Size:	4096

Details

Name:	00000000.00000003.870053665.000000000108D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	108D000
Size:	36864

Details

Name:	0000000C.00000002.2125622806.000001C93FC61000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93FC61000
Size:	12288

Details

Name:	00000013.00000003.1538525117.00000000068AE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	68AE000
Size:	4096

Details

Name:	00000002.00000003.877573410.0000000004E93000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4E93000
Size:	12288

Details

Name:	00000008.00000002.910997347.0000020F412D2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	20F412D2000
Size:	57344

Details

Name:	00000013.00000002.1569813763.00000000005F7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5F7000
Size:	28672

Details

Name:	00000002.00000002.878735963.00000000031AE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	31AE000
Size:	4096

Details

Name:	00000006.00000002.1544116920.0000000007450000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7450000
Size:	20480

Details

Name:	0000000C.00000003.1203306033.000001C93FAA0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1C93FAA0000
Size:	8192

Details

Name:	00000013.00000002.1571245886.0000000002A5F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2A5F000
Size:	4096

Details

Name:	00000009.00000002.976990433.00007FF936500000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7FF936500000
Size:	65536

Details

Name:	00000009.00000002.949970233.000002C70E3B2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2C70E3B2000
Size:	1716224

Details

Name:	00000002.00000003.871908753.00000000031EE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31EE000
Size:	4096

Details

Name:	00000008.00000003.909728943.0000021742F67000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	21742F67000
Size:	4096

Details

Name:	00000013.00000003.1532582989.00000000006C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000002.00000002.878758905.00000000031B9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	31B9000
Size:	28672

Details

Name:	00000013.00000003.1528002035.00000000044A0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	44A0000
Size:	53248

Details

Name:	00000002.00000003.871908753.00000000031EA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31EA000
Size:	8192

Details

Name:	00000015.00000003.1561578454.0000000004D75000.00000004.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	4D75000
Size:	12288

Details

Name:	00000008.00000002.911433569.0000020F4150D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	20F4150D000
Size:	8192

Details

Name:	00000014.00000003.1550179717.0000000001620000.00000004.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	1620000
Size:	53248

Details

Name:	00000006.00000002.1552828761.0000000007A2E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7A2E000
Size:	8192

Details

Name:	00000009.00000002.976163240.00007FF936450000.00000040.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7FF936450000
Size:	32768

Details

Name:	00000013.00000002.1571531042.00000000031DF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	31DF000
Size:	4096

Details

Name:	00000008.00000003.907629690.00000217431A9000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	217431A9000
Size:	4096

Details

Name:	00000013.00000003.1539223094.0000000000669000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	669000
Size:	192512

Details

Name:	00000015.00000002.1605617622.0000000004F30000.00000040.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4F30000
Size:	4096

Details

Name:	00000008.00000003.905513923.0000020F412F2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F412F2000
Size:	4096

Details

Name:	00000014.00000003.1552972789.00000000053E0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	53E0000
Size:	4096

Details

Name:	00000000.00000003.871510178.000000000106C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	106C000
Size:	4096

Details

Name:	00000015.00000003.1563796007.0000000004891000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4891000
Size:	49152

Details

Name:	00000015.00000002.1603405305.00000000034CE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	34CE000
Size:	8192

Details

Name:	00000000.00000003.869978712.0000000001096000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1096000
Size:	12288

Details

Name:	00000000.00000003.870560353.000000000105E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	105E000
Size:	61440

Details

Name:	00000014.00000003.1552690787.00000000053F0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	53F0000
Size:	4096

Details

Name:	00000000.00000003.868014926.00000000010D9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	10D9000
Size:	32768

Details

Name:	00000009.00000002.949970233.000002C710077000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2C710077000
Size:	761856

Details

Name:	0000000C.00000002.2125326457.000001C93FAA0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1C93FAA0000
Size:	4096

Details

Name:	00000000.00000003.871205022.0000000001052000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1052000
Size:	12288

Details

Name:	00000000.00000003.871035701.0000000001052000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1052000
Size:	12288

Details

Name:	00000013.00000003.1539589650.0000000000643000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	643000
Size:	53248

Details

Name:	00000015.00000003.1559484244.0000000000984000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	984000
Size:	4096

Details

Name:	00000015.00000002.1602419063.0000000000AB0000.00000004.00000001.01000000.00000011.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	AB0000
Size:	4096

Details

Name:	00000015.00000003.1561098733.0000000000984000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	984000
Size:	4096

Details

Name:	00000013.00000002.1570627749.0000000000D02000.00000040.00000001.01000000.0000000E.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	D02000
Size:	40960

Details

Name:	00000000.00000003.864764373.0000000001011000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1011000
Size:	4096

Details

Name:	00000008.00000003.909728943.0000021742F54000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	21742F54000
Size:	73728

Details

Name:	00000014.00000002.1594029141.00000000042BF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	42BF000
Size:	4096

Details

Name:	00000013.00000002.1572149535.000000000435F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	435F000
Size:	4096

Details

Name:	00000014.00000002.1593452447.00000000033BF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	33BF000
Size:	4096

Details

Name:	00000014.00000002.1594468989.00000000052BE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	52BE000
Size:	8192

Details

Name:	00000006.00000002.1544081151.000000000744E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	744E000
Size:	8192

Details

Name:	00000002.00000003.877259051.0000000004EAF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4EAF000
Size:	4096

Details

Name:	00000013.00000003.1538663158.00000000068A0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	68A0000
Size:	4096

Details

Name:	00000006.00000002.1525328601.0000000005385000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5385000
Size:	16384

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000008.00000002.911593988.00000217432C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	217432C0000
Size:	8192

Details

Name:	00000000.00000003.870417083.00000000010C8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	10C8000
Size:	8192

Details

Name:	00000008.00000002.910625389.0000020F41210000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	20F41210000
Size:	28672

Details

Name:	00000008.00000003.907074016.0000021743BD1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	21743BD1000
Size:	49152

Details

Name:	00000013.00000003.1533537346.00000000006C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000002.00000002.880118940.0000000004E84000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4E84000
Size:	8192

Details

Name:	00000006.00000002.1524815522.0000000004BCE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4BCE000
Size:	8192

Details

Name:	00000014.00000002.1593198069.0000000001610000.00000004.00000020.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1610000
Size:	4096

Details

Name:	00000013.00000002.1572837388.0000000004D34000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4D34000
Size:	12288

Details

Name:	00000013.00000003.1534992805.000000000065C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	65C000
Size:	77824

Details

Name:	00000006.00000002.1522713469.000000000312F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	312F000
Size:	4096

Details

Name:	00000008.00000002.910126920.000000ECB2AFE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	ECB2AFE000
Size:	8192

Details

Name:	00000002.00000002.879317054.0000000003366000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3366000
Size:	12288

Details

Name:	00000013.00000003.1533446702.00000000006C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000002.00000002.880267653.00000000056CE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	56CE000
Size:	8192

Details

Name:	00000008.00000003.907792185.0000021743BF1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	21743BF1000
Size:	4096

Details

Name:	00000006.00000002.1555359436.0000000008A5A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	8A5A000
Size:	12288

Details

Name:	00000000.00000003.870256014.00000000010A6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	10A6000
Size:	4096

Details

Name:	00000000.00000002.872522539.0000000000BDB000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	BDB000
Size:	20480

Details

Name:	00000013.00000003.1539589650.0000000000620000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	620000
Size:	131072

Details

Name:	00000013.00000002.1570605404.0000000000A7D000.00000008.00000001.01000000.0000000E.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page write copy
Base address:	A7D000
Size:	4096

Details

Name:	00000009.00000002.977063839.00007FF936510000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7FF936510000
Size:	65536

Details

Name:	00000009.00000002.975766471.00007FF936320000.00000040.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7FF936320000
Size:	36864

Details

Name:	00000002.00000003.876987006.00000000063A1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	63A1000
Size:	4096

Details

Name:	00000009.00000002.949756527.000002C70DDA5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C70DDA5000
Size:	16384

Details

Name:	00000009.00000002.948936233.000000E3DB6FB000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	E3DB6FB000
Size:	20480

Details

Name:	00000013.00000003.1539441375.0000000000664000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	664000
Size:	16384

Details

Name:	00000014.00000002.1594271897.000000000493E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	493E000
Size:	8192

Details

Name:	0000000C.00000002.2125244825.000001C93F9F0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1C93F9F0000
Size:	4096

Details

Name:	00000002.00000002.878276679.00000000030EE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	30EE000
Size:	8192

Details

Name:	0000000C.00000002.2123531042.0000003B328FE000.00000002.00000001.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3B328FE000
Size:	4096

Details

Name:	00000000.00000003.872100661.000000000116E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	116E000
Size:	20480

Details

Name:	00000015.00000000.1554711149.0000000000B1D000.00000008.00000001.01000000.00000011.sdmp
TargetID:	21
Dumpstage:	process new
Regiontype:	unkown
Protect:	page write copy
Base address:	B1D000
Size:	4096

Details

Name:	00000006.00000002.1525328601.0000000005601000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5601000
Size:	4247552

Details

Name:	00000008.00000003.900356643.0000020F41291000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F41291000
Size:	90112

Details

Name:	00000013.00000003.1539067191.0000000005DD0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	5DD0000
Size:	8192

Details

Name:	00000015.00000002.1604078966.000000000400E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	400E000
Size:	8192

Details

Name:	00000013.00000003.1540022980.0000000000651000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	651000
Size:	32768

Details

Name:	0000000C.00000002.2124681311.000001C93AE15000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93AE15000
Size:	4096

Details

Name:	00000014.00000002.1594141071.000000000457E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	457E000
Size:	8192

Details

Name:	00000000.00000000.862660094.00000000001D1000.00000020.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown
Protect:	page execute read
Base address:	1D1000
Size:	634880

Details

Name:	00000015.00000002.1603267784.000000000320F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	320F000
Size:	4096

Details

Name:	00000009.00000002.977568362.00007FF936580000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7FF936580000
Size:	12288

Details

Name:	00000014.00000002.1594629789.0000000005460000.00000040.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	5460000
Size:	4096

Details

Name:	0000000C.00000002.2124905517.000001C93B440000.00000002.08000000.00040000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	trusted library section
Protect:	page readonly
Base address:	1C93B440000
Size:	65536

Details

Name:	00000013.00000003.1533066975.00000000006C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000006.00000002.1540712581.0000000005FF9000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5FF9000
Size:	4096

Details

Name:	00000006.00000002.1542929153.00000000070AD000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	70AD000
Size:	12288

Details

Name:	0000000C.00000002.2124397660.000001C93A689000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93A689000
Size:	4096

Details

Name:	00000006.00000002.1550281090.0000000007823000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7823000
Size:	24576

Details

Name:	00000013.00000003.1527144333.00000000044A0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	44A0000
Size:	53248

Details

Name:	00000006.00000002.1540712581.0000000006058000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6058000
Size:	1257472

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000006.00000002.1554657141.0000000008530000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	8530000
Size:	65536

Details

Name:	00000006.00000002.1522957435.0000000003180000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3180000
Size:	32768

Details

Name:	00000015.00000002.1602294875.00000000009A0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	9A0000
Size:	32768

Details

Name:	0000000C.00000002.2125671057.000001C93FCBC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93FCBC000
Size:	28672

Details

Name:	00000013.00000003.1528182085.00000000044A0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	44A0000
Size:	53248

Details

Name:	00000006.00000002.1522671656.00000000030E0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	30E0000
Size:	24576

