|
4A82000
|
trusted library allocation
|
page read and write
|
 |
|
|
| Name: |
00000005.00000002.1229238582.0000000004A82000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4A82000
|
| Size: |
966656
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected RedLine Stealer |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara detected Credential Stealer |
Stealing of Sensitive Information |
|
|
|
822000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000014.00000002.1626970669.0000000000822000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
822000
|
| Size: |
839680
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected RedLine Stealer |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara detected Credential Stealer |
Stealing of Sensitive Information |
|
|
|
4672000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1648777581.0000000004672000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4672000
|
| Size: |
3334144
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected RedLine Stealer |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara detected Credential Stealer |
Stealing of Sensitive Information |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3911000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003911000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3911000
|
| Size: |
1122304
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Tries to detect sandboxes and other dynamic analysis tools (process name or module or function) |
Malware Analysis System Evasion |
Security Software Discovery
|
| Yara detected Costura Assembly Loader |
Data Obfuscation |
|
| URLs found in memory or binary data |
Networking |
|
|
|
35BC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000035BC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
35BC000
|
| Size: |
368640
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Tries to detect sandboxes and other dynamic analysis tools (process name or module or function) |
Malware Analysis System Evasion |
Security Software Discovery
|
| Yara detected Costura Assembly Loader |
Data Obfuscation |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
| URLs found in memory or binary data |
Networking |
|
|
|
71D0000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1238404001.00000000071D0000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
71D0000
|
| Size: |
794624
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Costura Assembly Loader |
Data Obfuscation |
|
|
|
4D68000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1229238582.0000000004D68000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4D68000
|
| Size: |
847872
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected RedLine Stealer |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara detected Credential Stealer |
Stealing of Sensitive Information |
|
|
|
5DCE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1653067691.0000000005DCE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5DCE000
|
| Size: |
8192
|
|
|
620B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1598673015.000000000620B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
620B000
|
| Size: |
8192
|
|
|
3BC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003BC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BC0000
|
| Size: |
4096
|
|
|
397D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000397D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
397D000
|
| Size: |
4096
|
|
|
3D07000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D07000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D07000
|
| Size: |
4096
|
|
|
3894000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003894000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3894000
|
| Size: |
4096
|
|
|
3C86000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C86000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C86000
|
| Size: |
32768
|
|
|
3CA1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003CA1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3CA1000
|
| Size: |
49152
|
|
|
6380000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.1654449191.0000000006380000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6380000
|
| Size: |
65536
|
|
|
61FF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1598673015.00000000061FF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
61FF000
|
| Size: |
45056
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1523088285.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
37E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000037E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37E0000
|
| Size: |
12288
|
|
|
7110000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1237884647.0000000007110000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
7110000
|
| Size: |
323584
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
30F4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3365781377.00000000030F4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30F4000
|
| Size: |
4096
|
|
|
3E46000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003E46000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E46000
|
| Size: |
4096
|
|
|
3D4F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D4F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D4F000
|
| Size: |
4096
|
|
|
3ABC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003ABC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3ABC000
|
| Size: |
12288
|
|
|
361B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000361B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
361B000
|
| Size: |
4096
|
|
|
E1B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1628368968.0000000000E1B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E1B000
|
| Size: |
442368
|
|
|
3C20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C20000
|
| Size: |
4096
|
|
|
3EA3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003EA3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3EA3000
|
| Size: |
36864
|
|
|
3826000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003826000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3826000
|
| Size: |
4096
|
|
|
13B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3362486965.00000000013B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
13B0000
|
| Size: |
8192
|
|
|
65F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1235156431.00000000065F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
65F0000
|
| Size: |
65536
|
|
|
2A54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000003.1660667085.0000000002A54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A54000
|
| Size: |
4096
|
|
|
3858000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003858000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3858000
|
| Size: |
4096
|
|
|
6610000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1235304851.0000000006610000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6610000
|
| Size: |
49152
|
|
|
8D0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000002.1180461604.00000000008D0000.00000002.00000001.01000000.00000004.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
8D0000
|
| Size: |
4096
|
|
|
620E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1598673015.000000000620E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
620E000
|
| Size: |
24576
|
|
|
56A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3367389395.00000000056A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
56A0000
|
| Size: |
20480
|
|
|
2D88000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1215047827.0000000002D88000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D88000
|
| Size: |
2498560
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
6150000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1653379235.0000000006150000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6150000
|
| Size: |
4096
|
|
|
566E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3366740013.000000000566E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
566E000
|
| Size: |
4096
|
|
|
1366000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3362486965.0000000001366000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1366000
|
| Size: |
4096
|
|
|
56D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3367462034.00000000056D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
56D0000
|
| Size: |
229376
|
|
|
352D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000352D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
352D000
|
| Size: |
172032
|
|
|
363A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000363A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
363A000
|
| Size: |
12288
|
|
|
5D1E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3368161099.0000000005D1E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5D1E000
|
| Size: |
8192
|
|
|
3979000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003979000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3979000
|
| Size: |
4096
|
|
|
139C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3362486965.000000000139C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
139C000
|
| Size: |
28672
|
|
|
3796000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003796000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3796000
|
| Size: |
4096
|
|
|
37F4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000037F4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37F4000
|
| Size: |
4096
|
|
|
3E9E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003E9E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E9E000
|
| Size: |
4096
|
|
|
2B1E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.1660927522.0000000002B1E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2B1E000
|
| Size: |
8192
|
|
|
BC0000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1627726554.0000000000BC0000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
BC0000
|
| Size: |
4096
|
|
|
2A74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1243545180.0000000002A74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A74000
|
| Size: |
4096
|
|
|
3DFA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003DFA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3DFA000
|
| Size: |
4096
|
|
|
3AD8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003AD8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AD8000
|
| Size: |
20480
|
|
|
865000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000011.00000002.1627233584.0000000000865000.00000002.00000001.01000000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
865000
|
| Size: |
24576
|
|
|
3694000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003694000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3694000
|
| Size: |
4096
|
|
|
D03000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.1627923165.0000000000D03000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
D03000
|
| Size: |
4096
|
|
|
3A3B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003A3B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A3B000
|
| Size: |
4096
|
|
|
4911000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1229238582.0000000004911000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4911000
|
| Size: |
184320
|
|
|
2720000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1629671832.0000000002720000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2720000
|
| Size: |
4096
|
|
|
24655000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1198856997.0000000024655000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24655000
|
| Size: |
2498560
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
28A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1629809279.00000000028A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
28A0000
|
| Size: |
65536
|
|
|
3B12000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003B12000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B12000
|
| Size: |
8192
|
|
|
3F04000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003F04000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3F04000
|
| Size: |
61440
|
|
|
355E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000355E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
355E000
|
| Size: |
12288
|
|
|
1310000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3362371013.0000000001310000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1310000
|
| Size: |
16384
|
|
|
3E10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003E10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E10000
|
| Size: |
4096
|
|
|
565C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3366740013.000000000565C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
565C000
|
| Size: |
4096
|
|
|
367B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000367B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
367B000
|
| Size: |
4096
|
|
|
2A74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1247971944.0000000002A74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A74000
|
| Size: |
4096
|
|
|
399B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000399B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
399B000
|
| Size: |
4096
|
|
|
3240000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1181306381.0000000003240000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3240000
|
| Size: |
4096
|
|
|
2670000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000014.00000002.1628756249.0000000002670000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
2670000
|
| Size: |
32768
|
|
|
3698000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003698000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3698000
|
| Size: |
4096
|
|
|
3947000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003947000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3947000
|
| Size: |
4096
|
|
|
3BCF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003BCF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BCF000
|
| Size: |
4096
|
|
|
39F8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000039F8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39F8000
|
| Size: |
94208
|
|
|
499E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1629202487.000000000499E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
499E000
|
| Size: |
8192
|
|
|
365B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000365B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
365B000
|
| Size: |
94208
|
|
|
3AAF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003AAF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AAF000
|
| Size: |
4096
|
|
|
3E2B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003E2B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E2B000
|
| Size: |
4096
|
|
|
3B91000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B91000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B91000
|
| Size: |
40960
|
|
|
C68000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1628117346.0000000000C68000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C68000
|
| Size: |
81920
|
|
|
3AE8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003AE8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AE8000
|
| Size: |
4096
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1095707638.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
3D8E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D8E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D8E000
|
| Size: |
4096
|
|
|
3824000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003824000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3824000
|
| Size: |
4096
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1523984606.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1522913150.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
3AE6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003AE6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AE6000
|
| Size: |
4096
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1522616927.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
463D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1648777581.000000000463D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
463D000
|
| Size: |
135168
|
|
|
39C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000039C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39C0000
|
| Size: |
4096
|
|
|
389C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216458551.000000000389C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
389C000
|
| Size: |
16384
|
|
|
250C2000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1199516902.00000000250C2000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
250C2000
|
| Size: |
86016
|
|
|
3AA9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003AA9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AA9000
|
| Size: |
4096
|
|
|
3845000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003845000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3845000
|
| Size: |
4096
|
|
|
3BDF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003BDF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BDF000
|
| Size: |
4096
|
|
|
24BDD000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1611910798.0000000024BDD000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
24BDD000
|
| Size: |
2498560
|
|
|
2492A000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1611745602.000000002492A000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
2492A000
|
| Size: |
4096
|
|
|
6140000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1653290134.0000000006140000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6140000
|
| Size: |
57344
|
|
|
6680000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1235498497.0000000006680000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6680000
|
| Size: |
57344
|
|
|
39F4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000039F4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39F4000
|
| Size: |
4096
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1095526750.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
4850000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.1661304071.0000000004850000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4850000
|
| Size: |
2498560
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
| URLs found in memory or binary data |
Networking |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1096415143.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
30A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3365217346.00000000030A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30A0000
|
| Size: |
61440
|
|
|
3B3D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003B3D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B3D000
|
| Size: |
4096
|
|
|
4E75000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000012.00000003.1660163600.0000000004E75000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
4E75000
|
| Size: |
143360
|
|
|
3A63000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003A63000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A63000
|
| Size: |
4096
|
|
|
3D96000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D96000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D96000
|
| Size: |
4096
|
|
|
3C46000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C46000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C46000
|
| Size: |
4096
|
|
|
3AB5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003AB5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AB5000
|
| Size: |
4096
|
|
|
5141000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1465952136.0000000005141000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
5141000
|
| Size: |
4096
|
|
|
374A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000374A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
374A000
|
| Size: |
94208
|
|
|
27DC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1467653445.00000000027DC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
27DC000
|
| Size: |
16384
|
|
|
3900000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216730521.0000000003900000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3900000
|
| Size: |
4096
|
|
|
2A54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000003.1660416809.0000000002A54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A54000
|
| Size: |
4096
|
|
|
3B50000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003B50000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B50000
|
| Size: |
4096
|
|
|
68C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1236282147.00000000068C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
68C0000
|
| Size: |
4096
|
|
|
3E7F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003E7F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E7F000
|
| Size: |
4096
|
|
|
3967000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003967000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3967000
|
| Size: |
28672
|
|
|
9FF000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1180722318.00000000009FF000.00000004.00000001.01000000.00000004.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
9FF000
|
| Size: |
12288
|
|
|
EA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1213940048.0000000000EA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EA0000
|
| Size: |
16384
|
|
|
25DB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1597821576.00000000025DB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
25DB000
|
| Size: |
20480
|
|
|
2EC6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1468246441.0000000002EC6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2EC6000
|
| Size: |
36864
|
|
|
3C0F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C0F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C0F000
|
| Size: |
4096
|
|
|
D1000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000010.00000000.1500755145.00000000000D1000.00000020.00000001.01000000.0000000D.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
D1000
|
| Size: |
913408
|
|
|
3F16000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003F16000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3F16000
|
| Size: |
12288
|
|
|
2A54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000003.1660631090.0000000002A54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A54000
|
| Size: |
4096
|
|
|
392E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000392E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
392E000
|
| Size: |
4096
|
|
|
614F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1653290134.000000000614F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
614F000
|
| Size: |
4096
|
|
|
23819000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1610865305.0000000023819000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23819000
|
| Size: |
4096
|
|
|
3BA7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003BA7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BA7000
|
| Size: |
4096
|
|
|
55BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1469057911.00000000055BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
55BE000
|
| Size: |
8192
|
|
|
2E7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1468178304.0000000002E7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2E7E000