Details

Name:	00000000.00000003.869177315.00000000010D6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	10D6000
Size:	12288

Details

Name:	00000006.00000002.1554088228.0000000007B00000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7B00000
Size:	65536

Details

Name:	00000013.00000003.1539365169.00000000044B2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44B2000
Size:	8192

Details

Name:	00000009.00000002.976398932.00007FF936490000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7FF936490000
Size:	65536

Details

Name:	00000008.00000003.906437385.0000020F41289000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F41289000
Size:	8192

Details

Name:	00000000.00000000.863008323.000000000026C000.00000002.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	26C000
Size:	151552

Details

Name:	00000008.00000003.900356643.0000020F412A8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F412A8000
Size:	159744

Details

Name:	00000006.00000002.1544567321.0000000007480000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7480000
Size:	32768

Details

Name:	0000000C.00000002.2125535487.000001C93FC2C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93FC2C000
Size:	69632

Details

Name:	00000006.00000002.1555359436.0000000008A50000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	8A50000
Size:	36864

Details

Name:	00000009.00000002.975926256.00007FF936400000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7FF936400000
Size:	65536

Details

Name:	00000013.00000002.1571578796.000000000331F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	331F000
Size:	4096

Details

Name:	0000000C.00000002.2123809842.0000003B32EFE000.00000002.00000001.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3B32EFE000
Size:	4096

Details

Name:	00000013.00000003.1526792435.00000000044A0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	44A0000
Size:	53248

Details

Name:	00000002.00000002.878160816.0000000002BD0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2BD0000
Size:	8192

Details

Name:	00000013.00000002.1570082106.0000000000651000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	651000
Size:	32768

Details

Name:	00000002.00000003.874708662.00000000031D2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31D2000
Size:	20480

Details

Name:	00000009.00000002.973885826.000002C726370000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C726370000
Size:	286720

Details

Name:	00000014.00000002.1594447724.0000000004E00000.00000004.00000020.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4E00000
Size:	4096

Details

Name:	00000006.00000002.1554916074.00000000085EF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	85EF000
Size:	4096

Details

Name:	00000002.00000003.876987006.00000000063AF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	63AF000
Size:	4096

Details

Name:	00000000.00000003.867891477.00000000010E1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	10E1000
Size:	36864

Details

Name:	00000013.00000002.1571555349.000000000321E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	321E000
Size:	8192

Details

Name:	0000000C.00000002.2124163734.000001C93A5D0000.00000004.08000000.00040000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	trusted library section
Protect:	page read and write
Base address:	1C93A5D0000
Size:	4096

Details

Name:	00000015.00000003.1559633400.0000000002BD0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	2BD0000
Size:	53248

Details

Name:	00000009.00000002.949084563.000002C70C3A5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C70C3A5000
Size:	40960

Details

Name:	00000013.00000002.1572037995.0000000003FDE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3FDE000
Size:	8192

Details

Name:	00000015.00000002.1603473926.00000000035CF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	35CF000
Size:	4096

Details

Name:	00000002.00000002.878203573.0000000002FD0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2FD0000
Size:	4096

Details

Name:	00000002.00000002.878649489.000000000317E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	317E000
Size:	73728

Details

Name:	00000015.00000003.1559520651.0000000000984000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	984000
Size:	4096

Details

Name:	00000013.00000003.1529906471.0000000004AC0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4AC0000
Size:	4096

Details

Name:	00000013.00000002.1572734116.0000000004B30000.00000040.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4B30000
Size:	4096

Details

Name:	00000013.00000002.1570208863.00000000008DF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	8DF000
Size:	4096

Details

Name:	00000000.00000002.872727043.0000000000D4D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	D4D000
Size:	12288

Details

Name:	00000013.00000002.1569813763.00000000005AA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5AA000
Size:	8192

Details

Name:	00000013.00000003.1532297233.00000000006C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000014.00000003.1545215033.0000000001504000.00000004.00000020.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1504000
Size:	4096

Details

Name:	00000009.00000002.975660336.00007FF9362BC000.00000040.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7FF9362BC000
Size:	4096

Details

Name:	00000008.00000003.906437385.0000020F4128C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F4128C000
Size:	12288

Details

Name:	00000000.00000003.871128102.000000000115B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	115B000
Size:	8192

Details

Name:	00000015.00000003.1559422299.0000000004891000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4891000
Size:	204800

Details

Name:	00000000.00000002.873025545.0000000000FF2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	FF2000
Size:	4096

Details

Name:	00000013.00000002.1571764118.000000000381E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	381E000
Size:	8192

Details

Name:	00000013.00000002.1571905933.0000000003C1E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3C1E000
Size:	8192

Details

Name:	00000000.00000002.872407381.00000000002A4000.00000002.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2A4000
Size:	114688

Details

Name:	00000015.00000003.1562052383.0000000004E80000.00000040.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4E80000
Size:	4096

Details

Name:	00000014.00000003.1554770128.0000000001504000.00000004.00000020.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1504000
Size:	4096

Details

Name:	00000009.00000002.977843334.00007FF9365D0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7FF9365D0000
Size:	8192

Details

Name:	0000000C.00000002.2122919826.0000003B31FFB000.00000004.00000010.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3B31FFB000
Size:	20480

Details

Name:	00000013.00000002.1570452903.00000000009C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	9C0000
Size:	20480

Details

Name:	00000006.00000002.1552865112.0000000007A6D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7A6D000
Size:	12288

Details

Name:	00000008.00000002.910261100.000000ECB2F4D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	ECB2F4D000
Size:	12288

Details

Name:	00000006.00000002.1525258330.0000000004CA0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4CA0000
Size:	16384

Details

Name:	00000000.00000002.873674690.000000000116E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	116E000
Size:	20480

Details

Name:	00000000.00000003.871666748.000000000104A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	104A000
Size:	8192

Details

Name:	00000000.00000003.870238509.000000000107D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	107D000
Size:	8192

Details

Name:	00000006.00000002.1555235015.00000000086C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	86C0000
Size:	4096

Details

Name:	00000000.00000002.873004137.0000000000FB0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	FB0000
Size:	4096

Details

Name:	00000006.00000002.1543031090.0000000007140000.00000040.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page execute and read and write
Base address:	7140000
Size:	12288

Details

Name:	00000006.00000002.1525328601.0000000005145000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5145000
Size:	872448

Details

Name:	00000006.00000002.1525328601.0000000005052000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5052000
Size:	983040

Details

Name:	00000008.00000003.906576401.0000020F4124D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F4124D000
Size:	110592

Details

Name:	00000013.00000003.1529251244.0000000004940000.00000004.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	4940000
Size:	53248

Details

Name:	00000002.00000003.877259051.0000000004EA4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4EA4000
Size:	4096

Details

Name:	0000000C.00000002.2124055985.000001C93A4B0000.00000004.00000020.00040000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93A4B0000
Size:	4096

Details

Name:	00000013.00000003.1528515845.00000000006C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	0000000C.00000002.2124738010.000001C93AF13000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93AF13000
Size:	28672

Details

Name:	00000014.00000003.1550431246.0000000001620000.00000004.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	1620000
Size:	53248

Details

Name:	00000000.00000002.873388436.000000000106C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	106C000
Size:	4096

Details

Name:	00000009.00000002.974419404.000002C7263F3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C7263F3000
Size:	147456

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000002.00000003.874708662.00000000031D8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31D8000
Size:	57344

Details

Name:	00000002.00000003.876378588.00000000064B1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	64B1000
Size:	20480

Details

Name:	00000006.00000002.1554318846.0000000007B20000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7B20000
Size:	65536

Details

Name:	00000013.00000002.1573131581.000000000822C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	822C000
Size:	16384

Details

Name:	00000015.00000002.1603604414.000000000384F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	384F000
Size:	4096

Details

Name:	00000009.00000002.948860573.000000E3DB47E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	E3DB47E000
Size:	8192

Details

Name:	00000000.00000003.868014926.00000000010F4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	10F4000
Size:	20480

Details

Name:	00000015.00000002.1603540598.000000000360E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	360E000
Size:	8192

Details

Name:	00000000.00000003.871205022.0000000001050000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1050000
Size:	4096

Details

Name:	0000000C.00000003.1203128852.000001C93FBD0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1C93FBD0000
Size:	8192

Details

Name:	00000014.00000003.1545389925.0000000001620000.00000004.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	1620000
Size:	53248

Details

Name:	00000008.00000003.906992828.0000021743BF1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	21743BF1000
Size:	28672

Details

Name:	00000013.00000003.1529970599.0000000004AC0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4AC0000
Size:	4096

Details

Name:	00000008.00000003.906437385.0000020F41291000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F41291000
Size:	90112

Details

Name:	00000013.00000002.1571944037.0000000003D5E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3D5E000
Size:	8192

Details

Name:	00000006.00000002.1553541191.0000000007AB0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7AB0000
Size:	65536

Details

Name:	00000008.00000002.911676219.0000021743BD0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	21743BD0000
Size:	4096

Details

Name:	00000013.00000003.1533581700.00000000006C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000014.00000002.1593218247.0000000001637000.00000004.00000020.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1637000
Size:	8192

Details

Name:	00000014.00000002.1594667933.0000000005480000.00000040.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	5480000
Size:	4096

Details

Name:	00000013.00000002.1570170228.00000000006C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6C0000
Size:	24576

Details

Name:	0000000C.00000002.2123483258.0000003B3287E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3B3287E000
Size:	8192

Details

Name:	00000013.00000002.1570302334.00000000009AE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	9AE000
Size:	8192

Details

Name:	00000015.00000002.1603657511.000000000398F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	398F000
Size:	4096

Details

Name:	00000000.00000000.863056095.00000000002A0000.00000008.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown
Protect:	page write copy
Base address:	2A0000
Size:	4096

Details

Name:	00000000.00000003.863880037.0000000000FFF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	FFF000
Size:	663552

Details

Name:	00000013.00000002.1571269766.0000000002A9E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2A9E000
Size:	8192

Details

Name:	00000006.00000002.1522499344.000000000303E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	303E000
Size:	8192

Details

Name:	00000008.00000003.905691125.0000020F4124D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F4124D000
Size:	110592

Details

Name:	00000008.00000003.907792185.0000021743BF3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	21743BF3000
Size:	20480

Details

Name:	00000008.00000002.911811714.0000021743FB0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	21743FB0000
Size:	12288

Details

Name:	00000006.00000002.1524735672.0000000004B38000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4B38000
Size:	12288

Details

Name:	00000002.00000003.876027674.000000000655F000.00000004.00000800.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	655F000
Size:	4096

Details

Name:	00000014.00000003.1552992032.00000000053C0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	53C0000
Size:	4096

Details

Name:	0000000C.00000003.1203177870.000001C93FA70000.00000004.00000800.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1C93FA70000
Size:	425984

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000006.00000002.1555179859.000000000868E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	868E000
Size:	8192

Details

Name:	00000014.00000003.1551935339.0000000001690000.00000004.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	1690000
Size:	53248

Details

Name:	00000013.00000003.1528441889.00000000006C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000002.00000003.877662312.00000000031EE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31EE000
Size:	4096

Details

Name:	00000000.00000002.873693012.000000000117A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	117A000
Size:	12288

Details

Name:	00000006.00000002.1542823680.000000000702E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	702E000
Size:	8192

Details

Name:	00000013.00000003.1539067191.0000000005DD6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	5DD6000
Size:	4096