|
| Size: |
8192
|
|
|
2A74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1355528180.0000000002A74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A74000
|
| Size: |
4096
|
|
|
3CEA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003CEA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3CEA000
|
| Size: |
4096
|
|
|
3040000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.3365025333.0000000003040000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
3040000
|
| Size: |
4096
|
|
|
D00000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1213442832.0000000000D00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D00000
|
| Size: |
4096
|
|
|
38E2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000038E2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38E2000
|
| Size: |
4096
|
|
|
39B8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000039B8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39B8000
|
| Size: |
4096
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1096126062.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
36F2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216257501.00000000036F2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36F2000
|
| Size: |
4096
|
|
|
28C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1629936047.00000000028C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
28C0000
|
| Size: |
16384
|
|
|
3BA6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003BA6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BA6000
|
| Size: |
4096
|
|
|
3B5A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003B5A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B5A000
|
| Size: |
4096
|
|
|
851000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000011.00000002.1627002077.0000000000851000.00000020.00000001.01000000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
851000
|
| Size: |
81920
|
|
|
2A74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1465298906.0000000002A74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A74000
|
| Size: |
4096
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1524525961.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
64B1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1140505009.00000000064B1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
64B1000
|
| Size: |
221184
|
|
|
3F1C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003F1C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3F1C000
|
| Size: |
4096
|
|
|
3AAB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003AAB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AAB000
|
| Size: |
4096
|
|
|
37C1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1629128573.00000000037C1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37C1000
|
| Size: |
12288
|
|
|
3712000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003712000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3712000
|
| Size: |
4096
|
|
|
4DAE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1181464234.0000000004DAE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4DAE000
|
| Size: |
8192
|
|
|
38E8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000038E8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38E8000
|
| Size: |
4096
|
|
|
22F80000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1610620052.0000000022F80000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
22F80000
|
| Size: |
4096
|
|
|
52DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1629601001.00000000052DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
52DE000
|
| Size: |
8192
|
|
|
3B6E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B6E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B6E000
|
| Size: |
4096
|
|
|
3CEC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003CEC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3CEC000
|
| Size: |
12288
|
|
|
2B78000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.1661004036.0000000002B78000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B78000
|
| Size: |
90112
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1524451336.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
2AAE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1598005601.0000000002AAE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2AAE000
|
| Size: |
8192
|
|
|
3DEB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003DEB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3DEB000
|
| Size: |
4096
|
|
|
2AF0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1598040224.0000000002AF0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF0000
|
| Size: |
16384
|
|
|
3DCA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003DCA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3DCA000
|
| Size: |
4096
|
|
|
39BE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000039BE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39BE000
|
| Size: |
4096
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1178390217.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
50AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1598329342.00000000050AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
50AE000
|
| Size: |
8192
|
|
|
38CF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000038CF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38CF000
|
| Size: |
40960
|
|
|
36FD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000036FD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36FD000
|
| Size: |
4096
|
|
|
2F03000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3364361522.0000000002F03000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F03000
|
| Size: |
24576
|
|
|
3E27000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003E27000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E27000
|
| Size: |
4096
|
|
|
3AE4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003AE4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AE4000
|
| Size: |
4096
|
|
|
3A2D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003A2D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A2D000
|
| Size: |
4096
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1096323320.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
37F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000037F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37F0000
|
| Size: |
4096
|
|
|
65E5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1235105049.00000000065E5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
65E5000
|
| Size: |
36864
|
|
|
3B37000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003B37000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B37000
|
| Size: |
4096
|
|
|
3AB3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003AB3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AB3000
|
| Size: |
4096
|
|
|
3D4D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D4D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D4D000
|
| Size: |
4096
|
|
|
3DC6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003DC6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3DC6000
|
| Size: |
4096
|
|
|
27C1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1629065214.00000000027C1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
27C1000
|
| Size: |
16384
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3EF5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003EF5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3EF5000
|
| Size: |
4096
|
|
|
3AB9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003AB9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AB9000
|
| Size: |
4096
|
|
|
3B57000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B57000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B57000
|
| Size: |
4096
|
|
|
1320000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3362486965.0000000001320000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1320000
|
| Size: |
24576
|
|
|
39DB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000039DB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39DB000
|
| Size: |
4096
|
|
|
390D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000390D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
390D000
|
| Size: |
90112
|
|
|
567F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1469136039.000000000567F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
567F000
|
| Size: |
4096
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1140591077.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
3B6B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003B6B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B6B000
|
| Size: |
4096
|
|
|
5900000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1652779216.0000000005900000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5900000
|
| Size: |
36864
|
|
|
3649000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003649000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3649000
|
| Size: |
45056
|
|
|
5671000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3366740013.0000000005671000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5671000
|
| Size: |
8192
|
|
|
3D15000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D15000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D15000
|
| Size: |
12288
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1508787388.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
38C9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000038C9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38C9000
|
| Size: |
4096
|
|
|
73B2D000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1655135125.0000000073B2D000.00000004.00000001.01000000.0000000C.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
73B2D000
|
| Size: |
8192
|
|
|
3B8D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B8D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B8D000
|
| Size: |
4096
|
|
|
2F98000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3364868992.0000000002F98000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F98000
|
| Size: |
4096
|
|
|
3D64000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D64000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D64000
|
| Size: |
20480
|
|
|
664E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1654804040.000000000664E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
664E000
|
| Size: |
8192
|
|
|
3DAD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003DAD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3DAD000
|
| Size: |
12288
|
|
|
B00000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000005.00000002.1212805854.0000000000B00000.00000002.00000001.01000000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
B00000
|
| Size: |
4096
|
|
|
36ED000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000036ED000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36ED000
|
| Size: |
20480
|
|
|
38F7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000038F7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38F7000
|
| Size: |
4096
|
|
|
394E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000394E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
394E000
|
| Size: |
28672
|
|
|
CDE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1627798404.0000000000CDE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
CDE000
|
| Size: |
8192
|
|
|
2A74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1243507456.0000000002A74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A74000
|
| Size: |
4096
|
|
|
2977000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1597900856.0000000002977000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2977000
|
| Size: |
266240
|
|
|
28BC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.1660748805.00000000028BC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
28BC000
|
| Size: |
16384
|
|
|
3C7A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C7A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C7A000
|
| Size: |
4096
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1567691786.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1524289206.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
6B3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1237641431.0000000006B3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6B3E000
|
| Size: |
8192
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1096280360.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
3B0A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003B0A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B0A000
|
| Size: |
4096
|
|
|
3A81000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003A81000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A81000
|
| Size: |
4096
|
|
|
5676000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3366740013.0000000005676000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5676000
|
| Size: |
4096
|
|
|
CD1000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000000.1075233973.0000000000CD1000.00000002.00000001.01000000.00000004.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
CD1000
|
| Size: |
36864
|
|
|
D1000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000010.00000001.1501717821.00000000000D1000.00000020.00000001.01000000.0000000D.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
image loaded
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
D1000
|
| Size: |
57344
|
|
|
3CD3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003CD3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3CD3000
|
| Size: |
4096
|
|
|
2A74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1243616704.0000000002A74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A74000
|
| Size: |
4096
|
|
|
3A64000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003A64000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A64000
|
| Size: |
4096
|
|
|
3B12000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B12000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B12000
|
| Size: |
12288
|
|
|
23CB2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1611215494.0000000023CB2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23CB2000
|
| Size: |
1699840
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3D49000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D49000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D49000
|
| Size: |
12288
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1094273560.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
39C2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000039C2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39C2000
|
| Size: |
4096
|
|
|
3E7B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003E7B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E7B000
|
| Size: |
4096
|
|
|
3BF4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003BF4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BF4000
|
| Size: |
4096
|
|
|
3CB4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003CB4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3CB4000
|
| Size: |
4096
|
|
|
2FF0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1215626030.0000000002FF0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2FF0000
|
| Size: |
4096
|
|
|
D04000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1627947332.0000000000D04000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
D04000
|
| Size: |
4096
|
|
|
397B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000397B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
397B000
|
| Size: |
4096
|
|
|
73B2F000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000005.00000002.1239263632.0000000073B2F000.00000002.00000001.01000000.0000000C.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
73B2F000
|
| Size: |
12288
|
|
|
23BC6000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1611066031.0000000023BC6000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
23BC6000
|
| Size: |
512000
|
|
|
2381D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1610865305.000000002381D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2381D000
|
| Size: |
458752
|
|
|
3A92000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003A92000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A92000
|
| Size: |
4096
|
|
|
2B70000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1215017312.0000000002B70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B70000
|
| Size: |
16384
|
|
|
D89000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1213472466.0000000000D89000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D89000
|
| Size: |
36864
|
|
|
529000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000010.00000000.1500880234.0000000000529000.00000002.00000001.01000000.0000000D.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
529000
|
| Size: |
24576
|
|
|
2F40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3364763300.0000000002F40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F40000
|
| Size: |
4096
|
|
|
37B1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000037B1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37B1000
|
| Size: |
12288
|
|
|
3BF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003BF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BF0000
|
| Size: |
4096
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1524555083.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
372D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000372D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
372D000
|
| Size: |
4096
|
|
|
5141000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1466041208.0000000005141000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
5141000
|
| Size: |
4096
|
|
|
30E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3365636938.00000000030E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30E0000
|
| Size: |
36864
|
|
|
37F2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000037F2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37F2000
|
| Size: |
4096
|
|
|
3BA5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003BA5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BA5000
|
| Size: |
4096
|
|
|
3D51000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D51000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D51000
|
| Size: |
4096
|
|
|
6FC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1626436598.00000000006FC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6FC000
|
| Size: |
16384
|
|
|
37EC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000037EC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37EC000
|
| Size: |
4096
|
|
|
3030000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.3364919309.0000000003030000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
3030000
|
| Size: |
65536
|
|
|
6350000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1654145205.0000000006350000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6350000
|
| Size: |
12288
|
|
|
3B17000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003B17000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B17000
|
| Size: |
4096
|
|
|
2316E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1610664555.000000002316E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2316E000
|
| Size: |
8192
|
|
|
D26000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000002.1180738917.0000000000D26000.00000002.00000001.01000000.00000004.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
D26000
|
| Size: |
8192
|
|
|
3137000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1181171899.0000000003137000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3137000
|
| Size: |
290816
|
|
|
8D1000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000004.00000000.1075102313.00000000008D1000.00000020.00000001.01000000.00000004.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
8D1000
|
| Size: |
913408
|
|
|
3D01000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D01000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D01000
|
| Size: |
4096
|
|
|
1B0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000010.00000000.1500828332.00000000001B0000.00000002.00000001.01000000.0000000D.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
1B0000
|
| Size: |
208896
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
23830000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1198168552.0000000023830000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
23830000
|
| Size: |
4096
|
|
|
56C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3367433357.00000000056C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
56C0000
|
| Size: |
4096
|
|
|
3EE7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003EE7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3EE7000
|
| Size: |
53248
|
|
|
D10000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1213472466.0000000000D10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D10000
|
| Size: |
32768
|
|
|
3D94000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D94000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D94000
|
| Size: |
4096
|
|
|
3E66000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003E66000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E66000
|
| Size: |
4096
|
|
|
3CD1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003CD1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3CD1000
|
| Size: |
4096
|
|
|
3DAB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003DAB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3DAB000
|
| Size: |
4096
|
|
|
3822000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003822000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3822000
|
| Size: |
4096
|
|
|
3ADE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003ADE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3ADE000
|
| Size: |
20480
|
|
|
6B40000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1237780712.0000000006B40000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6B40000
|
| Size: |
53248
|
|
|
3792000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003792000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3792000
|
| Size: |
4096
|
|
|
3E42000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003E42000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E42000
|
| Size: |
4096
|
|
|
2A74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1243485949.0000000002A74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A74000
|
| Size: |
4096
|
|
|
39A1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000039A1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39A1000
|
| Size: |
4096
|
|
|
394B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000394B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
394B000
|
| Size: |
4096
|
|
|
44AD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1598073189.00000000044AD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
44AD000
|
| Size: |
12288
|
|
|
3F1F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003F1F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3F1F000
|
| Size: |
4096
|
|
|
38C7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000038C7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38C7000
|
| Size: |
4096
|
|
|
2371A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1532119091.000000002371A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2371A000