Details

Name:	00000014.00000003.1554792265.0000000001504000.00000004.00000020.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1504000
Size:	4096

Details

Name:	00000009.00000002.976000543.00007FF936419000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7FF936419000
Size:	28672

Details

Name:	00000006.00000002.1522927074.000000000317D000.00000040.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	317D000
Size:	8192

Details

Name:	00000008.00000002.911539017.00000217431C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	217431C0000
Size:	4096

Details

Name:	00000013.00000002.1571714813.00000000036DF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	36DF000
Size:	4096

Details

Name:	00000000.00000003.870053665.0000000001087000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1087000
Size:	20480

Details

Name:	00000013.00000002.1569813763.00000000005AE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5AE000
Size:	163840

Details

Name:	00000014.00000003.1545902301.0000000001620000.00000004.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	1620000
Size:	53248

Details

Name:	00000009.00000002.949970233.000002C70FCFC000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2C70FCFC000
Size:	3637248

Details

Name:	00000006.00000002.1524265510.00000000032E5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	32E5000
Size:	434176

Details

Name:	00000015.00000002.1602770057.0000000000DBE000.00000080.00000001.01000000.00000011.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and write copy
Base address:	DBE000
Size:	1650688

Details

Name:	00000000.00000003.870256014.000000000107C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	107C000
Size:	4096

Details

Name:	00000014.00000003.1545039382.0000000001504000.00000004.00000020.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1504000
Size:	4096

Details

Name:	00000006.00000002.1553290574.0000000007A90000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7A90000
Size:	65536

Details

Name:	00000015.00000002.1603161841.0000000002E8E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2E8E000
Size:	8192

Details

Name:	00000013.00000003.1528080789.00000000044A0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	44A0000
Size:	53248

Details

Name:	00000013.00000003.1532851866.00000000006C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000014.00000002.1592627327.0000000000DAE000.00000040.00000001.01000000.00000011.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	DAE000
Size:	40960

Details

Name:	00000009.00000002.977721901.00007FF9365B0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7FF9365B0000
Size:	65536

Details

Name:	00000009.00000002.949844922.000002C70E172000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C70E172000
Size:	548864

Details

Name:	00000008.00000002.911433569.0000020F41506000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	20F41506000
Size:	20480

Details

Name:	00000014.00000003.1552581882.00000000053F0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	53F0000
Size:	4096

Details

Name:	00000000.00000003.871035701.0000000001050000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1050000
Size:	4096

Details

Name:	0000000C.00000002.2124962050.000001C93B460000.00000002.08000000.00040000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	trusted library section
Protect:	page readonly
Base address:	1C93B460000
Size:	65536

Details

Name:	00000015.00000002.1603561159.000000000370F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	370F000
Size:	4096

Details

Name:	00000013.00000002.1572577229.0000000004A90000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A90000
Size:	4096

Details

Name:	00000009.00000002.973885826.000002C726330000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C726330000
Size:	258048

Details

Name:	00000015.00000002.1603287597.000000000324E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	324E000
Size:	8192

Details

Name:	00000014.00000002.1593280088.00000000016A0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	16A0000
Size:	32768

Details

Name:	00000000.00000002.873463946.00000000010A6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	10A6000
Size:	4096

Details

Name:	00000006.00000002.1552204367.00000000078B0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	78B0000
Size:	65536

Details

Name:	00000008.00000003.905664287.0000020F412BA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F412BA000
Size:	28672

Details

Name:	00000006.00000002.1555314605.000000000888E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	888E000
Size:	8192

Details

Name:	0000000C.00000003.1203365210.000001C93FAB4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1C93FAB4000
Size:	4096

Details

Name:	00000002.00000002.879289208.000000000335E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	335E000
Size:	8192

Details

Name:	00000013.00000002.1571341906.0000000002CDF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2CDF000
Size:	4096

Details

Name:	00000009.00000002.975191200.000002C7266DA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C7266DA000
Size:	147456

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	0000000C.00000002.2125720501.000001C93FCC4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93FCC4000
Size:	90112

Details

Name:	0000000C.00000002.2124757639.000001C93B001000.00000004.00000800.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1C93B001000
Size:	4096

Details

Name:	00000002.00000003.876027674.0000000006554000.00000004.00000800.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6554000
Size:	4096

Details

Name:	00000015.00000002.1602520567.0000000000DA2000.00000040.00000001.01000000.00000011.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	DA2000
Size:	40960

Details

Name:	00000000.00000002.872522539.0000000000BFE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	BFE000
Size:	8192

Details

Name:	00000008.00000002.911699605.0000021743BD2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	21743BD2000
Size:	8192

Details

Name:	00000002.00000003.877573410.0000000004E90000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4E90000
Size:	4096

Details

Name:	0000000C.00000002.2122537719.0000003B318FE000.00000002.00000001.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3B318FE000
Size:	4096

Details

Name:	0000000C.00000002.2124397660.000001C93A6A3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93A6A3000
Size:	28672

Details

Name:	00000015.00000003.1559464963.0000000000984000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	984000
Size:	4096

Details

Name:	0000000C.00000002.2125720501.000001C93FCDB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93FCDB000
Size:	28672

Details

Name:	00000014.00000003.1550626992.0000000001620000.00000004.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	1620000
Size:	53248

Details

Name:	00000013.00000002.1570036460.0000000000643000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	643000
Size:	53248

Details

Name:	00000008.00000003.905238589.0000020F41288000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F41288000
Size:	12288

Details

Name:	00000013.00000002.1571177465.0000000000FBF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	FBF000
Size:	4096

Details

Name:	00000006.00000002.1552718258.00000000079AE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	79AE000
Size:	8192

Details

Name:	00000000.00000003.867495705.0000000001127000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1127000
Size:	8192

Details

Name:	00000006.00000002.1522410408.0000000002EA9000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2EA9000
Size:	28672

Details

Name:	00000009.00000002.974419404.000002C726418000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C726418000
Size:	94208

Signature Hits	Behavior Group	Mitre Attack
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000014.00000003.1552866035.00000000053F0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	53F0000
Size:	4096

Details

Name:	00000014.00000002.1594332734.0000000004B7F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4B7F000
Size:	4096

Details

Name:	00000015.00000002.1604912039.0000000004D4E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4D4E000
Size:	8192

Details

Name:	00000009.00000002.975559727.00007FF93627B000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7FF93627B000
Size:	8192

Details

Name:	00000000.00000002.872182637.00000000001D1000.00000020.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute read
Base address:	1D1000
Size:	634880

Details

Name:	00000000.00000003.871176383.0000000000FF1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	FF1000
Size:	131072

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	00000014.00000003.1548558083.0000000001620000.00000004.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	1620000
Size:	53248

Details

Name:	00000013.00000003.1529333641.0000000004940000.00000004.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	4940000
Size:	53248

Details

Name:	00000008.00000002.911652364.00000217433D0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	217433D0000
Size:	4096

Details

Name:	00000000.00000003.867940948.0000000001130000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1130000
Size:	16384

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	00000008.00000002.910965480.0000020F4128C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	20F4128C000
Size:	12288

Details

Name:	0000000C.00000002.2124397660.000001C93A69D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93A69D000
Size:	20480

Details

Name:	00000013.00000003.1528894170.00000000006C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000014.00000000.1538685668.0000000000DBD000.00000080.00000001.01000000.00000011.sdmp
TargetID:	20
Dumpstage:	process new
Regiontype:	unkown
Protect:	page execute and write copy
Base address:	DBD000
Size:	1662976

Details

Name:	0000000C.00000002.2122715017.0000003B31BF9000.00000004.00000010.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3B31BF9000
Size:	28672

Details

Name:	00000008.00000003.905238589.0000020F4128C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F4128C000
Size:	12288

Details

Name:	00000013.00000003.1530210177.0000000004AC0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4AC0000
Size:	4096

Details

Name:	00000013.00000002.1573088123.00000000080EC000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	80EC000
Size:	16384

Details

Name:	00000013.00000003.1527267492.00000000044A0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	44A0000
Size:	53248

Details

Name:	00000013.00000003.1528408211.00000000044B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44B1000
Size:	49152

Details

Name:	00000013.00000002.1572170398.000000000439E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	439E000
Size:	8192

Details

Name:	00000000.00000002.873348681.000000000104B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	104B000
Size:	4096

Details

Name:	00000009.00000002.948787374.000000E3DAFCE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	E3DAFCE000
Size:	8192

Details

Name:	00000013.00000002.1572773029.0000000004B50000.00000040.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4B50000
Size:	4096

Details

Name:	00000013.00000003.1529477271.00000000049A5000.00000004.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	49A5000
Size:	12288

Details

Name:	00000002.00000002.880551369.0000000006870000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6870000
Size:	40960

Details

Name:	00000015.00000003.1561986154.0000000004E80000.00000040.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4E80000
Size:	4096

Details

Name:	00000000.00000003.864764373.000000000103D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	103D000
Size:	409600

Details

Name:	00000008.00000002.911433569.0000020F41500000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	20F41500000
Size:	16384

Details

Name:	00000006.00000002.1524981520.0000000004C9E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4C9E000
Size:	8192

Details

Name:	00000009.00000002.949828548.000002C70E160000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C70E160000
Size:	40960

Details

Name:	00000000.00000003.867846944.00000000010EA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	10EA000
Size:	32768

Details

Name:	00000013.00000002.1570627749.0000000000D1D000.00000040.00000001.01000000.0000000E.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	D1D000
Size:	4096

Details

Name:	00000000.00000003.868559754.00000000010D6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	10D6000
Size:	12288

Details

Name:	00000015.00000003.1563849740.0000000000984000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	984000
Size:	4096

Details

Name:	00000008.00000002.911593988.00000217432C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	217432C4000
Size:	12288

Details

Name:	00000014.00000003.1552790635.00000000053F0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	53F0000
Size:	4096

Details

Name:	00000000.00000002.872813715.0000000000DB0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	DB0000
Size:	8192

Details

Name:	0000000C.00000002.2125829973.000001C93FCFF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93FCFF000
Size:	8192

Details

Name:	00000013.00000003.1535968771.0000000008236000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8236000
Size:	241664

Details

Name:	00000000.00000002.872522539.0000000000BBF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	BBF000
Size:	4096

Details

Name:	00000015.00000002.1604393963.000000000410F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	410F000
Size:	4096

Details

Name:	00000013.00000003.1539589650.0000000000651000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	651000
Size:	32768

Details

Name:	0000000C.00000002.2125829973.000001C93FD02000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93FD02000
Size:	4096

Details

Name:	00000014.00000002.1594202891.00000000047BF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	47BF000
Size:	4096

Details

Name:	00000013.00000002.1569813763.00000000005E8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5E8000
Size:	32768

Details

Name:	00000002.00000003.875594920.00000000031A5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31A5000
Size:	8192

Details

Name:	0000000C.00000002.2123904058.0000003B330FE000.00000002.00000001.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3B330FE000
Size:	4096

Details

Name:	00000002.00000002.880498724.00000000063B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	63B1000
Size:	8192

Details

Name:	00000013.00000002.1570226996.000000000091E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	91E000
Size:	8192

Details

Name:	00000008.00000003.906992828.0000021743BEC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	21743BEC000
Size:	12288

Details

Name:	00000000.00000003.871924432.0000000000FE0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	FE0000
Size:	16384

Details

Name:	00000006.00000002.1525328601.00000000053A0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	53A0000
Size:	8192

Details

Name:	00000014.00000002.1594489808.00000000053BF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	53BF000
Size:	4096