|
| Size: |
2899968
|
|
|
3794000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003794000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3794000
|
| Size: |
4096
|
|
|
3A68000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003A68000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A68000
|
| Size: |
4096
|
|
|
3A3D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003A3D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A3D000
|
| Size: |
8192
|
|
|
2EF4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3364276830.0000000002EF4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EF4000
|
| Size: |
4096
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1594954061.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
30FA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3365781377.00000000030FA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30FA000
|
| Size: |
24576
|
|
|
3D28000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D28000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D28000
|
| Size: |
20480
|
|
|
9E3000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000004.00000000.1075211489.00000000009E3000.00000008.00000001.01000000.00000004.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
9E3000
|
| Size: |
118784
|
|
|
3EFF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003EFF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3EFF000
|
| Size: |
4096
|
|
|
2CCF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1598057515.0000000002CCF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2CCF000
|
| Size: |
4096
|
|
|
D30000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000000.1075233973.0000000000D30000.00000002.00000001.01000000.00000004.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
D30000
|
| Size: |
102400
|
|
|
3636000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003636000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3636000
|
| Size: |
12288
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1096302808.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
3571000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003571000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3571000
|
| Size: |
4096
|
|
|
3A90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003A90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A90000
|
| Size: |
4096
|
|
|
3B6C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B6C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B6C000
|
| Size: |
4096
|
|
|
38FB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000038FB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38FB000
|
| Size: |
4096
|
|
|
397F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000397F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
397F000
|
| Size: |
4096
|
|
|
59EA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3367951984.00000000059EA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
59EA000
|
| Size: |
12288
|
|
|
30FB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1181156789.00000000030FB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
30FB000
|
| Size: |
20480
|
|
|
67A8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1235858081.00000000067A8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
67A8000
|
| Size: |
20480
|
|
|
6CB0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.1654877758.0000000006CB0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6CB0000
|
| Size: |
131072
|
|
|
13E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3362486965.00000000013E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
13E3000
|
| Size: |
77824
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
38E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000038E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38E0000
|
| Size: |
4096
|
|
|
3B0E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003B0E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B0E000
|
| Size: |
4096
|
|
|
3B35000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B35000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B35000
|
| Size: |
4096
|
|
|
4520000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1598108016.0000000004520000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4520000
|
| Size: |
32768
|
|
|
1B0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000010.00000002.1597336964.00000000001B0000.00000002.00000001.01000000.0000000D.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
1B0000
|
| Size: |
208896
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
4F0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1181533805.0000000004F0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4F0E000
|
| Size: |
8192
|
|
|
3659000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003659000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3659000
|
| Size: |
4096
|
|
|
61AC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1598673015.00000000061AC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
61AC000
|
| Size: |
32768
|
|
|
3A44000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003A44000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A44000
|
| Size: |
4096
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1095506981.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
243CE000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1198687529.00000000243CE000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
243CE000
|
| Size: |
512000
|
|
|
38C5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000038C5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38C5000
|
| Size: |
4096
|
|
|
63D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1654635891.00000000063D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
63D0000
|
| Size: |
65536
|
|
|
3B58000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003B58000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B58000
|
| Size: |
4096
|
|
|
D1A000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000002.1180738917.0000000000D1A000.00000002.00000001.01000000.00000004.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
D1A000
|
| Size: |
45056
|
|
|
5725000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1361213515.0000000005725000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
5725000
|
| Size: |
32768
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
2710000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1629620813.0000000002710000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2710000
|
| Size: |
24576
|
|
|
368C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000368C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
368C000
|
| Size: |
4096
|
|
|
3D36000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D36000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D36000
|
| Size: |
4096
|
|
|
399D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000399D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
399D000
|
| Size: |
4096
|
|
|
3781000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003781000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3781000
|
| Size: |
4096
|
|
|
2A40000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.1660828848.0000000002A40000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A40000
|
| Size: |
4096
|
|
|
5D9E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3368367988.0000000005D9E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5D9E000
|
| Size: |
8192
|
|
|
5CB1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1535179129.0000000005CB1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5CB1000
|
| Size: |
200704
|
|
|
3843000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003843000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3843000
|
| Size: |
4096
|
|
|
64B1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1107453353.00000000064B1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
64B1000
|
| Size: |
221184
|
|
|
2AEE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1598024402.0000000002AEE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2AEE000
|
| Size: |
8192
|
|
|
3C67000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C67000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C67000
|
| Size: |
4096
|
|
|
5BBE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1652922101.0000000005BBE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5BBE000
|
| Size: |
8192
|
|
|
8F0000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000014.00000002.1626970669.00000000008F0000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
8F0000
|
| Size: |
4096
|
|
|
62CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1234119750.00000000062CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
62CE000
|
| Size: |
8192
|
|
|
3E9C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003E9C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E9C000
|
| Size: |
4096
|
|
|
3D1F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D1F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D1F000
|
| Size: |
4096
|
|
|
6206000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1233934483.0000000006206000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6206000
|
| Size: |
40960
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1095763372.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
3A2B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003A2B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A2B000
|
| Size: |
4096
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1095546458.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
30C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3365468088.00000000030C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30C0000
|
| Size: |
36864
|
|
|
526000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000010.00000000.1500880234.0000000000526000.00000002.00000001.01000000.0000000D.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
526000
|
| Size: |
8192
|
|
|
2A54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000003.1660467999.0000000002A54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A54000
|
| Size: |
4096
|
|
|
38F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216693350.00000000038F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38F0000
|
| Size: |
65536
|
|
|
2A0F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1597900856.0000000002A0F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A0F000
|
| Size: |
36864
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
|
|
51A000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000010.00000002.1597447487.000000000051A000.00000002.00000001.01000000.0000000D.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
51A000
|
| Size: |
45056
|
|
|
3D1B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D1B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D1B000
|
| Size: |
4096
|
|
|
3AD5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003AD5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AD5000
|
| Size: |
12288
|
|
|
3D38000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D38000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D38000
|
| Size: |
4096
|
|
|
3B40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003B40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B40000
|
| Size: |
53248
|
|
|
3820000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003820000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3820000
|
| Size: |
4096
|
|
|
3655000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003655000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3655000
|
| Size: |
4096
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1096343380.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
5D8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1653040416.0000000005D8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5D8E000
|
| Size: |
8192
|
|
|
3A97000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003A97000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A97000
|
| Size: |
53248
|
|
|
3ACC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003ACC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3ACC000
|
| Size: |
32768
|
|
|
23294000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1610684681.0000000023294000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23294000
|
| Size: |
512000
|
|
|
5AAE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1232250073.0000000005AAE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5AAE000
|
| Size: |
8192
|
|
|
38B5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000038B5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38B5000
|
| Size: |
53248
|
|
|
EFB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3361459887.0000000000EFB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
EFB000
|
| Size: |
20480
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1522486232.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
25390000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1199688045.0000000025390000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
25390000
|
| Size: |
294912
|
|
|
3880000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003880000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3880000
|
| Size: |
45056
|
|
|
3C22000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C22000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C22000
|
| Size: |
4096
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1082354683.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
2396E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1198224655.000000002396E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2396E000
|
| Size: |
8192
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1524594004.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
3CE4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003CE4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3CE4000
|
| Size: |
4096
|
|
|
3AB7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003AB7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AB7000
|
| Size: |
4096
|
|
|
37DB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000037DB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37DB000
|
| Size: |
4096
|
|
|
44FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1598090983.00000000044FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
44FE000
|
| Size: |
8192
|
|
|
13C2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3362486965.00000000013C2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
13C2000
|
| Size: |
131072
|
|
|
D1000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000010.00000002.1597252657.00000000000D1000.00000020.00000001.01000000.0000000D.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
D1000
|
| Size: |
913408
|
|
|
3A39000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003A39000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A39000
|
| Size: |
4096
|
|
|
3CB2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003CB2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3CB2000
|
| Size: |
4096
|
|
|
3B56000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003B56000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B56000
|
| Size: |
4096
|
|
|
3696000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003696000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3696000
|
| Size: |
4096
|
|
|
5654000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3366740013.0000000005654000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5654000
|
| Size: |
4096
|
|
|
3CD8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003CD8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3CD8000
|
| Size: |
36864
|
|
|
2A74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1243466913.0000000002A74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A74000
|
| Size: |
4096
|
|
|
23324000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1536440952.0000000023324000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
23324000
|
| Size: |
147456
|
|
|
3932000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003932000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3932000
|
| Size: |
57344
|
|
|
2820000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1629709354.0000000002820000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2820000
|
| Size: |
4096
|
|
|
38B2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000038B2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38B2000
|
| Size: |
4096
|
|
|
202000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000010.00000001.1501747034.0000000000202000.00000002.00000001.01000000.0000000D.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
image loaded
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
202000
|
| Size: |
1331200
|
|
|
3D70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D70000
|
| Size: |
4096
|
|
|
3EB3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003EB3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3EB3000
|
| Size: |
4096
|
|
|
452A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1598108016.000000000452A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
452A000
|
| Size: |
20480
|
|
|
4870000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1598203945.0000000004870000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4870000
|
| Size: |
4096
|
|
|
6470000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.1654714519.0000000006470000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6470000
|
| Size: |
65536
|
|
|
3ABD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003ABD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3ABD000
|
| Size: |
94208
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1523444534.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
39A3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000039A3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39A3000
|
| Size: |
4096
|
|
|
3A1A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003A1A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A1A000
|
| Size: |
57344
|
|
|
3C97000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C97000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C97000
|
| Size: |
4096
|
|
|
3B1A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003B1A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B1A000
|
| Size: |
114688
|
|
|
5141000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1466865425.0000000005141000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
5141000
|
| Size: |
4096
|
|
|
2A74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1465609640.0000000002A74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A74000
|
| Size: |
4096
|
|
|
34DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630129914.00000000034DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
34DE000
|
| Size: |
8192
|
|
|
264E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1628693251.000000000264E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
264E000
|
| Size: |
8192
|
|
|
3E83000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003E83000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E83000
|
| Size: |
4096
|
|
|
3AEA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003AEA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AEA000
|
| Size: |
4096
|
|
|
135B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3362486965.000000000135B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
135B000
|
| Size: |
12288
|
|
|
3A33000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003A33000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A33000
|
| Size: |
4096
|
|
|
467F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1468287492.000000000467F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
467F000
|
| Size: |
1187840
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
3735000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003735000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3735000
|
| Size: |
8192
|
|
|
3E2D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003E2D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E2D000
|
| Size: |
57344
|
|
|
C00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1627945518.0000000000C00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
C00000
|
| Size: |
8192
|
|
|
3CCD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003CCD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3CCD000
|
| Size: |
4096
|
|
|
2700000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1629548296.0000000002700000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2700000
|
| Size: |
65536
|
|
|
3C2A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C2A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C2A000
|
| Size: |
94208
|
|
|
44A6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.1661141449.00000000044A6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
44A6000
|
| Size: |
1187840
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
38A0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1216488238.00000000038A0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
38A0000
|
| Size: |
65536
|
|
|
2A74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1465549638.0000000002A74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A74000
|
| Size: |
4096
|
|
|
73B2D000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1239232629.0000000073B2D000.00000004.00000001.01000000.0000000C.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
73B2D000
|
| Size: |
8192
|
|
|
3DB8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003DB8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3DB8000
|
| Size: |
36864
|
|
|
36F3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000036F3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36F3000
|
| Size: |
4096
|
|
|
3A65000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003A65000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A65000
|
| Size: |
4096
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1095406905.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
3E8A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003E8A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E8A000
|
| Size: |
36864
|
|
|
3B6A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B6A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B6A000
|
| Size: |
4096
|
|
|
3D9B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D9B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D9B000
|
| Size: |
61440
|
|
|
A10000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1627657933.0000000000A10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A10000
|
| Size: |
12288
|
|
|
372B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000372B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
372B000
|
| Size: |
4096
|
|
|
3C61000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C61000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C61000
|
| Size: |
4096
|
|
|
5B3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1232296590.0000000005B3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5B3E000
|
| Size: |
8192
|
|
|
3AB1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003AB1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AB1000
|
| Size: |