Details

Name:	00000008.00000003.903398949.0000020F412E1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F412E1000
Size:	65536

Details

Name:	00000009.00000002.971147131.000002C71E4E3000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2C71E4E3000
Size:	1232896

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000014.00000002.1593824826.0000000003EFF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3EFF000
Size:	4096

Details

Name:	00000009.00000002.949788842.000002C70E120000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2C70E120000
Size:	8192

Details

Name:	00000014.00000003.1545304468.0000000001620000.00000004.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	1620000
Size:	53248

Details

Name:	00000000.00000002.872163699.00000000001D0000.00000002.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1D0000
Size:	4096

Details

Name:	00000000.00000003.868014926.00000000010E8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	10E8000
Size:	8192

Details

Name:	00000014.00000002.1594292987.0000000004A3F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4A3F000
Size:	4096

Details

Name:	00000008.00000002.910566224.0000020F411A0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	20F411A0000
Size:	8192

Details

Name:	00000006.00000002.1551313770.0000000007842000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7842000
Size:	8192

Details

Name:	00000013.00000003.1527815667.00000000044A0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	44A0000
Size:	53248

Details

Name:	0000000C.00000002.2123757102.0000003B32DFB000.00000004.00000010.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3B32DFB000
Size:	20480

Details

Name:	00000002.00000003.871908753.00000000031AE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31AE000
Size:	8192

Details

Name:	00000013.00000003.1526444949.00000000006C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000006.00000002.1543261735.000000000724E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	724E000
Size:	8192

Details

Name:	00000000.00000003.867316200.0000000001152000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1152000
Size:	45056

Details

Name:	00000013.00000002.1571868072.0000000003ADE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3ADE000
Size:	8192

Details

Name:	00000013.00000003.1533872129.00000000006C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000013.00000002.1572713274.0000000004B20000.00000040.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4B20000
Size:	4096

Details

Name:	00000015.00000003.1560679034.0000000002BD0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	2BD0000
Size:	53248

Details

Name:	00000000.00000003.871784543.000000000104B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	104B000
Size:	4096

Details

Name:	0000000C.00000002.2123265928.0000003B324FE000.00000002.00000001.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3B324FE000
Size:	4096

Details

Name:	00000009.00000002.976110477.00007FF936430000.00000040.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7FF936430000
Size:	20480

Details

Name:	0000000C.00000002.2124334417.000001C93A65B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93A65B000
Size:	53248

Details

Name:	00000015.00000002.1603246431.000000000310E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	310E000
Size:	8192

Details

Name:	00000014.00000000.1538568696.0000000000AB0000.00000002.00000001.01000000.00000011.sdmp
TargetID:	20
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	AB0000
Size:	4096

Details

Name:	00000014.00000002.1593644594.00000000038FE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	38FE000
Size:	8192

Details

Name:	00000015.00000002.1603352675.000000000348F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	348F000
Size:	4096

Details

Name:	00000013.00000002.1571201630.000000000285F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	285F000
Size:	4096

Details

Name:	00000013.00000003.1539310124.000000000061B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	61B000
Size:	151552

Details

Name:	00000000.00000003.867793968.00000000010F9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	10F9000
Size:	57344

Details

Name:	00000014.00000002.1593053528.00000000012FD000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	12FD000
Size:	12288

Details

Name:	00000000.00000003.871784543.0000000001049000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1049000
Size:	4096

Details

Name:	00000014.00000002.1593987013.000000000417F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	417F000
Size:	4096

Details

Name:	00000008.00000003.909951388.0000020F42C00000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F42C00000
Size:	4096

Details

Name:	00000008.00000003.904057394.0000021743D30000.00000010.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page execute
Base address:	21743D30000
Size:	4096

Details

Name:	00000000.00000003.867686877.0000000001159000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1159000
Size:	16384

Details

Name:	00000014.00000003.1544634913.0000000001504000.00000004.00000020.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1504000
Size:	4096

Details

Name:	00000013.00000000.1521589395.0000000000A10000.00000002.00000001.01000000.0000000E.sdmp
TargetID:	19
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	A10000
Size:	4096

Details

Name:	00000009.00000002.949153541.000002C70C476000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C70C476000
Size:	4096

Details

Name:	00000000.00000003.868559754.00000000010CB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	10CB000
Size:	32768

Details

Name:	00000015.00000002.1605529978.0000000004F20000.00000040.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4F20000
Size:	4096

Details

Name:	00000015.00000002.1605052275.0000000004EB0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4EB0000
Size:	4096

Details

Name:	00000008.00000003.905238589.0000020F412D2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F412D2000
Size:	57344

Details

Name:	00000000.00000003.871253503.0000000001073000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1073000
Size:	36864

Details

Name:	0000000C.00000002.2125365831.000001C93FB40000.00000004.00000800.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1C93FB40000
Size:	4096

Details

Name:	00000006.00000002.1522957435.0000000003189000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3189000
Size:	16384

Details

Name:	00000013.00000002.1570284278.000000000096E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	96E000
Size:	8192

Details

Name:	00000015.00000000.1554662136.0000000000AB1000.00000080.00000001.01000000.00000011.sdmp
TargetID:	21
Dumpstage:	process new
Regiontype:	unkown
Protect:	page execute and write copy
Base address:	AB1000
Size:	188416

Details

Name:	00000006.00000002.1523458938.0000000003258000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3258000
Size:	143360

Details

Name:	00000014.00000003.1552036120.0000000001690000.00000004.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	1690000
Size:	53248

Details

Name:	00000013.00000002.1571847469.0000000003A9F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3A9F000
Size:	4096

Details

Name:	00000008.00000003.909728943.0000021742F6E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	21742F6E000
Size:	4096

Details

Name:	00000015.00000002.1604473697.000000000428E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	428E000
Size:	8192

Details

Name:	00000015.00000002.1602907798.000000000116F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	116F000
Size:	4096

Details

Name:	00000006.00000002.1545958592.00000000077DE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	77DE000
Size:	28672

Details

Name:	00000006.00000002.1523376763.0000000003240000.00000040.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	3240000
Size:	36864

Details

Name:	00000009.00000002.976680040.00007FF9364D0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7FF9364D0000
Size:	65536

Details

Name:	0000000C.00000003.1204387346.000001C93FBF0000.00000004.00000400.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	free memory
Regiontype:	remote allocation
Protect:	page read and write
Base address:	1C93FBF0000
Size:	4096

Details

Name:	00000006.00000002.1551426731.000000000787E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	787E000
Size:	135168

Details

Name:	00000002.00000003.877866000.00000000031E1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31E1000
Size:	20480

Details

Name:	00000008.00000003.907503321.0000021743CD5000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	21743CD5000
Size:	4096

Details

Name:	00000014.00000003.1546543337.0000000001620000.00000004.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	1620000
Size:	53248

Details

Name:	00000006.00000002.1542860326.000000000706E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	706E000
Size:	8192

Details

Name:	00000000.00000003.871510178.0000000001052000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1052000
Size:	12288

Details

Name:	00000002.00000002.880321479.000000000580B000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	580B000
Size:	20480

Details

Name:	00000009.00000002.977338149.00007FF936550000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7FF936550000
Size:	65536

Details

Name:	00000000.00000003.869978712.00000000010A6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	10A6000
Size:	4096

Details

Name:	00000009.00000002.949722428.000002C70DD80000.00000002.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page readonly
Base address:	2C70DD80000
Size:	4096

Details

Name:	00000014.00000002.1592627327.0000000000D76000.00000040.00000001.01000000.00000011.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	D76000
Size:	114688

Details

Name:	00000000.00000003.871583443.0000000000FF2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	FF2000
Size:	126976

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	00000009.00000002.975417199.00007DF495050000.00000040.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7DF495050000
Size:	4096

Details

Name:	00000006.00000002.1543209169.000000000720E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	720E000
Size:	8192

Details

Name:	00000014.00000003.1552903237.00000000053F0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	53F0000
Size:	4096

Details

Name:	00000008.00000003.905238589.0000020F41291000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F41291000
Size:	90112

Details

Name:	00000006.00000002.1544116920.0000000007456000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7456000
Size:	20480

Details

Name:	00000008.00000003.900356643.0000020F412D2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F412D2000
Size:	57344

Details

Name:	00000013.00000002.1572597783.0000000004AD0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4AD0000
Size:	4096

Details

Name:	00000009.00000002.949736781.000002C70DD90000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2C70DD90000
Size:	65536

Details

Name:	0000000C.00000002.2124123692.000001C93A5C0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1C93A5C0000
Size:	4096

Details

Name:	00000000.00000000.863094924.00000000002A4000.00000002.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2A4000
Size:	114688

Details

Name:	00000002.00000003.872187983.00000000031EE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31EE000
Size:	4096

Details

Name:	00000014.00000002.1593724011.0000000003B7E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3B7E000
Size:	8192

Details

Name:	00000013.00000002.1573189925.0000000008230000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	8230000
Size:	131072

Details

Name:	00000006.00000002.1549340078.000000000781A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	781A000
Size:	32768

Details

Name:	00000002.00000002.880404963.00000000059ED000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	59ED000
Size:	12288

Details

Name:	00000014.00000003.1552953235.00000000053D0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	53D0000
Size:	4096

Details

Name:	00000008.00000003.900356643.0000020F4128C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F4128C000
Size:	12288

Details

Name:	00000013.00000003.1529771796.0000000004AC0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4AC0000
Size:	8192

Details

Name:	00000006.00000002.1525328601.00000000055FF000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	55FF000
Size:	4096

Details

Name:	00000013.00000003.1530079585.0000000004AC0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4AC0000
Size:	4096

Details

Name:	00000013.00000003.1530253329.0000000004AC0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4AC0000
Size:	4096

Details

Name:	0000000C.00000002.2125223947.000001C93F9E0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1C93F9E0000
Size:	4096

Details

Name:	00000015.00000002.1603851007.0000000003E8F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3E8F000
Size:	4096

Details

Name:	00000008.00000002.911721443.0000021743BF4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	21743BF4000
Size:	16384

Details

Name:	0000000C.00000002.2124015178.000001C93A490000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93A490000
Size:	12288

Details

Name:	00000014.00000003.1554741835.0000000004E01000.00000004.00000020.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4E01000
Size:	49152

Details

Name:	00000000.00000002.873325135.0000000000FFB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	FFB000
Size:	90112

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	00000009.00000002.976202340.00007FF936460000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7FF936460000
Size:	65536

Details

Name:	00000013.00000002.1572880159.0000000005DB0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5DB0000
Size:	4096

Details

Name:	00000008.00000002.910507383.0000020F41180000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	20F41180000
Size:	4096

Details

Name:	00000015.00000002.1604882065.0000000004890000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4890000
Size:	4096

Details

Name:	00000002.00000003.876244967.00000000063AC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	63AC000
Size:	28672

Details

Name:	00000013.00000003.1532713333.00000000006C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000006.00000002.1525328601.000000000521B000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	521B000
Size:	1478656

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000008.00000003.903398949.0000020F41288000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F41288000
Size:	12288

Details

Name:	00000006.00000002.1525328601.00000000053A3000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	53A3000
Size:	2469888

Details

Name:	00000006.00000002.1543031090.0000000007145000.00000040.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page execute and read and write
Base address:	7145000
Size:	8192

Details

Name:	00000000.00000003.863699255.000000000105D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	105D000
Size:	4096

Details

Name:	0000000C.00000002.2122601651.0000003B319FE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3B319FE000
Size:	8192