4096
|
|
|
2BAD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1467753457.0000000002BAD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2BAD000
|
| Size: |
12288
|
|
|
2401D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1198498080.000000002401D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2401D000
|
| Size: |
458752
|
|
|
37DD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000037DD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37DD000
|
| Size: |
8192
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1095942082.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
51EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1181634973.00000000051EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
51EE000
|
| Size: |
8192
|
|
|
5141000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1466082152.0000000005141000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
5141000
|
| Size: |
4096
|
|
|
3644000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003644000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3644000
|
| Size: |
4096
|
|
|
5918000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1232156706.0000000005918000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5918000
|
| Size: |
8192
|
|
|
3A12000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003A12000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A12000
|
| Size: |
4096
|
|
|
B6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1627627762.0000000000B6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B6E000
|
| Size: |
8192
|
|
|
6190000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.1653467631.0000000006190000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6190000
|
| Size: |
28672
|
|
|
23320000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1610832103.0000000023320000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
23320000
|
| Size: |
98304
|
|
|
3DEF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003DEF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3DEF000
|
| Size: |
4096
|
|
|
D37000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.1628284672.0000000000D37000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
D37000
|
| Size: |
4096
|
|
|
399F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000399F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
399F000
|
| Size: |
4096
|
|
|
3766000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003766000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3766000
|
| Size: |
4096
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1534548782.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
295E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1214035269.000000000295E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
295E000
|
| Size: |
8192
|
|
|
37F8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000037F8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37F8000
|
| Size: |
57344
|
|
|
2B63000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1214885880.0000000002B63000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B63000
|
| Size: |
40960
|
|
|
250C9000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1108635004.00000000250C9000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
250C9000
|
| Size: |
294912
|
|
|
12B0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.3362119008.00000000012B0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
12B0000
|
| Size: |
8192
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1096364541.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
3C03000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C03000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C03000
|
| Size: |
4096
|
|
|
23449000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1521821576.0000000023449000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23449000
|
| Size: |
2899968
|
|
|
624E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1233982594.000000000624E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
624E000
|
| Size: |
8192
|
|
|
23060000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1610643810.0000000023060000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23060000
|
| Size: |
12288
|
|
|
3A9C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003A9C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A9C000
|
| Size: |
12288
|
|
|
2A50000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.1660854715.0000000002A50000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A50000
|
| Size: |
16384
|
|
|
BB0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.1627694076.0000000000BB0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
BB0000
|
| Size: |
4096
|
|
|
59B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1181828677.00000000059B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
59B0000
|
| Size: |
4096
|
|
|
4218000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3366557966.0000000004218000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4218000
|
| Size: |
4096
|
|
|
D1A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1213472466.0000000000D1A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D1A000
|
| Size: |
12288
|
|
|
73B10000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000005.00000002.1238974447.0000000073B10000.00000002.00000001.01000000.0000000C.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
73B10000
|
| Size: |
4096
|
|
|
3F14000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003F14000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3F14000
|
| Size: |
4096
|
|
|
3926000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003926000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3926000
|
| Size: |
4096
|
|
|
117E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1214004498.000000000117E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
117E000
|
| Size: |
8192
|
|
|
5141000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1466911042.0000000005141000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
5141000
|
| Size: |
4096
|
|
|
392C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000392C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
392C000
|
| Size: |
4096
|
|
|
2C3F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630020548.0000000002C3F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C3F000
|
| Size: |
4096
|
|
|
3A5E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003A5E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A5E000
|
| Size: |
4096
|
|
|
2A74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1247933299.0000000002A74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A74000
|
| Size: |
4096
|
|
|
36CA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000036CA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36CA000
|
| Size: |
4096
|
|
|
3A31000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003A31000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A31000
|
| Size: |
4096
|
|
|
3A9A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003A9A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A9A000
|
| Size: |
4096
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1522857175.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
3D57000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D57000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D57000
|
| Size: |
4096
|
|
|
3D5B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D5B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D5B000
|
| Size: |
4096
|
|
|
3C99000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C99000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C99000
|
| Size: |
4096
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1522957854.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
3BC6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003BC6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BC6000
|
| Size: |
4096
|
|
|
3B1A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B1A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B1A000
|
| Size: |
4096
|
|
|
3E81000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003E81000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E81000
|
| Size: |
4096
|
|
|
DA7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1628368968.0000000000DA7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DA7000
|
| Size: |
155648
|
|
|
3BA2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003BA2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BA2000
|
| Size: |
4096
|
|
|
2AD3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1214586562.0000000002AD3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AD3000
|
| Size: |
512000
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1096394367.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
2B70000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.1661004036.0000000002B70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B70000
|
| Size: |
24576
|
|
|
58AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1181785399.00000000058AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
58AE000
|
| Size: |
8192
|
|
|
3DC8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003DC8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3DC8000
|
| Size: |
4096
|
|
|
3A24000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003A24000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A24000
|
| Size: |
49152
|
|
|
251C6000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1109044060.00000000251C6000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
251C6000
|
| Size: |
225280
|
|
|
395C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000395C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
395C000
|
| Size: |
4096
|
|
|
5141000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1466215610.0000000005141000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
5141000
|
| Size: |
4096
|
|
|
3C9D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C9D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C9D000
|
| Size: |
4096
|
|
|
4DB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1181480194.0000000004DB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DB0000
|
| Size: |
61440
|
|
|
363E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000363E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
363E000
|
| Size: |
4096
|
|
|
5079000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000012.00000003.1660281780.0000000005079000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
5079000
|
| Size: |
204800
|
|
|
D9E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1628336411.0000000000D9E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
D9E000
|
| Size: |
8192
|
|
|
3D09000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D09000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D09000
|
| Size: |
4096
|
|
|
3B77000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003B77000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B77000
|
| Size: |
40960
|
|
|
3A60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003A60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A60000
|
| Size: |
4096
|
|
|
3EB5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003EB5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3EB5000
|
| Size: |
4096
|
|
|
3A5D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003A5D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A5D000
|
| Size: |
4096
|
|
|
3130000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1181171899.0000000003130000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3130000
|
| Size: |
24576
|
|
|
22F7B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1610598420.0000000022F7B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
22F7B000
|
| Size: |
20480
|
|
|
69C5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1182210716.00000000069C5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
69C5000
|
| Size: |
172032
|
|
|
53DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1629622867.00000000053DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
53DE000
|
| Size: |
8192
|
|
|
3E94000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003E94000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E94000
|
| Size: |
12288
|
|
|
3EC4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003EC4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3EC4000
|
| Size: |
110592
|
|
|
3ABB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003ABB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3ABB000
|
| Size: |
4096
|
|
|
2A74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1243671559.0000000002A74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A74000
|
| Size: |
4096
|
|
|
3D03000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D03000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D03000
|
| Size: |
4096
|
|
|
3A8C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003A8C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A8C000
|
| Size: |
4096
|
|
|
7170000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1238147175.0000000007170000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7170000
|
| Size: |
131072
|
|
|
36E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216107824.00000000036E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36E0000
|
| Size: |
4096
|
|
|
DE4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1213472466.0000000000DE4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DE4000
|
| Size: |
176128
|
|
|
373A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000373A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
373A000
|
| Size: |
20480
|
|
|
71C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1238325287.00000000071C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
71C0000
|
| Size: |
65536
|
|
|
2994000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1214476538.0000000002994000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2994000
|
| Size: |
4096
|
|
|
6156000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1653379235.0000000006156000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6156000
|
| Size: |
24576
|
|
|
3738000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003738000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3738000
|
| Size: |
4096
|
|
|
3CE6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003CE6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3CE6000
|
| Size: |
4096
|
|
|
29B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1214586562.00000000029B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29B0000
|
| Size: |
1187840
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
3964000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003964000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3964000
|
| Size: |
4096
|
|
|
2A74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1243638026.0000000002A74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A74000
|
| Size: |
4096
|
|
|
3DC4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003DC4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3DC4000
|
| Size: |
4096
|
|
|
3D6C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D6C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D6C000
|
| Size: |
4096
|
|
|
2A74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1465756435.0000000002A74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A74000
|
| Size: |
4096
|
|
|
3B01000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B01000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B01000
|
| Size: |
4096
|
|
|
3AD6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003AD6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AD6000
|
| Size: |
4096
|
|
|
DCE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1628368968.0000000000DCE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DCE000
|
| Size: |
12288
|
|
|
3579000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003579000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3579000
|
| Size: |
258048
|
|
|
7D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1212679768.00000000007D0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7D0000
|
| Size: |
4096
|
|
|
3640000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003640000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3640000
|
| Size: |
4096
|
|
|
3CBC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003CBC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3CBC000
|
| Size: |
57344
|
|
|
2CF6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.1661068959.0000000002CF6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2CF6000
|
| Size: |
32768
|
|
|
529000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000010.00000002.1597447487.0000000000529000.00000002.00000001.01000000.0000000D.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
529000
|
| Size: |
24576
|
|
|
50B000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000010.00000000.1500880234.000000000050B000.00000002.00000001.01000000.0000000D.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
50B000
|
| Size: |
53248
|
|
|
750000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1626489367.0000000000750000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
750000
|
| Size: |
4096
|
|
|
3AA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003AA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AA0000
|
| Size: |
40960
|
|
|
38E4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000038E4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38E4000
|
| Size: |
12288
|
|
|
3AB1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003AB1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AB1000
|
| Size: |
4096
|
|
|
309C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3365101633.000000000309C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
309C000
|
| Size: |
4096
|
|
|
830000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1626530071.0000000000830000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
830000
|
| Size: |
8192
|
|
|
3D8C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D8C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D8C000
|
| Size: |
4096
|
|
|
37BE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000037BE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37BE000
|
| Size: |
98304
|
|
|
3C84000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C84000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C84000
|
| Size: |
4096
|
|
|
3960000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003960000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3960000
|
| Size: |
12288
|
|
|
61CF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1653640029.00000000061CF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
61CF000
|
| Size: |
4096
|
|
|
242AB000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1198687529.00000000242AB000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
242AB000
|
| Size: |
1187840
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
2F17000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.3364550404.0000000002F17000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
2F17000
|
| Size: |
4096
|
|
|
3B8E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003B8E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B8E000
|
| Size: |
4096
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1523636826.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
2790000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1628868582.0000000002790000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2790000
|
| Size: |
45056
|
|
|
27B0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000014.00000002.1629037916.00000000027B0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
27B0000
|
| Size: |
4096
|
|
|
3D3A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D3A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D3A000
|
| Size: |
4096
|
|
|
CDD000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000000.1075233973.0000000000CDD000.00000002.00000001.01000000.00000004.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
CDD000
|
| Size: |
8192
|
|
|
6950000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1236748337.0000000006950000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6950000
|
| Size: |
65536
|
|
|
563E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1652444331.000000000563E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
563E000
|
| Size: |
8192
|
|
|
3A4A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003A4A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A4A000
|
| Size: |
4096
|
|
|
5D46000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1652987645.0000000005D46000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5D46000
|
| Size: |
40960
|
|
|
377B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000377B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
377B000
|
| Size: |
4096
|
|
|
3BE4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003BE4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BE4000
|
| Size: |
28672
|
|
|
3E0A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003E0A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E0A000
|
| Size: |
4096
|
|
|
D1A000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000000.1075233973.0000000000D1A000.00000002.00000001.01000000.00000004.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
D1A000
|
| Size: |
45056
|
|
|
3EBB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003EBB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3EBB000
|
| Size: |
8192
|
|
|
CC7000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000002.1180738917.0000000000CC7000.00000002.00000001.01000000.00000004.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
CC7000
|
| Size: |
32768
|
|
|
530000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000010.00000000.1500880234.0000000000530000.00000002.00000001.01000000.0000000D.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
530000
|
| Size: |
102400
|
|
|
38AA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000038AA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38AA000
|
| Size: |
4096
|
|
|
27A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1628971755.00000000027A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
27A0000
|
| Size: |
57344
|
|
|
39D7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000039D7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39D7000
|
| Size: |
12288
|
|
|
3890000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003890000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3890000
|
| Size: |
4096
|
|
|
3BF6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003BF6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BF6000
|
| Size: |
4096
|
|
|
3928000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003928000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3928000
|
| Size: |
4096
|
|
|
36CF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000036CF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36CF000
|
| Size: |
118784
|
|
|
5CB1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1567598178.0000000005CB1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5CB1000
|
| Size: |
200704
|
|
|
5CBE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1232566360.0000000005CBE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5CBE000
|
| Size: |
8192
|
|
|
362D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000362D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
362D000
|
| Size: |
4096
|
|
|
5C4D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1652952951.0000000005C4D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5C4D000
|
| Size: |
12288
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1567671321.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
2CF0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.1661068959.0000000002CF0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2CF0000
|
| Size: |
16384
|
|
|
3BA8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003BA8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BA8000
|
| Size: |
139264
|
|
|
5045000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1243144724.0000000005045000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
5045000
|
| Size: |
163840
|
|
|
5141000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1466669699.0000000005141000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
5141000
|
| Size: |
4096
|
|
|
236F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1610865305.00000000236F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
236F0000
|
| Size: |
1196032
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
C14000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1627997955.0000000000C14000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
C14000
|
| Size: |
4096
|
|
|
3627000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003627000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3627000
|
| Size: |
20480
|
|
|
58AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1652685038.00000000058AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
58AE000
|
| Size: |
8192
|
|
|
4DD000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000010.00000002.1597447487.00000000004DD000.00000002.00000001.01000000.0000000D.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
4DD000
|
| Size: |
8192
|
|
|
23F16000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1103483849.0000000023F16000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23F16000
|
| Size: |
2899968
|
|
|
3B8A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003B8A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B8A000
|
| Size: |
4096
|
|
|
516E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1181605380.000000000516E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
516E000
|
| Size: |
8192
|
|
|
3ACA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003ACA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3ACA000
|
| Size: |
4096
|
|
|
323B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630082133.000000000323B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
323B000
|
| Size: |
4096
|
|
|
3704000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003704000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3704000
|
| Size: |
12288
|
|
|
244B5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1198856997.00000000244B5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
244B5000
|
| Size: |
1699840
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3E12000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003E12000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E12000
|
| Size: |
4096
|
|
|
4F6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1598293433.0000000004F6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4F6E000
|
| Size: |
8192
|
|
|
37AD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000037AD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37AD000
|
| Size: |
4096
|
|
|
2680000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1628806710.0000000002680000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2680000
|
| Size: |
4096
|
|
|
2DA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1468102977.0000000002DA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2DA0000
|
| Size: |
4096
|
|
|
519E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1629526893.000000000519E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
519E000
|
| Size: |
8192
|
|
|
4E2E000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1468797617.0000000004E2E000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4E2E000
|
| Size: |
24576
|
|
|
2650000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1628726730.0000000002650000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2650000
|
| Size: |
4096
|
|
|
4501000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1648777581.0000000004501000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4501000
|
| Size: |
978944
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1523551869.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
3B82000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003B82000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B82000
|
| Size: |
4096
|
|
|
38CD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000038CD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38CD000
|
| Size: |
4096
|
|
|
4EBF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1181498303.0000000004EBF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4EBF000
|
| Size: |
4096
|
|
|
D1E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1213472466.0000000000D1E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D1E000
|
| Size: |
147456
|
|
|
3623000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003623000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3623000
|
| Size: |
4096
|
|
|
3B53000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B53000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B53000
|
| Size: |
4096
|
|
|
3B54000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003B54000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B54000
|
| Size: |
4096
|
|
|
6354000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1654145205.0000000006354000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6354000
|
| Size: |
24576
|
|
|
3675000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003675000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3675000
|
| Size: |
4096
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1140855677.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
3BBC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003BBC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BBC000
|
| Size: |
4096
|
|
|
5750000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1652553313.0000000005750000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5750000
|
| Size: |
65536
|
|
|
CB8000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000005.00000002.1213367744.0000000000CB8000.00000008.00000001.01000000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
CB8000
|
| Size: |
106496
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
23E52000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1611215494.0000000023E52000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E52000
|
| Size: |
2498560
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
A75000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1627780616.0000000000A75000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A75000
|
| Size: |
20480
|
|
|
336E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1181339944.000000000336E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
336E000
|
| Size: |
8192
|
|
|
3B20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B20000
|
| Size: |
4096
|
|
|
5664000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3366740013.0000000005664000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5664000
|
| Size: |
8192
|
|
|
3617000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003617000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3617000
|
| Size: |
12288
|
|
|
3A94000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003A94000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A94000
|
| Size: |
4096
|
|
|
323F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3365988066.000000000323F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
323F000
|
| Size: |
249856
|
|
|
3CAE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003CAE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3CAE000
|
| Size: |
4096
|
|
|
C7D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1628117346.0000000000C7D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C7D000
|
| Size: |
8192
|
|
|
388C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000388C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
388C000
|
| Size: |
4096
|
|
|
2A74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1465381446.0000000002A74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A74000
|
| Size: |
4096
|
|
|
59E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3367951984.00000000059E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
59E0000
|
| Size: |
32768
|
|
|
3AEC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003AEC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AEC000
|
| Size: |
4096
|
|
|
3941000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003941000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3941000
|
| Size: |
4096
|
|
|
36C8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000036C8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36C8000
|
| Size: |
4096
|
|
|
3F21000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003F21000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3F21000
|
| Size: |
32768
|
|
|
3EFD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003EFD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3EFD000
|
| Size: |
4096
|
|
|
37E4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000037E4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37E4000
|
| Size: |
28672
|
|
|
34F0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.1630173427.00000000034F0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
34F0000
|
| Size: |
4096
|
|
|
69F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1182210716.00000000069F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
69F0000
|
| Size: |
53248
|
|
|
3B71000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003B71000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B71000
|
| Size: |
4096
|
|
|
3785000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003785000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3785000
|
| Size: |
49152
|
|
|
55FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1469095568.00000000055FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
55FF000
|
| Size: |
4096
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1522328882.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
202000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000010.00000000.1500880234.0000000000202000.00000002.00000001.01000000.0000000D.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
202000
|
| Size: |
2899968
|
|
|
6D00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1655031212.0000000006D00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6D00000
|
| Size: |
4096
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1140813533.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
61AC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1653514155.00000000061AC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
61AC000
|
| Size: |
16384
|
|
|
3BFF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003BFF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BFF000
|
| Size: |
12288
|
|
|
580D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3367750149.000000000580D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
580D000
|
| Size: |
12288
|
|
|
500F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1181562005.000000000500F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
500F000
|
| Size: |
4096
|
|
|
23171000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1610684681.0000000023171000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23171000
|
| Size: |
1187840
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
C24000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1628022360.0000000000C24000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
C24000
|
| Size: |
36864
|
|
|
3B68000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B68000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B68000
|
| Size: |
4096
|
|
|
24A14000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1536157024.0000000024A14000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
24A14000
|
| Size: |
2498560
|
|
|
5B40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1232319407.0000000005B40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5B40000
|
| Size: |
53248
|
|
|
3B89000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B89000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B89000
|
| Size: |
4096
|
|
|
62B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1653815437.00000000062B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
62B0000
|
| Size: |
40960
|
|
|
3B10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B10000
|
| Size: |
4096
|
|
|
22F2E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1598673015.0000000022F2E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
22F2E000
|
| Size: |
32768
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
850000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000011.00000002.1626970094.0000000000850000.00000002.00000001.01000000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
850000
|
| Size: |
4096
|
|
|
3E85000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003E85000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E85000
|
| Size: |
4096
|
|
|
3777000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003777000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3777000
|
| Size: |
4096
|
|
|
39CD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000039CD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39CD000
|
| Size: |
12288
|
|
|
3BD9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003BD9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BD9000
|
| Size: |
4096
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1096260623.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
3B84000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003B84000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B84000
|
| Size: |
12288
|
|
|
3B69000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003B69000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B69000
|
| Size: |
4096
|
|
|
58F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1652736947.00000000058F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
58F0000
|
| Size: |
28672
|
|
|
4BED000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.1661565366.0000000004BED000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4BED000
|
| Size: |
458752
|
|
|
3B9E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B9E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B9E000
|
| Size: |
4096
|
|
|
61C5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1598673015.00000000061C5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
61C5000
|
| Size: |
172032
|
|
|
3EFB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003EFB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3EFB000
|
| Size: |
4096
|
|
|
3C65000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C65000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C65000
|
| Size: |
4096
|
|
|
38B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000038B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38B0000
|
| Size: |
4096
|
|
|
3C05000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C05000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C05000
|
| Size: |
4096
|
|
|
3811000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003811000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3811000
|
| Size: |
4096
|
|
|
3DFC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003DFC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3DFC000
|
| Size: |
45056
|
|
|
4DB9000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1468797617.0000000004DB9000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4DB9000
|
| Size: |
4096
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1520916098.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1524069976.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
6780000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1235781823.0000000006780000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6780000
|
| Size: |
65536
|
|
|
2408E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1198498080.000000002408E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2408E000
|
| Size: |
24576
|
|
|
3A40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003A40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A40000
|
| Size: |
118784
|
|
|
3DB1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003DB1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3DB1000
|
| Size: |
4096
|
|
|
253D9000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1199688045.00000000253D9000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
253D9000
|
| Size: |
2498560
|
|
|
61A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1653514155.00000000061A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
61A0000
|
| Size: |
4096
|
|
|
3574000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003574000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3574000
|
| Size: |
8192
|
|
|
23B20000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1198389739.0000000023B20000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
23B20000
|
| Size: |
163840
|
|
|
3E3E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003E3E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E3E000
|
| Size: |
4096
|
|
|
DD2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1628368968.0000000000DD2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DD2000
|
| Size: |
36864
|
|
|
39BA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000039BA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39BA000
|
| Size: |
4096
|
|
|
C13000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000014.00000002.1627975232.0000000000C13000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
C13000
|
| Size: |
4096
|
|
|
59D0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.3367923554.00000000059D0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
59D0000
|
| Size: |
4096
|
|
|
3A92000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003A92000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A92000
|
| Size: |
12288
|
|
|
3B16000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B16000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B16000
|
| Size: |
12288
|
|
|
3B1E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B1E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B1E000
|
| Size: |
4096
|
|
|
6650000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1235393547.0000000006650000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6650000
|
| Size: |
28672
|
|
|
3762000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003762000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3762000
|
| Size: |
4096
|
|
|
6940000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1236669734.0000000006940000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6940000
|
| Size: |
65536
|
|
|
2D3F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1215047827.0000000002D3F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D3F000
|
| Size: |
290816
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
B7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1627856410.0000000000B7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B7E000
|
| Size: |
8192
|
|
|
31D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1181171899.00000000031D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
31D1000
|
| Size: |
40960
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1095572420.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
2A90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1467728350.0000000002A90000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A90000
|
| Size: |
4096
|
|
|
3BF2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003BF2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BF2000
|
| Size: |
4096
|
|
|
5980000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.3367829697.0000000005980000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5980000
|
| Size: |
65536
|
|
|
59AF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1181804546.00000000059AF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
59AF000
|
| Size: |
4096
|
|
|
38C3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000038C3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38C3000
|
| Size: |
4096
|
|
|
346E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1181381227.000000000346E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
346E000
|
| Size: |
8192
|
|
|
3D6E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D6E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D6E000
|
| Size: |
4096
|
|
|
3975000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003975000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3975000
|
| Size: |
4096
|
|
|
50B000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000010.00000002.1597447487.000000000050B000.00000002.00000001.01000000.0000000D.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
50B000
|
| Size: |
53248
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1178413157.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1095449559.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
6890000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1236040237.0000000006890000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6890000
|
| Size: |
65536
|
|
|
38AC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000038AC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38AC000
|
| Size: |
4096
|
|
|
2A74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1248042848.0000000002A74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A74000
|
| Size: |
4096
|
|
|
320E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3365933679.000000000320E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
320E000
|
| Size: |
8192
|
|
|
37AF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000037AF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37AF000
|
| Size: |
4096
|
|
|
3DF7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003DF7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3DF7000
|
| Size: |
4096
|
|
|
4F2F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1598273761.0000000004F2F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4F2F000
|
| Size: |
4096
|
|
|
3748000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003748000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3748000
|
| Size: |
4096
|
|
|
37B7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000037B7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37B7000
|
| Size: |
4096
|
|
|
2B6D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1214944316.0000000002B6D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