Details

Name:	00000002.00000002.878872771.00000000031E7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	31E7000
Size:	4096

Details

Name:	00000000.00000003.867377983.000000000110F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	110F000
Size:	45056

Details

Name:	00000002.00000002.878775472.00000000031D8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	31D8000
Size:	32768

Details

Name:	00000013.00000002.1570102354.0000000000691000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	691000
Size:	28672

Details

Name:	00000006.00000002.1524783021.0000000004B8C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4B8C000
Size:	16384

Details

Name:	00000015.00000003.1562112270.0000000004E70000.00000040.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4E70000
Size:	4096

Details

Name:	0000000C.00000002.2125671057.000001C93FC8D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93FC8D000
Size:	188416

Details

Name:	00000002.00000003.876987006.00000000063B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	63B1000
Size:	8192

Details

Name:	00000014.00000002.1593431851.00000000032BE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	32BE000
Size:	8192

Details

Name:	00000014.00000003.1544938126.0000000004E01000.00000004.00000020.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4E01000
Size:	204800

Details

Name:	00000014.00000002.1594007885.00000000041BE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	41BE000
Size:	8192

Details

Name:	00000013.00000003.1527401156.00000000044A0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	44A0000
Size:	53248

Details

Name:	00000014.00000002.1592627327.0000000000CA0000.00000040.00000001.01000000.00000011.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	CA0000
Size:	864256

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000006.00000002.1553871195.0000000007AE0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7AE0000
Size:	65536

Details

Name:	00000008.00000002.910997347.0000020F412A8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	20F412A8000
Size:	73728

Details

Name:	00000014.00000003.1551632337.0000000001504000.00000004.00000020.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1504000
Size:	4096

Details

Name:	00000013.00000002.1573051292.0000000007E7E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7E7E000
Size:	8192

Details

Name:	00000006.00000002.1544031460.000000000740E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	740E000
Size:	8192

Details

Name:	00000015.00000002.1604449752.000000000424F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	424F000
Size:	4096

Details

Name:	0000000C.00000002.2123956767.0000003B3347E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3B3347E000
Size:	8192

Details

Name:	0000000C.00000002.2124638915.000001C93AE00000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93AE00000
Size:	4096

Details

Name:	0000000C.00000002.2123986517.0000003B334FE000.00000002.00000001.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3B334FE000
Size:	4096

Details

Name:	00000008.00000002.910443681.0000020F410A0000.00000004.00000020.00040000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	20F410A0000
Size:	4096

Details

Name:	00000013.00000002.1572615040.0000000004AE0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4AE0000
Size:	4096

Details

Name:	00000008.00000003.903398949.0000020F412A8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F412A8000
Size:	159744

Details

Name:	00000008.00000002.910997347.0000020F412C5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	20F412C5000
Size:	40960

Details

Name:	00000002.00000003.875333918.00000000031AE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31AE000
Size:	4096

Details

Name:	00000000.00000003.871649140.0000000001046000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1046000
Size:	24576

Details

Name:	00000008.00000003.905238589.0000020F412E1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F412E1000
Size:	65536

Details

Name:	00000000.00000003.869251775.00000000010BE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	10BE000
Size:	49152

Details

Name:	00000008.00000003.903398949.0000020F41270000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F41270000
Size:	53248

Details

Name:	00000006.00000002.1551131362.000000000783E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	783E000
Size:	12288

Details

Name:	0000000C.00000002.2125082845.000001C93B590000.00000004.00000800.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1C93B590000
Size:	4096

Details

Name:	00000008.00000002.910156644.000000ECB2BFE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	ECB2BFE000
Size:	8192

Details

Name:	00000000.00000003.871976205.0000000000FF2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	FF2000
Size:	126976

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	00000000.00000003.871891320.0000000001164000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1164000
Size:	12288

Details

Name:	00000006.00000002.1545958592.00000000077EF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	77EF000
Size:	163840

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000002.00000003.876378588.00000000064AE000.00000004.00000800.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	64AE000
Size:	4096

Details

Name:	00000006.00000002.1523185974.0000000003210000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3210000
Size:	4096

Details

Name:	00000009.00000002.949951082.000002C70E320000.00000040.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page execute and read and write
Base address:	2C70E320000
Size:	4096

Details

Name:	00000006.00000002.1545029256.000000000764E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	764E000
Size:	8192

Details

Name:	0000000C.00000002.2124805185.000001C93B340000.00000004.00000800.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1C93B340000
Size:	4096

Details

Name:	00000009.00000002.976143697.00007FF936442000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7FF936442000
Size:	4096

Details

Name:	00000013.00000003.1535249447.0000000000666000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	666000
Size:	8192

Details

Name:	0000000C.00000002.2123015706.0000003B321FB000.00000004.00000010.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3B321FB000
Size:	20480

Details

Name:	00000013.00000003.1540373662.0000000000643000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	643000
Size:	90112

Details

Name:	00000014.00000002.1594121160.000000000453F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	453F000
Size:	4096

Details

Name:	00000015.00000003.1561026507.0000000000984000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	984000
Size:	4096

Details

Name:	00000009.00000002.976330589.00007FF936480000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7FF936480000
Size:	65536

Details

Name:	00000013.00000003.1533793867.00000000006C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000013.00000003.1530401494.0000000004A90000.00000040.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4A90000
Size:	4096

Details

Name:	00000008.00000002.910625389.0000020F41237000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	20F41237000
Size:	81920

Details

Name:	00000015.00000003.1560037226.0000000002BD0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	2BD0000
Size:	53248

Details

Name:	00000002.00000002.880599205.0000000006AFC000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	6AFC000
Size:	16384

Details

Name:	00000015.00000002.1602520567.0000000000CA0000.00000040.00000001.01000000.00000011.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	CA0000
Size:	864256

Signature Hits	Behavior Group	Mitre Attack
May try to detect the Windows Explorer process (often used for injection)	HIPS / PFW / Operating System Protection Evasion	Process Injection Process Discovery
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000015.00000002.1602391942.0000000000AA0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	AA0000
Size:	4096

Details

Name:	00000000.00000003.863732707.0000000000FF3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	FF3000
Size:	307200

Details

Name:	00000013.00000003.1532667482.00000000006C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000002.00000002.880634212.0000000006BFD000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	6BFD000
Size:	12288

Details

Name:	00000009.00000002.971147131.000002C71E3A0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2C71E3A0000
Size:	1282048

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000000.00000003.870500580.000000000106D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	106D000
Size:	61440

Details

Name:	00000000.00000002.872275335.0000000000292000.00000002.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	292000
Size:	40960

Details

Name:	00000015.00000003.1559278057.0000000004891000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4891000
Size:	65536

Details

Name:	00000015.00000002.1603327043.000000000338E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	338E000
Size:	8192

Details

Name:	00000013.00000003.1533679552.00000000006C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000014.00000003.1552826369.00000000053F0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	53F0000
Size:	4096

Details

Name:	00000009.00000002.949917732.000002C70E310000.00000040.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page execute and read and write
Base address:	2C70E310000
Size:	20480

Details

Name:	00000000.00000003.869952767.00000000010B8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	10B8000
Size:	24576

Details

Name:	00000014.00000002.1593280088.00000000016AA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	16AA000
Size:	8192

Details

Name:	00000014.00000003.1545735865.0000000001620000.00000004.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	1620000
Size:	53248

Details

Name:	00000013.00000003.1535249447.0000000000669000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	669000
Size:	24576

Details

Name:	00000013.00000002.1572477359.00000000044B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	44B1000
Size:	4096

Details

Name:	00000000.00000003.863515608.0000000000FF3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	FF3000
Size:	49152

Details

Name:	00000009.00000002.948905748.000000E3DB5F7000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	E3DB5F7000
Size:	36864

Details

Name:	00000015.00000002.1605318008.0000000004F00000.00000040.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4F00000
Size:	4096

Details

Name:	00000015.00000003.1560607324.0000000002BD0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	2BD0000
Size:	53248

Details

Name:	00000002.00000003.871908753.00000000031D2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31D2000
Size:	20480

Details

Name:	00000009.00000002.949970233.000002C70FA1C000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2C70FA1C000
Size:	3010560

Details

Name:	00000000.00000002.872275335.000000000026C000.00000002.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	26C000
Size:	151552

Details

Name:	00000009.00000002.949706946.000002C70DD70000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2C70DD70000
Size:	4096

Details

Name:	00000002.00000003.872150653.0000000003191000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3191000
Size:	90112

Details

Name:	00000015.00000002.1602932787.00000000011AE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	11AE000
Size:	8192

Details

Name:	0000000C.00000002.2125407984.000001C93FBA0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1C93FBA0000
Size:	4096

Details

Name:	00000015.00000002.1604496329.000000000438F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	438F000
Size:	4096

Details

Name:	00000008.00000003.905238589.0000020F412C5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F412C5000
Size:	40960

Details

Name:	00000013.00000003.1539223094.0000000000663000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	663000
Size:	20480

Details

Name:	00000015.00000002.1603629531.000000000388E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	388E000
Size:	8192

Details

Name:	00000013.00000002.1572793502.0000000004B60000.00000040.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4B60000
Size:	4096

Details

Name:	00000009.00000002.949070917.000002C70C350000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C70C350000
Size:	4096

Details

Name:	00000006.00000002.1555269586.000000000884E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	884E000
Size:	8192

Details

Name:	00000015.00000003.1559538699.0000000000984000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	984000
Size:	4096

Details

Name:	00000014.00000002.1593007727.0000000000F51000.00000040.00000001.01000000.00000011.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	F51000
Size:	8192

Details

Name:	00000013.00000002.1572917109.000000000601F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	601F000
Size:	4096

Details

Name:	00000013.00000002.1571736731.000000000371E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	371E000
Size:	8192

Details

Name:	00000008.00000003.907503321.0000021743CE5000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	21743CE5000
Size:	4096

Details

Name:	00000006.00000002.1524937490.0000000004C2E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4C2E000
Size:	8192

Details

Name:	00000013.00000003.1532438936.00000000006C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	0000000C.00000002.2125535487.000001C93FC41000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93FC41000
Size:	49152

Details

Name:	00000009.00000002.949153541.000002C70C44F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C70C44F000
Size:	16384

Details

Name:	0000000C.00000002.2124638915.000001C93AE02000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93AE02000
Size:	4096

Details

Name:	00000013.00000002.1570321046.00000000009B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	9B0000
Size:	4096

Details

Name:	00000014.00000002.1593411766.000000000327F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	327F000
Size:	4096

Details

Name:	0000000C.00000003.1203177870.000001C93FAE1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1C93FAE1000
Size:	28672

Details

Name:	00000002.00000003.878009759.000000000317E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	317E000
Size:	73728

Details

Name:	00000006.00000002.1553762610.0000000007AD0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7AD0000
Size:	65536

Details

Name:	00000013.00000002.1573011541.0000000007C40000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7C40000
Size:	12288

Details

Name:	00000000.00000003.870581831.0000000001069000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1069000
Size:	16384

Details

Name:	00000015.00000003.1560456221.0000000002BD0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	2BD0000
Size:	53248

Details

Name:	00000015.00000002.1603184008.0000000002F8F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2F8F000
Size:	4096

Details

Name:	00000008.00000003.907198401.0000021743BEB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	21743BEB000
Size:	4096

Details

Name:	00000013.00000002.1569813763.00000000005D7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5D7000
Size:	65536

Details

Name:	00000008.00000002.910082926.000000ECB27E6000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	ECB27E6000
Size:	40960