2B6D000
|
| Size: |
4096
|
|
|
387D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000387D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
387D000
|
| Size: |
4096
|
|
|
3EB9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003EB9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3EB9000
|
| Size: |
4096
|
|
|
3E23000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003E23000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E23000
|
| Size: |
12288
|
|
|
C60000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1628117346.0000000000C60000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C60000
|
| Size: |
24576
|
|
|
3783000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003783000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3783000
|
| Size: |
4096
|
|
|
3E7D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003E7D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E7D000
|
| Size: |
4096
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1096466347.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
3673000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003673000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3673000
|
| Size: |
4096
|
|
|
4AC0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.1661565366.0000000004AC0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4AC0000
|
| Size: |
1196032
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
FF8000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3361626331.0000000000FF8000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
FF8000
|
| Size: |
32768
|
|
|
5740000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1652494523.0000000005740000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5740000
|
| Size: |
53248
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1096053210.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
3D62000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D62000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D62000
|
| Size: |
4096
|
|
|
202000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000010.00000002.1597447487.0000000000202000.00000002.00000001.01000000.0000000D.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
202000
|
| Size: |
2899968
|
|
|
368E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000368E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
368E000
|
| Size: |
4096
|
|
|
3B88000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003B88000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B88000
|
| Size: |
4096
|
|
|
5911000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1652833417.0000000005911000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5911000
|
| Size: |
61440
|
|
|
D22000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1628160740.0000000000D22000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
D22000
|
| Size: |
4096
|
|
|
566F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1181690717.000000000566F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
566F000
|
| Size: |
4096
|
|
|
3B0B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B0B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B0B000
|
| Size: |
4096
|
|
|
38FD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000038FD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38FD000
|
| Size: |
4096
|
|
|
3856000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003856000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3856000
|
| Size: |
4096
|
|
|
3D5D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D5D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D5D000
|
| Size: |
16384
|
|
|
3679000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003679000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3679000
|
| Size: |
4096
|
|
|
375E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216403139.000000000375E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
375E000
|
| Size: |
8192
|
|
|
38DA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000038DA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38DA000
|
| Size: |
12288
|
|
|
3701000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003701000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3701000
|
| Size: |
8192
|
|
|
3690000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003690000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3690000
|
| Size: |
4096
|
|
|
2EF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3364178993.0000000002EF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EF0000
|
| Size: |
4096
|
|
|
5140000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1469018474.0000000005140000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
5140000
|
| Size: |
4096
|
|
|
29D3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1597900856.00000000029D3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29D3000
|
| Size: |
118784
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
530000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000010.00000002.1597447487.0000000000530000.00000002.00000001.01000000.0000000D.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
530000
|
| Size: |
102400
|
|
|
3B55000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B55000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B55000
|
| Size: |
4096
|
|
|
3A6A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003A6A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A6A000
|
| Size: |
4096
|
|
|
382A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000382A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
382A000
|
| Size: |
4096
|
|
|
38E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216646444.00000000038E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38E0000
|
| Size: |
65536
|
|
|
61C4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1653640029.00000000061C4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
61C4000
|
| Size: |
4096
|
|
|
2A74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1247829302.0000000002A74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A74000
|
| Size: |
4096
|
|
|
6130000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1653223175.0000000006130000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6130000
|
| Size: |
61440
|
|
|
3C93000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C93000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C93000
|
| Size: |
4096
|
|
|
3718000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003718000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3718000
|
| Size: |
12288
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1095898583.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
2F2B000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.3364723178.0000000002F2B000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
2F2B000
|
| Size: |
4096
|
|
|
28DD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1629978686.00000000028DD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
28DD000
|
| Size: |
4096
|
|
|
3C4E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C4E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C4E000
|
| Size: |
4096
|
|
|
387B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000387B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
387B000
|
| Size: |
4096
|
|
|
3A66000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003A66000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A66000
|
| Size: |
4096
|
|
|
DD0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1213472466.0000000000DD0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DD0000
|
| Size: |
12288
|
|
|
3B4E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003B4E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B4E000
|
| Size: |
4096
|
|
|
3C9B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C9B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C9B000
|
| Size: |
4096
|
|
|
3AAF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003AAF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AAF000
|
| Size: |
4096
|
|
|
3634000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003634000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3634000
|
| Size: |
4096
|
|
|
3D7E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D7E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D7E000
|
| Size: |
4096
|
|
|
3625000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003625000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3625000
|
| Size: |
4096
|
|
|
3A16000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003A16000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A16000
|
| Size: |
4096
|
|
|
3AB3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003AB3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AB3000
|
| Size: |
32768
|
|
|
6A0E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1182210716.0000000006A0E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6A0E000
|
| Size: |
24576
|
|
|
3CF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003CF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3CF0000
|
| Size: |
40960
|
|
|
5141000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1243044376.0000000005141000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
5141000
|
| Size: |
131072
|
|
|
1E3000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1597365490.00000000001E3000.00000004.00000001.01000000.0000000D.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1E3000
|
| Size: |
4096
|
|
|
3B8B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B8B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B8B000
|
| Size: |
4096
|
|
|
3AAD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003AAD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AAD000
|
| Size: |
4096
|
|
|
377D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000377D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
377D000
|
| Size: |
4096
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1594983930.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
61C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1653640029.00000000061C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
61C0000
|
| Size: |
12288
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1523261309.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1522218138.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1095631465.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
B1E000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000005.00000002.1212994374.0000000000B1E000.00000002.00000001.01000000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
B1E000
|
| Size: |
1679360
|
|
|
2A54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000003.1660521738.0000000002A54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A54000
|
| Size: |
4096
|
|
|
61A9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1653514155.00000000061A9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
61A9000
|
| Size: |
8192
|
|
|
370C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000370C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
370C000
|
| Size: |
12288
|
|
|
5141000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1466127209.0000000005141000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
5141000
|
| Size: |
4096
|
|
|
34AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1181395849.00000000034AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
34AE000
|
| Size: |
8192
|
|
|
36F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216218532.00000000036F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36F0000
|
| Size: |
4096
|
|
|
3873000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003873000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3873000
|
| Size: |
4096
|
|
|
4D1000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000010.00000002.1597447487.00000000004D1000.00000002.00000001.01000000.0000000D.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
4D1000
|
| Size: |
36864
|
|
|
3AE1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003AE1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AE1000
|
| Size: |
4096
|
|
|
610D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1233901544.000000000610D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
610D000
|
| Size: |
12288
|
|
|
3D05000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D05000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D05000
|
| Size: |
4096
|
|
|
49D5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1468426205.00000000049D5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
49D5000
|
| Size: |
290816
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
A70000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1627780616.0000000000A70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A70000
|
| Size: |
16384
|
|
|
3D2E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D2E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D2E000
|
| Size: |
28672
|
|
|
563E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1469116982.000000000563E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
563E000
|
| Size: |
8192
|
|
|
2BC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1467816296.0000000002BC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2BC0000
|
| Size: |
24576
|
|
|
4D1000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000010.00000000.1500880234.00000000004D1000.00000002.00000001.01000000.0000000D.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
4D1000
|
| Size: |
36864
|
|
|
3CFD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003CFD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3CFD000
|
| Size: |
12288
|
|
|
3892000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003892000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3892000
|
| Size: |
4096
|
|
|
62C0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.1653899907.00000000062C0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
62C0000
|
| Size: |
65536
|
|
|
1E4000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000010.00000002.1597387420.00000000001E4000.00000008.00000001.01000000.0000000D.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
1E4000
|
| Size: |
110592
|
|
|
23AA3000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1611066031.0000000023AA3000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
23AA3000
|
| Size: |
1187840
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
5040000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1468993879.0000000005040000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
5040000
|
| Size: |
86016
|
|
|
2F0A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3364361522.0000000002F0A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F0A000
|
| Size: |
12288
|
|
|
5141000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1466990755.0000000005141000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
5141000
|
| Size: |
4096
|
|
|
3930000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003930000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3930000
|
| Size: |
4096
|
|
|
1245000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3361733299.0000000001245000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1245000
|
| Size: |
12288
|
|
|
2BB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1467773418.0000000002BB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2BB0000
|
| Size: |
4096
|
|
|
3AC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003AC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AC0000
|
| Size: |
4096
|
|
|
D43000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1213472466.0000000000D43000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D43000
|
| Size: |
61440
|
|
|
4A1D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1229238582.0000000004A1D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4A1D000
|
| Size: |
323584
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
3A37000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003A37000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A37000
|
| Size: |
4096
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1522980790.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
3A96000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003A96000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A96000
|
| Size: |
4096
|
|
|
3A4E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003A4E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A4E000
|
| Size: |
57344
|
|
|
38B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216522957.00000000038B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38B0000
|
| Size: |
65536
|
|
|
5FCF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1233811613.0000000005FCF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5FCF000
|
| Size: |
4096
|
|
|
3B6D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003B6D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B6D000
|
| Size: |
4096
|
|
|
3B76000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B76000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B76000
|
| Size: |
49152
|
|
|
37A1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000037A1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37A1000
|
| Size: |
36864
|
|
|
3EAF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003EAF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3EAF000
|
| Size: |
4096
|
|
|
3779000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003779000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3779000
|
| Size: |
4096
|
|
|
4EDE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1629447510.0000000004EDE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4EDE000
|
| Size: |
8192
|
|
|
5141000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1466001205.0000000005141000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
5141000
|
| Size: |
4096
|
|
|
5690000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3367245582.0000000005690000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5690000
|
| Size: |
49152
|
|
|
2A3C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1467681718.0000000002A3C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2A3C000
|
| Size: |
16384
|
|
|
3841000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003841000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3841000
|
| Size: |
4096
|
|
|
2EC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1468246441.0000000002EC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2EC0000
|
| Size: |
16384
|
|
|
472E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1598159684.000000000472E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
472E000
|
| Size: |
8192
|
|
|
5E8000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1626562952.00000000005E8000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5E8000
|
| Size: |
32768
|
|
|
3864000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003864000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3864000
|
| Size: |
57344
|
|
|
36F5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000036F5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36F5000
|
| Size: |
4096
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1096073284.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
820000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000014.00000002.1626970669.0000000000820000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
820000
|
| Size: |
4096
|
|
|
3562000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003562000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3562000
|
| Size: |
45056
|
|
|
3B85000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B85000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B85000
|
| Size: |
12288
|
|
|
36F7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000036F7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36F7000
|
| Size: |
4096
|
|
|
3B09000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B09000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B09000
|
| Size: |
4096
|
|
|
2A9F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.1660879721.0000000002A9F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2A9F000
|
| Size: |
4096
|
|
|
E4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1213846509.0000000000E4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E4E000
|
| Size: |
8192
|
|
|
25112000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1108635004.0000000025112000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
25112000
|
| Size: |
2498560
|
|
|
3D86000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D86000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D86000
|
| Size: |
20480
|
|
|
BC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1627921329.0000000000BC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BC0000
|
| Size: |
4096
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1523319536.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
5D5D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3368235142.0000000005D5D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5D5D000
|
| Size: |
12288
|
|
|
39D1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000039D1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39D1000
|
| Size: |
4096
|
|
|
6370000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1654327412.0000000006370000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6370000
|
| Size: |
65536
|
|
|
3B8C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003B8C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B8C000
|
| Size: |
4096
|
|
|
3196000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1181171899.0000000003196000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3196000
|
| Size: |
114688
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
3AD9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003AD9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AD9000
|
| Size: |
4096
|
|
|
4E0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000010.00000000.1500880234.00000000004E0000.00000002.00000001.01000000.0000000D.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
4E0000
|
| Size: |
172032
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1178288742.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
3A18000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003A18000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A18000
|
| Size: |
4096
|
|
|
57AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1652658963.00000000057AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
57AE000
|
| Size: |
8192
|
|
|
3B37000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B37000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B37000
|
| Size: |
94208
|
|
|
28FB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1597844334.00000000028FB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
28FB000
|
| Size: |
20480
|
|
|
36A7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000036A7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36A7000
|
| Size: |
12288
|
|
|
2A54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000003.1660441440.0000000002A54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A54000
|
| Size: |
4096
|
|
|
576F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1181722876.000000000576F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
576F000
|
| Size: |
4096
|
|
|
3C51000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C51000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C51000
|
| Size: |
53248
|
|
|
3A14000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003A14000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A14000
|
| Size: |
4096
|
|
|
3CB8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003CB8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3CB8000
|
| Size: |
4096
|
|
|
3905000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003905000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3905000
|
| Size: |
28672
|
|
|
2A74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1247952264.0000000002A74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A74000
|
| Size: |
4096
|
|
|
3DB3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003DB3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3DB3000
|
| Size: |
4096
|
|
|
5D30000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1232743257.0000000005D30000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
5D30000
|
| Size: |
1667072
|
|
|
2A74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1243694985.0000000002A74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A74000
|
| Size: |
4096
|
|
|
61A2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1653514155.00000000061A2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
61A2000
|
| Size: |
8192
|
|
|
CE0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1213397284.0000000000CE0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
CE0000
|
| Size: |
4096
|
|
|
3D19000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D19000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D19000
|
| Size: |
4096
|
|
|
3945000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003945000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3945000
|
| Size: |
4096
|
|
|
62BF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1653815437.00000000062BF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
62BF000
|
| Size: |
4096
|
|
|
3B70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B70000
|
| Size: |
4096
|
|
|
594E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3367795292.000000000594E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
594E000
|
| Size: |
8192
|
|
|
3BDB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003BDB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BDB000
|
| Size: |
32768
|
|
|
385A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000385A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
385A000
|
| Size: |
4096
|
|
|
287C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.1660718537.000000000287C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
287C000
|
| Size: |
16384
|
|
|
3710000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216381662.0000000003710000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3710000
|
| Size: |
4096
|
|
|
3A29000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003A29000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A29000
|
| Size: |
4096
|
|
|
68D0000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1236334153.00000000068D0000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
68D0000
|
| Size: |
286720
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
D0B000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000002.1180738917.0000000000D0B000.00000002.00000001.01000000.00000004.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
D0B000
|
| Size: |
53248
|
|
|
3E16000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003E16000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E16000
|
| Size: |
49152
|
|
|
12C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3362214020.00000000012C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12C0000
|
| Size: |
8192
|
|
|
AFC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1212773837.0000000000AFC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
AFC000
|
| Size: |
16384
|
|
|
3EB7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003EB7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3EB7000
|
| Size: |
4096
|
|
|
3A7F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003A7F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A7F000
|
| Size: |
4096
|
|
|
3D23000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D23000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D23000
|
| Size: |
4096
|
|
|
3657000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003657000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3657000
|
| Size: |
4096
|
|
|
3D90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D90000
|
| Size: |
4096
|
|
|
1700000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3364030627.0000000001700000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1700000
|
| Size: |
4096
|
|
|
D0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000010.00000000.1500694367.00000000000D0000.00000002.00000001.01000000.0000000D.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
D0000
|
| Size: |
4096
|
|
|
C4B000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000014.00000002.1628082540.0000000000C4B000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
C4B000
|
| Size: |
4096
|
|
|
4F71000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000012.00000003.1660360920.0000000004F71000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
4F71000
|
| Size: |
200704
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1522794837.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
4A6D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1229238582.0000000004A6D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4A6D000
|
| Size: |
77824
|
|
|
6C0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000005.00000000.1140441970.00000000006C0000.00000002.00000001.01000000.00000008.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
6C0000
|
| Size: |
4096
|
|
|
3EE4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003EE4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3EE4000
|
| Size: |
4096
|
|
|
3E08000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003E08000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E08000
|
| Size: |
4096
|
|
|
36E6000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1216164564.00000000036E6000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
36E6000
|
| Size: |
8192
|
|
|
5D21000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1232682159.0000000005D21000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5D21000
|
| Size: |
61440
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1523387296.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
3BD5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003BD5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BD5000
|
| Size: |
4096
|
|
|
3879000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003879000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3879000
|
| Size: |
4096
|
|
|
69C2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1182210716.00000000069C2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
69C2000
|
| Size: |
8192
|
|
|
2A74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1243568438.0000000002A74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A74000
|
| Size: |
4096
|
|
|
39E8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000039E8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39E8000
|
| Size: |
12288
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1140620704.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
39F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000039F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39F0000
|
| Size: |
4096
|
|
|
3BEE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003BEE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BEE000
|
| Size: |
4096
|
|
|
3C7C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C7C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C7C000
|
| Size: |
4096
|
|
|
3D44000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D44000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D44000
|
| Size: |
16384
|
|
|
5CB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1598602043.0000000005CB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5CB0000
|
| Size: |
4096
|
|
|
367E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000367E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
367E000
|
| Size: |
4096
|
|
|
3A4C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003A4C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A4C000
|
| Size: |
4096
|
|
|
2DB0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1468140057.0000000002DB0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2DB0000
|
| Size: |
4096
|
|
|
2EFD000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.3364318578.0000000002EFD000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
2EFD000
|
| Size: |
4096
|
|
|
CF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1627863512.0000000000CF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
CF0000
|
| Size: |
8192
|
|
|
73B11000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000005.00000002.1239061352.0000000073B11000.00000020.00000001.01000000.0000000C.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
73B11000
|
| Size: |
86016
|
|
|
382E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000382E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
382E000
|
| Size: |
73728
|
|
|
5B60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1232414634.0000000005B60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5B60000
|
| Size: |
65536
|
|
|
3C6D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C6D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C6D000
|
| Size: |
32768
|
|
|
4E9E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1629416369.0000000004E9E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4E9E000
|
| Size: |
8192
|
|
|
61B6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1598673015.00000000061B6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
61B6000
|
| Size: |
36864
|
|
|
3B33000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B33000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B33000
|
| Size: |
4096
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1522771615.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
385E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216434439.000000000385E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
385E000
|
| Size: |
8192
|
|
|
38DE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000038DE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38DE000
|
| Size: |
4096
|
|
|
4F71000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000012.00000003.1660066020.0000000004F71000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
4F71000
|
| Size: |
131072
|
|
|
36DF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216075744.00000000036DF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
36DF000
|
| Size: |
4096
|
|
|
3EE2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003EE2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3EE2000
|
| Size: |
4096
|
|
|
3EBE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003EBE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3EBE000
|
| Size: |
20480
|
|
|
3A98000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003A98000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A98000
|
| Size: |
4096
|
|
|
3708000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003708000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3708000
|
| Size: |
12288
|
|
|
3D40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D40000
|
| Size: |
12288
|
|
|
2A74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1247909889.0000000002A74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A74000
|
| Size: |
4096
|
|
|
3BA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003BA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BA0000
|
| Size: |
4096
|
|
|
3A62000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003A62000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A62000
|
| Size: |
4096
|
|
|
3B73000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003B73000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B73000
|
| Size: |
12288
|
|
|
3ADB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003ADB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3ADB000
|
| Size: |
4096
|
|
|
3E0E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003E0E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E0E000
|
| Size: |
4096
|
|
|
38CB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000038CB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38CB000
|
| Size: |
4096
|
|
|
3B1C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B1C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B1C000
|
| Size: |
4096
|
|
|
36AB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000036AB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36AB000
|
| Size: |
4096
|
|
|
39D5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000039D5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39D5000
|
| Size: |
4096
|
|
|
A6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1627748400.0000000000A6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A6E000
|
| Size: |
8192
|
|
|
24B94000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1611910798.0000000024B94000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
24B94000
|
| Size: |
294912
|
|
|
3D72000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D72000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D72000
|
| Size: |
4096
|
|
|
3901000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003901000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3901000
|
| Size: |
4096
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1095995701.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
23B95000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1198389739.0000000023B95000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
23B95000
|
| Size: |
4096
|
|
|
249C4000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1536554533.00000000249C4000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
249C4000
|
| Size: |
204800
|
|
|
36AF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000036AF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36AF000
|
| Size: |
4096
|
|
|
2A74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1243428428.0000000002A74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A74000
|
| Size: |
4096
|
|
|
3A5F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003A5F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A5F000
|
| Size: |
12288
|
|
|
3A8E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003A8E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A8E000
|
| Size: |
4096
|
|
|
C98000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1628117346.0000000000C98000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C98000
|
| Size: |
212992
|
|
|
3C18000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C18000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C18000
|
| Size: |
4096
|
|
|
3E4A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003E4A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E4A000
|
| Size: |
110592
|
|
|
38A6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000038A6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38A6000
|
| Size: |
4096
|
|
|
687E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3368587992.000000000687E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
687E000
|
| Size: |
8192
|
|
|
4E2E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1598256748.0000000004E2E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4E2E000
|
| Size: |
8192
|
|
|
5B50000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1232361638.0000000005B50000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5B50000
|
| Size: |
65536
|
|
|
6770000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1235693863.0000000006770000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6770000
|
| Size: |
65536
|
|
|
2600000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1628644252.0000000002600000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2600000
|
| Size: |
4096
|
|
|
3C8F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C8F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C8F000
|
| Size: |
12288
|
|
|
5CB1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1508672120.0000000005CB1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5CB1000
|
| Size: |
200704
|
|
|
3E48000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003E48000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E48000
|
| Size: |
4096
|
|
|
2870000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1629781560.0000000002870000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2870000
|
| Size: |
4096
|
|
|
380F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000380F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
380F000
|
| Size: |
4096
|
|
|
3714000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003714000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3714000
|
| Size: |
4096
|
|
|
3C07000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C07000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C07000
|
| Size: |
4096
|
|
|
45C9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.1661141449.00000000045C9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45C9000
|
| Size: |
512000
|
|
|
5141000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1243324093.0000000005141000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
5141000
|
| Size: |
225280
|
|
|
3B9C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B9C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B9C000
|
| Size: |
4096
|
|
|
3A6D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003A6D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A6D000
|
| Size: |
53248
|
|
|
466F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1648777581.000000000466F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
466F000
|
| Size: |
4096
|
|
|
2940000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1597863981.0000000002940000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2940000
|
| Size: |
4096
|
|
|
530D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3366673639.000000000530D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
530D000
|
| Size: |
12288
|
|
|
3B3B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003B3B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B3B000
|
| Size: |
4096
|
|
|
3BBE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003BBE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BBE000
|
| Size: |
4096
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1095975293.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
3CCB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003CCB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3CCB000
|
| Size: |
4096
|
|
|
2EF3000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.3364233723.0000000002EF3000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
2EF3000
|
| Size: |
4096
|
|
|
36C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000036C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36C0000
|
| Size: |
4096
|
|
|
3B51000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B51000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B51000
|
| Size: |
4096
|
|
|
489E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1629170566.000000000489E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
489E000
|
| Size: |
8192
|
|
|
63CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1234189811.00000000063CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
63CE000
|
| Size: |
8192
|
|
|
A6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1627596474.0000000000A6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A6E000
|
| Size: |
8192
|
|
|
361D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000361D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
361D000
|
| Size: |
12288
|
|
|
2388E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1610865305.000000002388E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2388E000
|
| Size: |
24576
|
|
|
5DDE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3368447103.0000000005DDE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5DDE000
|
| Size: |
8192
|
|
|
3956000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003956000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3956000
|
| Size: |
12288
|
|
|
388E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000388E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
388E000
|
| Size: |
4096
|
|
|
107E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1213981686.000000000107E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
107E000
|
| Size: |
8192
|
|
|
3903000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003903000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3903000
|
| Size: |
4096
|
|
|
3AC2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003AC2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AC2000
|
| Size: |
4096
|
|
|
67D2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1235962034.00000000067D2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
67D2000
|
| Size: |
110592
|
|
|
2950000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1597883391.0000000002950000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2950000
|
| Size: |
4096
|
|
|
3642000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003642000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3642000
|
| Size: |
4096
|
|
|
69AC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1182210716.00000000069AC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
69AC000
|
| Size: |
32768
|
|
|
9E3000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1180591434.00000000009E3000.00000004.00000001.01000000.00000004.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
9E3000
|
| Size: |
4096
|
|
|
3BD7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003BD7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BD7000
|
| Size: |
4096
|
|
|
3D6A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D6A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D6A000
|
| Size: |
4096
|
|
|
2A54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000003.1660544416.0000000002A54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A54000
|
| Size: |
4096
|
|
|
35B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1181447761.00000000035B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
35B0000
|
| Size: |
4096
|
|
|
3D3E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D3E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D3E000
|
| Size: |
4096
|
|
|
2A74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1243398227.0000000002A74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A74000
|
| Size: |
4096
|
|
|
5D10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1232636022.0000000005D10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5D10000
|
| Size: |
36864
|
|
|