Details

Name:	0000000C.00000002.2122811751.0000003B31DFB000.00000004.00000010.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3B31DFB000
Size:	20480

Details

Name:	0000000C.00000002.2122763142.0000003B31CFE000.00000002.00000001.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3B31CFE000
Size:	4096

Details

Name:	00000014.00000002.1592513753.0000000000AB0000.00000004.00000001.01000000.00000011.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	AB0000
Size:	4096

Details

Name:	00000008.00000003.901011129.0000020F412D2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F412D2000
Size:	57344

Details

Name:	00000008.00000002.911344642.0000020F414A0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	20F414A0000
Size:	4096

Details

Name:	00000015.00000002.1605076049.0000000004EC0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4EC0000
Size:	4096

Details

Name:	0000000C.00000002.2125470709.000001C93FC00000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93FC00000
Size:	49152

Details

Name:	00000000.00000003.871688621.00000000010C8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	10C8000
Size:	8192

Details

Name:	00000013.00000000.1521661582.0000000000D1D000.00000080.00000001.01000000.0000000E.sdmp
TargetID:	19
Dumpstage:	process new
Regiontype:	unkown
Protect:	page execute and write copy
Base address:	D1D000
Size:	1662976

Details

Name:	00000015.00000003.1559575453.0000000000984000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	984000
Size:	4096

Details

Name:	00000015.00000003.1559794287.0000000002BD0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	2BD0000
Size:	53248

Details

Name:	00000014.00000003.1551128109.0000000004E01000.00000004.00000020.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4E01000
Size:	49152

Details

Name:	00000015.00000003.1560353642.0000000002BD0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	2BD0000
Size:	53248

Details

Name:	00000000.00000003.870053665.000000000107F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	107F000
Size:	4096

Details

Name:	00000013.00000002.1571971706.0000000003E5F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3E5F000
Size:	4096

Details

Name:	00000000.00000002.873025545.0000000000FC8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	FC8000
Size:	94208

Details

Name:	00000000.00000003.865772304.000000000115D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	115D000
Size:	90112

Details

Name:	00000014.00000002.1594648665.0000000005470000.00000040.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	5470000
Size:	4096

Details

Name:	0000000C.00000002.2125470709.000001C93FC1F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93FC1F000
Size:	49152

Details

Name:	00000015.00000002.1604520204.00000000043CE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	43CE000
Size:	8192

Details

Name:	00000000.00000003.871307869.000000000106C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	106C000
Size:	4096

Details

Name:	00000013.00000003.1534944329.0000000000684000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	684000
Size:	8192

Details

Name:	0000000C.00000002.2125720501.000001C93FCE3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93FCE3000
Size:	32768

Details

Name:	00000015.00000002.1604545610.00000000044CF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	44CF000
Size:	4096

Details

Name:	0000000C.00000002.2124539553.000001C93A702000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93A702000
Size:	45056

Details

Name:	00000006.00000002.1522791092.0000000003170000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3170000
Size:	12288

Details

Name:	00000008.00000003.907198401.0000021743BE2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	21743BE2000
Size:	4096

Details

Name:	00000000.00000003.871976205.0000000000FE2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	FE2000
Size:	8192

Details

Name:	00000008.00000003.906606781.0000020F4128C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F4128C000
Size:	12288

Details

Name:	00000008.00000003.908483527.0000021743BF3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	21743BF3000
Size:	20480

Details

Name:	00000014.00000002.1594552710.0000000005420000.00000040.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	5420000
Size:	4096

Details

Name:	00000014.00000003.1551450988.0000000001504000.00000004.00000020.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1504000
Size:	4096

Details

Name:	00000000.00000003.863732707.0000000000FE4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	FE4000
Size:	45056

Details

Name:	00000014.00000002.1594427906.0000000004DFF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4DFF000
Size:	4096

Details

Name:	0000000C.00000002.2124397660.000001C93A6AD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93A6AD000
Size:	49152

Details

Name:	0000000C.00000002.2123224568.0000003B3247E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3B3247E000
Size:	8192

Details

Name:	00000009.00000002.948952228.000000E3DB77E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	E3DB77E000
Size:	8192

Details

Name:	00000000.00000003.869292836.00000000010B8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	10B8000
Size:	24576

Details

Name:	00000002.00000003.877662312.00000000031F6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31F6000
Size:	135168

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000000.00000003.863536770.0000000000FF3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	FF3000
Size:	49152

Details

Name:	00000015.00000003.1561457936.0000000002BF0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	2BF0000
Size:	53248

Details

Name:	00000002.00000002.880478782.00000000063A0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	63A0000
Size:	4096

Details

Name:	00000006.00000002.1552628826.0000000007950000.00000040.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7950000
Size:	4096

Details

Name:	00000008.00000003.903661883.0000020F412D2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F412D2000
Size:	57344

Details

Name:	00000013.00000003.1533719944.00000000006C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000000.00000003.870016554.0000000001080000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1080000
Size:	90112

Details

Name:	00000013.00000002.1570452903.00000000009C7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	9C7000
Size:	32768

Details

Name:	00000013.00000002.1571993240.0000000003E9E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3E9E000
Size:	8192

Details

Name:	00000006.00000002.1544822720.000000000760E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	760E000
Size:	8192

Details

Name:	00000014.00000002.1594385163.0000000004CBF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4CBF000
Size:	4096

Details

Name:	00000015.00000002.1603829487.0000000003D8E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3D8E000
Size:	8192

Details

Name:	00000000.00000003.867846944.00000000010F3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	10F3000
Size:	24576

Details

Name:	00000015.00000003.1559557379.0000000000984000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	984000
Size:	4096

Details

Name:	00000013.00000002.1571460568.0000000002F9E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2F9E000
Size:	8192

Details

Name:	00000013.00000003.1530332752.0000000004AA0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4AA0000
Size:	4096

Details

Name:	00000013.00000002.1569791279.0000000000580000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	580000
Size:	8192

Details

Name:	00000013.00000002.1570627749.0000000000CD6000.00000040.00000001.01000000.0000000E.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	CD6000
Size:	114688

Details

Name:	00000009.00000002.974967281.000002C726690000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C726690000
Size:	241664

Signature Hits	Behavior Group	Mitre Attack
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	0000000C.00000002.2124263718.000001C93A62B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93A62B000
Size:	86016

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000013.00000002.1571646434.000000000349E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	349E000
Size:	8192

Details

Name:	00000013.00000003.1526644919.00000000006C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000013.00000002.1570627749.0000000000D0E000.00000040.00000001.01000000.0000000E.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	D0E000
Size:	40960

Details

Name:	00000009.00000002.948874423.000000E3DB4FD000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	E3DB4FD000
Size:	12288

Details

Name:	00000006.00000002.1523204181.0000000003220000.00000002.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page readonly
Base address:	3220000
Size:	4096

Details

Name:	00000009.00000002.975532482.00007FF93626D000.00000040.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7FF93626D000
Size:	12288

Details

Name:	0000000C.00000002.2123155587.0000003B323FE000.00000002.00000001.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3B323FE000
Size:	4096

Details

Name:	00000015.00000003.1562094070.0000000004E60000.00000040.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4E60000
Size:	4096

Details

Name:	00000006.00000002.1522469350.0000000002F20000.00000004.00000020.00040000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2F20000
Size:	4096

Details

Name:	00000006.00000002.1522525537.000000000307E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	307E000
Size:	8192

Details

Name:	00000014.00000002.1594080458.00000000043FF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	43FF000
Size:	4096

Details

Name:	00000013.00000002.1572080609.000000000411E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	411E000
Size:	8192

Details

Name:	00000006.00000002.1523077646.00000000031A5000.00000040.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	31A5000
Size:	45056

Details

Name:	00000008.00000003.907572272.0000021743BF1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	21743BF1000
Size:	4096

Details

Name:	00000000.00000003.864327305.000000000101D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	101D000
Size:	4096

Details

Name:	00000013.00000002.1572101493.000000000421F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	421F000
Size:	4096

Details

Name:	00000014.00000003.1552738247.00000000053F0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	53F0000
Size:	4096

Details

Name:	00000006.00000002.1551426731.0000000007864000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7864000
Size:	77824

Details

Name:	00000015.00000003.1561066934.0000000000984000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	984000
Size:	4096

Details

Name:	00000013.00000003.1526563511.00000000044B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44B1000
Size:	204800

Details

Name:	00000002.00000003.875379307.00000000031E0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31E0000
Size:	24576

Details

Name:	00000002.00000003.876027674.0000000006550000.00000004.00000800.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6550000
Size:	4096

Details

Name:	0000000C.00000002.2124334417.000001C93A676000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93A676000
Size:	8192

Details

Name:	00000009.00000002.977196273.00007FF936530000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7FF936530000
Size:	65536

Details

Name:	00000014.00000002.1593030331.0000000000FEC000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	FEC000
Size:	16384

Details

Name:	00000009.00000002.971147131.000002C71E61A000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2C71E61A000
Size:	4096

Details

Name:	0000000C.00000003.1203838978.000001C93FB40000.00000004.00000800.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1C93FB40000
Size:	4096

Details

Name:	00000008.00000002.910601662.0000020F41200000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	20F41200000
Size:	4096

Details

Name:	0000000C.00000002.2125428407.000001C93FBB0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1C93FBB0000
Size:	4096

Details

Name:	00000013.00000002.1570522272.0000000000A10000.00000004.00000001.01000000.0000000E.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	A10000
Size:	4096

Details

Name:	00000002.00000003.871908753.00000000031F3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31F3000
Size:	8192

Details

Name:	0000000C.00000002.2125809129.000001C93FCF5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93FCF5000
Size:	16384

Details

Name:	0000000C.00000002.2124699796.000001C93AF02000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93AF02000
Size:	32768

Details

Name:	00000009.00000002.949136022.000002C70C3E0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2C70C3E0000
Size:	16384

Details

Name:	0000000C.00000003.1204402436.000001C93FBF0000.00000004.00000400.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	free memory
Regiontype:	remote allocation
Protect:	page read and write
Base address:	1C93FBF0000
Size:	4096

Details

Name:	00000013.00000003.1529859750.0000000004AC0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4AC0000
Size:	4096

Details

Name:	00000014.00000003.1544522131.0000000004E01000.00000004.00000020.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4E01000
Size:	65536

Details

Name:	00000013.00000000.1521608740.0000000000A11000.00000080.00000001.01000000.0000000E.sdmp
TargetID:	19
Dumpstage:	process new
Regiontype:	unkown
Protect:	page execute and write copy
Base address:	A11000
Size:	188416

Details

Name:	00000014.00000003.1544780210.0000000004F00000.00000004.00000800.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4F00000
Size:	151552

Details

Name:	00000006.00000002.1522362560.0000000002E6C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2E6C000
Size:	16384

Details

Name:	00000015.00000002.1603226745.00000000030CF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	30CF000
Size:	4096

Details

Name:	00000014.00000002.1593259235.000000000167E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	167E000
Size:	8192

Details

Name:	00000006.00000002.1555022766.000000000864E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	864E000
Size:	8192

Details

Name:	00000000.00000003.870824888.0000000001051000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1051000
Size:	16384

Details

Name:	0000000C.00000003.1255313438.000001C93FD04000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1C93FD04000
Size:	4096

Details

Name:	00000000.00000003.867916838.00000000010D3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	10D3000
Size:	57344

Details

Name:	00000002.00000003.877259051.0000000004EA0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4EA0000
Size:	4096

Details

Name:	0000000C.00000002.2124295450.000001C93A641000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93A641000
Size:	102400

Details

Name:	00000015.00000003.1559975923.0000000002BD0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	2BD0000
Size:	53248

Details

Name:	00000015.00000003.1559348705.0000000004990000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4990000
Size:	147456

Details

Name:	00000006.00000002.1545408533.00000000077C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	77C0000
Size:	94208

Details

Name:	00000000.00000002.873651461.0000000001165000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1165000
Size:	8192

Details

Name:	00000015.00000002.1604818924.000000000478E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	478E000
Size:	8192

Details

Name:	00000000.00000002.872434426.00000000005CA000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	5CA000
Size:	24576

Details

Name:	00000014.00000002.1593371419.000000000313F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	313F000
Size:	4096

Details

Name:	0000000C.00000002.2125346617.000001C93FAB0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1C93FAB0000
Size:	4096

Details

Name:	00000013.00000002.1572989586.000000000629F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	629F000
Size:	4096

Details

Name:	00000009.00000002.976089129.00007FF936420000.00000040.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7FF936420000
Size:	4096

Details

Name:	0000000C.00000002.2124192209.000001C93A600000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93A600000
Size:	73728

Details

Name:	00000013.00000003.1526664661.00000000006C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000009.00000002.976612136.00007FF9364C0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7FF9364C0000
Size:	65536

Details

Name:	00000000.00000003.870768059.0000000001055000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1055000
Size:	32768

Details

Name:	0000000C.00000002.2123726406.0000003B32AFE000.00000002.00000001.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3B32AFE000
Size:	4096

Details

Name:	00000002.00000002.878222872.0000000002FE0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2FE0000
Size:	16384

Details

Name:	00000000.00000003.863561595.0000000000FF3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	FF3000
Size:	49152

Details

Name:	00000009.00000002.949055979.000002C70C330000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C70C330000
Size:	12288

Details

Name:	00000000.00000003.871976205.0000000000FDF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	FDF000
Size:	4096

Details

Name:	00000000.00000002.872748518.0000000000D8E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	D8E000
Size:	8192

Details

Name:	00000008.00000003.900356643.0000020F412E1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F412E1000
Size:	69632

Details

Name:	00000002.00000002.879641368.0000000004E70000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4E70000
Size:	4096

Details

Name:	00000009.00000002.976465584.00007FF9364A0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7FF9364A0000
Size:	65536

Details

Name:	00000013.00000002.1572753301.0000000004B40000.00000040.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4B40000
Size:	4096

Details

Name:	00000000.00000003.871424817.000000000113B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	113B000
Size:	24576

Details

Name:	00000008.00000003.905513923.0000020F412D2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F412D2000
Size:	57344

Details

Name:	00000014.00000002.1594353163.0000000004BBE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4BBE000
Size:	8192

Details

Name:	00000002.00000002.880455189.0000000005AF0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5AF0000
Size:	4096

Details

Name:	00000013.00000002.1569959318.0000000000602000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	602000
Size:	45056

Details

Name:	00000000.00000003.870035999.000000000108C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	108C000
Size:	40960

Details

Name:	00000006.00000002.1555506309.0000000008C8D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	8C8D000
Size:	12288

Details

Name:	00000006.00000002.1554819726.0000000008540000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	8540000
Size:	8192

Details

Name:	00000014.00000002.1592627327.0000000000B1F000.00000040.00000001.01000000.00000011.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	B1F000
Size:	1564672

Details

Name:	00000015.00000003.1561380497.0000000002BF0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	2BF0000
Size:	53248

Details

Name:	00000009.00000002.975462261.00007FF936263000.00000040.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7FF936263000
Size:	4096

Details

Name:	0000000C.00000002.2125179978.000001C93B9B1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1C93B9B1000
Size:	4096

Details

Name:	00000008.00000003.900992238.0000020F412F1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F412F1000
Size:	4096

Details

Name:	00000000.00000003.869351096.0000000001099000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1099000
Size:	32768

Details

Name:	00000002.00000002.880347046.000000000590F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	590F000
Size:	4096

Details

Name:	00000013.00000002.1570627749.0000000000C00000.00000040.00000001.01000000.0000000E.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	C00000
Size:	864256

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000009.00000002.977128721.00007FF936520000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7FF936520000
Size:	65536

Details

Name:	00000013.00000002.1571925334.0000000003D1F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3D1F000
Size:	4096

Details

Name:	00000000.00000000.863056095.000000000029C000.00000008.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown
Protect:	page write copy
Base address:	29C000
Size:	4096

Details

Name:	0000000C.00000002.2122657347.0000003B31AFE000.00000002.00000001.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3B31AFE000
Size:	4096

Details

Name:	0000000C.00000003.1265623884.000001C93FA71000.00000004.00000800.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1C93FA71000
Size:	4096

Details

Name:	00000015.00000002.1604606284.000000000450E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	450E000
Size:	8192

Details

Name:	0000000C.00000003.1203365210.000001C93FAB0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1C93FAB0000
Size:	4096

Details

Name:	00000009.00000002.977670200.00007FF9365A0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7FF9365A0000
Size:	45056

Details

Name:	00000008.00000003.907426354.0000021743BF1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	21743BF1000
Size:	4096

Details

Name:	00000014.00000002.1593543270.000000000363F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	363F000
Size:	4096

Details

Name:	00000008.00000003.907160198.0000021743BF1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	21743BF1000
Size:	28672

Details

Name:	0000000C.00000002.2124397660.000001C93A679000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93A679000
Size:	4096

Details

Name:	00000002.00000003.874708662.00000000031B9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31B9000
Size:	98304

Details

Name:	00000008.00000003.907629690.00000217431A1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	217431A1000
Size:	4096

Details

Name:	00000008.00000003.907572272.0000021743BD8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	21743BD8000
Size:	20480

Details

Name:	00000000.00000003.869351096.00000000010A2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	10A2000
Size:	20480

Details

Name:	00000015.00000003.1561007933.0000000000984000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	984000
Size:	4096

Details

Name:	0000000C.00000002.2123112447.0000003B3237E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3B3237E000
Size:	8192

Details

Name:	00000015.00000002.1602978471.0000000002A8E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2A8E000
Size:	8192

Details

Name:	00000015.00000003.1559306827.0000000000984000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	984000
Size:	4096

Details

Name:	0000000C.00000002.2125266724.000001C93FA50000.00000004.00000800.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1C93FA50000
Size:	4096

Details

Name:	00000009.00000002.949153541.000002C70C435000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C70C435000
Size:	4096

Details

Name:	00000015.00000002.1602520567.0000000000D76000.00000040.00000001.01000000.00000011.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	D76000
Size:	114688

Details

Name:	00000014.00000003.1545161753.0000000001504000.00000004.00000020.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1504000
Size:	4096

Details

Name:	00000000.00000003.865834314.0000000001167000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1167000
Size:	49152

Details

Name:	00000015.00000002.1603090205.0000000002D0F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2D0F000
Size:	4096

Details

Name:	00000009.00000002.948756054.000000E3DAF0E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	E3DAF0E000
Size:	8192

Details

Name:	00000014.00000002.1593116503.000000000149E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	149E000
Size:	8192

Details

Name:	00000006.00000002.1553652769.0000000007AC0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7AC0000
Size:	65536

Details

Name:	00000015.00000002.1602953549.00000000012AF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	12AF000
Size:	4096

Details

Name:	00000006.00000002.1554942761.00000000085F0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	85F0000
Size:	4096

Details

Name:	00000013.00000002.1571415250.0000000002E5E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2E5E000
Size:	8192

Details

Name:	00000014.00000002.1594712495.00000000054A0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	54A0000
Size:	4096

Details

Name:	00000006.00000002.1551426731.000000000784C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	784C000
Size:	53248

Details

Name:	00000013.00000002.1573032057.0000000007D7E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7D7E000
Size:	8192

Details

Name:	00000002.00000002.880242068.00000000052A0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	52A0000
Size:	4096

Details

Name:	00000008.00000002.910386854.000000ECB359B000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	ECB359B000
Size:	20480

Details

Name:	00000014.00000002.1593862618.000000000403F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	403F000
Size:	4096

Details

Name:	00000013.00000002.1572408917.000000000449F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	449F000
Size:	4096

Details

Name:	00000002.00000002.880118940.0000000004E80000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4E80000
Size:	8192

Details

Name:	00000006.00000002.1522609355.00000000030C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	30C0000
Size:	12288

Details

Name:	00000014.00000003.1551299230.0000000001504000.00000004.00000020.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1504000
Size:	4096

Details

Name:	00000013.00000002.1570001276.0000000000624000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	624000
Size:	4096

Details

Name:	00000006.00000002.1552449518.0000000007940000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7940000
Size:	65536

Details

Name:	00000006.00000002.1543462444.00000000072D1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	72D1000
Size:	73728

Details

Name:	00000014.00000003.1545480950.0000000001620000.00000004.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	1620000
Size:	53248

Details

Name:	00000002.00000002.878513561.0000000003171000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3171000
Size:	49152

Details

Name:	00000014.00000002.1593684883.0000000003A3E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3A3E000
Size:	8192

Details

Name:	00000002.00000003.877259051.0000000004EA6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4EA6000
Size:	32768

Details

Name:	00000013.00000003.1526410419.00000000044B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44B1000
Size:	65536

Details

Name:	00000014.00000002.1593805840.0000000003DFE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3DFE000
Size:	8192

Details

Name:	00000008.00000003.903398949.0000020F4128C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F4128C000
Size:	12288

Details

Name:	00000006.00000002.1552140138.00000000078A0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	78A0000
Size:	24576

Details

Name:	00000000.00000003.871253503.00000000010A6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	10A6000
Size:	4096

Details

Name:	00000014.00000002.1593137957.00000000014DE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	14DE000
Size:	8192

Details

Name:	00000015.00000002.1601869822.00000000005CC000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	5CC000
Size:	16384

Details

Name:	00000013.00000002.1570102354.0000000000669000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	669000
Size:	159744

Details

Name:	00000015.00000002.1603137683.0000000002E4F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2E4F000
Size:	4096

Details

Name:	00000013.00000003.1534944329.000000000066F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	66F000
Size:	57344

Details

Name:	0000000C.00000002.2125720501.000001C93FCEE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93FCEE000
Size:	20480

Details

Name:	00000014.00000002.1594230163.00000000047FE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	47FE000
Size:	8192

Details

Name:	0000000C.00000002.2123315885.0000003B3257E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3B3257E000
Size:	8192

Details

Name:	00000002.00000003.872187983.00000000031F3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	31F3000
Size:	8192

Details

Name:	00000000.00000003.864853882.0000000001173000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1173000
Size:	159744

Details

Name:	00000013.00000003.1526730217.00000000006C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000006.00000002.1523032301.00000000031A0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	31A0000
Size:	4096

Details

Name:	00000006.00000002.1545133266.00000000076A2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	76A2000
Size:	4096

Details

Name:	00000014.00000002.1592627327.0000000000DBD000.00000040.00000001.01000000.00000011.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	DBD000
Size:	4096

Details

Name:	00000009.00000002.975486448.00007FF936264000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7FF936264000
Size:	36864

Details

Name:	00000000.00000003.870844885.000000000103D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	103D000
Size:	61440

Details

Name:	00000000.00000003.869177315.00000000010F4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	10F4000
Size:	20480

Details

Name:	00000013.00000000.1521644858.0000000000A7D000.00000008.00000001.01000000.0000000E.sdmp
TargetID:	19
Dumpstage:	process new
Regiontype:	unkown
Protect:	page write copy
Base address:	A7D000
Size:	4096

Details

Name:	0000000C.00000002.2123058328.0000003B322FE000.00000002.00000001.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3B322FE000
Size:	4096

Details

Name:	00000006.00000002.1552329854.00000000078C0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	78C0000
Size:	4096

Details

Name:	00000002.00000002.878895196.00000000031EA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	31EA000
Size:	8192

Details

Name:	00000013.00000003.1530147614.0000000004AC0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4AC0000
Size:	4096

Details

Name:	00000000.00000002.873607293.0000000001148000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1148000
Size:	8192

Details

Name:	00000000.00000003.870973699.0000000001043000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1043000
Size:	36864

Details

Name:	00000002.00000002.878222872.0000000002FE5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2FE5000
Size:	16384

Details

Name:	0000000C.00000002.2125581032.000001C93FC4E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93FC4E000
Size:	12288

Details

Name:	00000009.00000002.977411947.00007FF936560000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7FF936560000
Size:	65536

Details

Name:	00000006.00000002.1544371118.0000000007470000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7470000
Size:	32768

Details

Name:	00000000.00000002.873805791.0000000003350000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3350000
Size:	8192

Details

Name:	00000002.00000002.878895196.00000000031F6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	31F6000
Size:	135168

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000008.00000002.910997347.0000020F41292000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	20F41292000
Size:	86016

Details

Name:	00000013.00000002.1571437090.0000000002F5F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2F5F000
Size:	4096

Details

Name:	00000009.00000002.974419404.000002C7263D1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C7263D1000
Size:	36864

Details

Name:	00000008.00000003.905238589.0000020F412F2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F412F2000
Size:	4096

Details

Name:	00000009.00000002.948846917.000000E3DB3FF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	E3DB3FF000
Size:	4096

Details

Name:	00000009.00000002.976917426.00007FF9364F0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7FF9364F0000
Size:	65536

Details

Name:	00000006.00000002.1545178094.00000000077A0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	77A0000
Size:	32768

Details

Name:	00000013.00000003.1528489719.00000000006C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	0000000C.00000002.2124539553.000001C93A6FE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93A6FE000
Size:	12288

Details

Name:	0000000C.00000002.2124397660.000001C93A68D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93A68D000
Size:	12288

Details

Name:	00000000.00000002.873630293.000000000115B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	115B000
Size:	8192

Details

Name:	00000002.00000003.874474164.00000000066D0000.00000010.00000800.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page execute
Base address:	66D0000
Size:	4096

Details

Name:	00000015.00000002.1603045259.0000000002C00000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C00000
Size:	16384

Details

Name:	00000015.00000002.1602999612.0000000002B8F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2B8F000
Size:	4096

Details

Name:	00000013.00000003.1538663158.00000000068B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	68B0000
Size:	8192

Details

Name:	00000008.00000003.907503321.0000021743CD0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	21743CD0000
Size:	4096

Details

Name:	00000002.00000002.880551369.0000000006860000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6860000
Size:	36864

Details

Name:	00000006.00000002.1542969069.00000000070EF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	70EF000
Size:	4096

Details

Name:	00000006.00000002.1554439331.0000000007B30000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7B30000
Size:	65536

Details

Name:	00000006.00000002.1545958592.00000000077E6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	77E6000
Size:	4096

Details

Name:	00000013.00000003.1527079665.00000000044A0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	44A0000
Size:	53248

Details

Name:	00000008.00000003.909951388.0000020F42C04000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F42C04000
Size:	4096

Details

Name:	00000002.00000003.876244967.00000000063A5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	63A5000
Size:	20480

Details

Name:	00000002.00000002.880524846.0000000006740000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6740000
Size:	8192

Details

Name:	00000013.00000003.1535212440.0000000000687000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	687000
Size:	36864

Details

Name:	00000013.00000003.1533275178.00000000006C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000009.00000002.949970233.000002C70E331000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2C70E331000
Size:	516096

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000008.00000003.907426354.0000021743BEB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	21743BEB000
Size:	4096

Details

Name:	00000002.00000003.876378588.00000000064AC000.00000004.00000800.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	64AC000
Size:	4096

Details

Name:	00000008.00000003.903398949.0000020F41291000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F41291000
Size:	90112

Details

Name:	00000009.00000002.971147131.000002C71E331000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2C71E331000
Size:	53248

Details

Name:	00000008.00000002.910713908.0000020F4124D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	20F4124D000
Size:	110592

Details

Name:	00000009.00000002.948996197.000000E3DB8FE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	E3DB8FE000
Size:	8192

Details

Name:	00000015.00000003.1563828560.0000000000984000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	984000
Size:	4096

Details

Name:	00000002.00000003.875420256.0000000003191000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3191000
Size:	90112

Details

Name:	00000014.00000003.1546187999.0000000001620000.00000004.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	1620000
Size:	53248

Details

Name:	00000006.00000002.1523458938.000000000327C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	327C000
Size:	40960

Details

Name:	00000013.00000002.1572970678.000000000619E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	619E000
Size:	8192

Details

Name:	00000013.00000003.1532928642.00000000006C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000008.00000003.901011129.0000020F412E1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F412E1000
Size:	65536

Details

Name:	00000006.00000002.1523158997.000000000320E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	320E000
Size:	8192

Details

Name:	00000006.00000002.1555646256.0000000008D4C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	8D4C000
Size:	16384

Details

Name:	0000000C.00000002.2122866553.0000003B31EFE000.00000002.00000001.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3B31EFE000
Size:	4096

Details

Name:	0000000C.00000002.2124397660.000001C93A692000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93A692000
Size:	40960

Details

Name:	00000014.00000003.1545570289.0000000001620000.00000004.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	1620000
Size:	53248

Details

Name:	00000014.00000002.1594510122.0000000005400000.00000040.00001000.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	5400000
Size:	4096

Details

Name:	00000013.00000002.1571624869.000000000345F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	345F000
Size:	4096

Details

Name:	00000006.00000002.1552407024.000000000790D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	790D000
Size:	12288

Details

Name:	00000015.00000002.1604731004.000000000460F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	460F000
Size:	4096

Details

Name:	0000000C.00000002.2122975637.0000003B320FE000.00000002.00000001.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3B320FE000
Size:	4096

Details

Name:	00000015.00000002.1604854326.000000000488F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	488F000
Size:	4096

Details

Name:	00000015.00000002.1603582965.000000000374E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	374E000
Size:	8192

Details

Name:	00000008.00000003.907074016.0000021743BEB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	21743BEB000
Size:	4096

Details

Name:	00000013.00000003.1528636766.00000000006C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000008.00000002.911749400.0000021743D50000.00000002.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page readonly
Base address:	21743D50000
Size:	4096

Details

Name:	00000002.00000002.878491852.000000000312E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	312E000
Size:	8192

Details

Name:	00000008.00000003.903398949.0000020F412F2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	20F412F2000
Size:	4096

Details

Name:	00000013.00000002.1570102354.0000000000664000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	664000
Size:	16384

Details

Name:	00000014.00000002.1593767215.0000000003CBE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3CBE000
Size:	8192

Details

Name:	00000000.00000003.864327305.000000000103D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	103D000
Size:	409600

Details

Name:	00000002.00000002.879317054.000000000336A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	336A000
Size:	20480

Details

Name:	0000000C.00000002.2123862552.0000003B32FFE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3B32FFE000
Size:	8192

Details

Name:	00000000.00000002.873498923.00000000010F6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	10F6000
Size:	12288

Details

Name:	00000013.00000002.1570541222.0000000000A76000.00000040.00000001.01000000.0000000E.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	A76000
Size:	16384

Details

Name:	00000013.00000003.1526623716.00000000006C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000000.00000002.873752606.00000000017BE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	17BE000
Size:	8192

Details

Name:	00000015.00000003.1562008115.0000000004E80000.00000040.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4E80000
Size:	4096

Details

Name:	00000009.00000002.975390208.000002C726706000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C726706000
Size:	8192

Details

Name:	00000013.00000003.1533195298.00000000006C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000014.00000003.1545132160.0000000001504000.00000004.00000020.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1504000
Size:	4096

Details

Name:	00000002.00000002.878513561.0000000003168000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3168000
Size:	32768

Details

Name:	00000013.00000002.1572934741.000000000605E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	605E000
Size:	8192

Details

Name:	00000000.00000003.869292836.00000000010A7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	10A7000
Size:	40960

Details

Name:	0000000C.00000002.2124699796.000001C93AF00000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93AF00000
Size:	4096

Details

Name:	00000002.00000002.878895196.00000000031EE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	31EE000
Size:	4096

Details

Name:	00000000.00000002.873568699.000000000113F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	113F000
Size:	8192

Details

Name:	00000009.00000002.974868734.000002C7264F0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C7264F0000
Size:	16384

Details

Name:	00000015.00000002.1603682311.00000000039CE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	39CE000
Size:	8192

Details

Name:	0000000C.00000002.2125385694.000001C93FB50000.00000004.00000800.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1C93FB50000
Size:	4096

Details

Name:	00000014.00000002.1592627327.0000000000DA2000.00000040.00000001.01000000.00000011.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	DA2000
Size:	40960

Details

Name:	00000006.00000002.1552667232.0000000007960000.00000040.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page execute and read and write
Base address:	7960000
Size:	4096

Details

Name:	0000000C.00000002.2125470709.000001C93FC0F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1C93FC0F000
Size:	53248

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000009.00000002.974927216.000002C7265D0000.00000040.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page execute and read and write
Base address:	2C7265D0000
Size:	4096

Details

Name:	0000000C.00000002.2125057039.000001C93B490000.00000002.08000000.00040000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	trusted library section
Protect:	page readonly
Base address:	1C93B490000
Size:	65536

Details

Name:	00000013.00000003.1532644256.00000000006C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000015.00000003.1559916609.0000000002BD0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	2BD0000
Size:	53248

Details

Name:	00000013.00000002.1571391660.0000000002E1F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2E1F000
Size:	4096

Details

Name:	00000014.00000002.1593473040.00000000033FE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	33FE000
Size:	8192

Details

Name:	00000002.00000002.880186473.0000000005010000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5010000
Size:	4096

Details

Name:	00000015.00000002.1602214021.0000000000960000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	960000
Size:	4096

Details

Name:	00000015.00000002.1605421221.0000000004F10000.00000040.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4F10000
Size:	4096

Details

Name:	00000002.00000002.878136677.0000000002BCD000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2BCD000
Size:	12288

Details

Name:	00000009.00000002.948889564.000000E3DB577000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	E3DB577000
Size:	36864

Details

Name:	00000013.00000003.1530298711.0000000004AC0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4AC0000
Size:	4096

Details

Name:	00000013.00000002.1571669057.000000000359F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	359F000
Size:	4096

Details

Name:	00000009.00000002.948817650.000000E3DB2FE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	E3DB2FE000
Size:	8192

Details

Name:	00000002.00000002.878076402.0000000002B19000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2B19000
Size:	28672

Details

Name:	00000014.00000003.1551369596.0000000001504000.00000004.00000020.00020000.00000000.sdmp
TargetID:	20
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1504000
Size:	4096

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
random.exe

Files

Processes

URLs

IPs

Registry

Memdumps

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Reportrandom.exe

Files

Processes

URLs

IPs

Registry

Memdumps

IOC Report
random.exe