2960000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1214091296.0000000002960000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2960000
|
| Size: |
4096
|
|
|
3B22000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B22000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B22000
|
| Size: |
4096
|
|
|
23860000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1198198259.0000000023860000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23860000
|
| Size: |
12288
|
|
|
3E29000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003E29000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E29000
|
| Size: |
4096
|
|
|
286C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1629741991.000000000286C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
286C000
|
| Size: |
16384
|
|
|
3B08000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003B08000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B08000
|
| Size: |
4096
|
|
|
3A2F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003A2F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A2F000
|
| Size: |
4096
|
|
|
3E98000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003E98000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E98000
|
| Size: |
4096
|
|
|
5141000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1466751584.0000000005141000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
5141000
|
| Size: |
4096
|
|
|
3BD1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003BD1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BD1000
|
| Size: |
4096
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1522463303.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
37D9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000037D9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37D9000
|
| Size: |
4096
|
|
|
29A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1214557584.00000000029A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29A0000
|
| Size: |
24576
|
|
|
39EC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000039EC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39EC000
|
| Size: |
4096
|
|
|
250C1000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1108951078.00000000250C1000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
250C1000
|
| Size: |
159744
|
|
|
2D3D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1467962920.0000000002D3D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2D3D000
|
| Size: |
12288
|
|
|
3B0C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003B0C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B0C000
|
| Size: |
4096
|
|
|
7E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1212705422.00000000007E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7E0000
|
| Size: |
8192
|
|
|
55FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1652416555.00000000055FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
55FE000
|
| Size: |
8192
|
|
|
39D3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000039D3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39D3000
|
| Size: |
4096
|
|
|
39A9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000039A9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39A9000
|
| Size: |
32768
|
|
|
3943000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003943000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3943000
|
| Size: |
4096
|
|
|
3744000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003744000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3744000
|
| Size: |
4096
|
|
|
3C76000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C76000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C76000
|
| Size: |
12288
|
|
|
3B27000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B27000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B27000
|
| Size: |
45056
|
|
|
380B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000380B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
380B000
|
| Size: |
12288
|
|
|
68B0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1236193815.00000000068B0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
68B0000
|
| Size: |
65536
|
|
|
3B15000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003B15000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B15000
|
| Size: |
4096
|
|
|
3CCF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003CCF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3CCF000
|
| Size: |
4096
|
|
|
3DCC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003DCC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3DCC000
|
| Size: |
4096
|
|
|
3AF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003AF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AF0000
|
| Size: |
4096
|
|
|
9B0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000000.1075173535.00000000009B0000.00000002.00000001.01000000.00000004.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
9B0000
|
| Size: |
208896
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
3EC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1626013508.00000000003EC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3EC000
|
| Size: |
16384
|
|
|
3EF7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003EF7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3EF7000
|
| Size: |
4096
|
|
|
5656000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3366740013.0000000005656000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5656000
|
| Size: |
4096
|
|
|
CDD000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000002.1180738917.0000000000CDD000.00000002.00000001.01000000.00000004.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
CDD000
|
| Size: |
8192
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1522747201.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
2F1A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.3364588701.0000000002F1A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
2F1A000
|
| Size: |
4096
|
|
|
5F0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1653121459.0000000005F0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5F0E000
|
| Size: |
8192
|
|
|
4CEE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1598221563.0000000004CEE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4CEE000
|
| Size: |
8192
|
|
|
36FB000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1216357545.00000000036FB000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
36FB000
|
| Size: |
4096
|
|
|
36B5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000036B5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36B5000
|
| Size: |
40960
|
|
|
6360000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.1654249648.0000000006360000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6360000
|
| Size: |
65536
|
|
|
6920000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1236519440.0000000006920000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6920000
|
| Size: |
40960
|
|
|
6930000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1236590393.0000000006930000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6930000
|
| Size: |
65536
|
|
|
15EF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3363923662.00000000015EF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
15EF000
|
| Size: |
4096
|
|
|
2A54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000003.1660498327.0000000002A54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A54000
|
| Size: |
4096
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1140564979.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
4952000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1229238582.0000000004952000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4952000
|
| Size: |
827392
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
3B0D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B0D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B0D000
|
| Size: |
8192
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1567648045.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
2B40000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.1660957358.0000000002B40000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B40000
|
| Size: |
4096
|
|
|
3C24000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C24000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C24000
|
| Size: |
4096
|
|
|
4CE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1629236329.0000000004CE0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CE0000
|
| Size: |
32768
|
|
|
3E68000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003E68000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E68000
|
| Size: |
4096
|
|
|
38F9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000038F9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38F9000
|
| Size: |
4096
|
|
|
5247000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1243246834.0000000005247000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
5247000
|
| Size: |
229376
|
|
|
3BAE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003BAE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BAE000
|
| Size: |
53248
|
|
|
D18000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1627998638.0000000000D18000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
D18000
|
| Size: |
20480
|
|
|
3100000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3365891161.0000000003100000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3100000
|
| Size: |
4096
|
|
|
5760000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.1652623206.0000000005760000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
5760000
|
| Size: |
20480
|
|
|
CD1000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000002.1180738917.0000000000CD1000.00000002.00000001.01000000.00000004.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
CD1000
|
| Size: |
36864
|
|
|
23C44000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1095123209.0000000023C44000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23C44000
|
| Size: |
2899968
|
|
|
3EE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003EE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3EE0000
|
| Size: |
4096
|
|
|
D93000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1213472466.0000000000D93000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D93000
|
| Size: |
221184
|
|
|
6970000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1237015288.0000000006970000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
6970000
|
| Size: |
802816
|
|
|
529F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1629552834.000000000529F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
529F000
|
| Size: |
4096
|
|
|
3BEC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003BEC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BEC000
|
| Size: |
4096
|
|
|
3D0C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D0C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D0C000
|
| Size: |
32768
|
|
|
D20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1628135324.0000000000D20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
D20000
|
| Size: |
4096
|
|
|
2F20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3364625149.0000000002F20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F20000
|
| Size: |
4096
|
|
|
3A36000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003A36000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A36000
|
| Size: |
53248
|
|
|
3680000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003680000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3680000
|
| Size: |
45056
|
|
|
5141000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1466550661.0000000005141000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
5141000
|
| Size: |
4096
|
|
|
3A6C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003A6C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A6C000
|
| Size: |
118784
|
|
|
3F1A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003F1A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3F1A000
|
| Size: |
4096
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1522887990.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1524379548.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
4B73000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1229238582.0000000004B73000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4B73000
|
| Size: |
1867776
|
|
|
3B6F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003B6F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B6F000
|
| Size: |
4096
|
|
|
60FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3368549094.00000000060FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
60FE000
|
| Size: |
8192
|
|
|
3809000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003809000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3809000
|
| Size: |
4096
|
|
|
3949000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003949000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3949000
|
| Size: |
4096
|
|
|
248C0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1611745602.00000000248C0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
248C0000
|
| Size: |
147456
|
|
|
2BC8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1467816296.0000000002BC8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2BC8000
|
| Size: |
184320
|
|
|
379A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000379A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
379A000
|
| Size: |
4096
|
|
|
3646000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003646000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3646000
|
| Size: |
4096
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1523878309.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
49B3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1648777581.00000000049B3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
49B3000
|
| Size: |
135168
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1567718574.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
24019000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1198498080.0000000024019000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
24019000
|
| Size: |
4096
|
|
|
3630000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003630000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3630000
|
| Size: |
12288
|
|
|
396F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000396F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
396F000
|
| Size: |
20480
|
|
|
2397A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1198245466.000000002397A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2397A000
|
| Size: |
1187840
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
4DEF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1598239838.0000000004DEF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4DEF000
|
| Size: |
4096
|
|
|
5E0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1653095749.0000000005E0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5E0E000
|
| Size: |
8192
|
|
|
37AB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000037AB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37AB000
|
| Size: |
4096
|
|
|
2F10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3364514272.0000000002F10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F10000
|
| Size: |
4096
|
|
|
660F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1235216999.000000000660F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
660F000
|
| Size: |
4096
|
|
|
369A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000369A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
369A000
|
| Size: |
49152
|
|
|
4A1E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1468426205.0000000004A1E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4A1E000
|
| Size: |
2498560
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
3677000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003677000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3677000
|
| Size: |
4096
|
|
|
249CB000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1536157024.00000000249CB000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
249CB000
|
| Size: |
294912
|
|
|
61F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1598673015.00000000061F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
61F0000
|
| Size: |
53248
|
|
|
2A74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1465523519.0000000002A74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A74000
|
| Size: |
4096
|
|
|
D26000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000000.1075233973.0000000000D26000.00000002.00000001.01000000.00000004.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
D26000
|
| Size: |
8192
|
|
|
5C7F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1232504979.0000000005C7F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5C7F000
|
| Size: |
4096
|
|
|
4C5E000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.1661565366.0000000004C5E000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4C5E000
|
| Size: |
24576
|
|
|
2A74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1465852940.0000000002A74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A74000
|
| Size: |
4096
|
|
|
39F6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000039F6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39F6000
|
| Size: |
4096
|
|
|
3981000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003981000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3981000
|
| Size: |
102400
|
|
|
1E3000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000010.00000000.1500857646.00000000001E3000.00000008.00000001.01000000.0000000D.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
1E3000
|
| Size: |
118784
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1522075620.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
64B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1182164845.00000000064B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
64B0000
|
| Size: |
4096
|
|
|
73B26000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000005.00000002.1239181944.0000000073B26000.00000002.00000001.01000000.0000000C.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
73B26000
|
| Size: |
28672
|
|
|
3C69000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C69000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C69000
|
| Size: |
4096
|
|
|
3C48000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C48000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C48000
|
| Size: |
4096
|
|
|
384E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000384E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
384E000
|
| Size: |
28672
|
|
|
3CFB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003CFB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3CFB000
|
| Size: |
4096
|
|
|
1368000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3362486965.0000000001368000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1368000
|
| Size: |
151552
|
|
|
278E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1628835459.000000000278E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
278E000
|
| Size: |
8192
|
|
|
3740000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003740000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3740000
|
| Size: |
12288
|
|
|
3C6B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C6B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C6B000
|
| Size: |
4096
|
|
|
3D74000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D74000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D74000
|
| Size: |
32768
|
|
|
6215000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1598673015.0000000006215000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6215000
|
| Size: |
98304
|
|
|
3E6F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003E6F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E6F000
|
| Size: |
36864
|
|
|
3B59000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B59000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B59000
|
| Size: |
16384
|
|
|
371F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000371F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
371F000
|
| Size: |
12288
|
|
|
299D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1214514866.000000000299D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
299D000
|
| Size: |
4096
|
|
|
39F2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000039F2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39F2000
|
| Size: |
4096
|
|
|
2F27000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.3364668287.0000000002F27000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
2F27000
|
| Size: |
4096
|
|
|
3815000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003815000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3815000
|
| Size: |
40960
|
|
|
4EB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1626525252.00000000004EB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4EB000
|
| Size: |
20480
|
|
|
3D21000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D21000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D21000
|
| Size: |
4096
|
|
|
3E79000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003E79000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E79000
|
| Size: |
4096
|
|
|
3A10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003A10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A10000
|
| Size: |
4096
|
|
|
2A74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1465324737.0000000002A74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A74000
|
| Size: |
4096
|
|
|
3AAB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003AAB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AAB000
|
| Size: |
12288
|
|
|
3813000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003813000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3813000
|
| Size: |
4096
|
|
|
1240000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3361733299.0000000001240000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1240000
|
| Size: |
16384
|
|
|
38EA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000038EA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38EA000
|
| Size: |
32768
|
|
|
3B4F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B4F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B4F000
|
| Size: |
4096
|
|
|
D32000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1628258602.0000000000D32000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
D32000
|
| Size: |
4096
|
|
|
385E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000385E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
385E000
|
| Size: |
4096
|
|
|
37B5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000037B5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37B5000
|
| Size: |
4096
|
|
|
2EBF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1468226601.0000000002EBF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2EBF000
|
| Size: |
4096
|
|
|
3764000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003764000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3764000
|
| Size: |
4096
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1095734391.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
462F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1598143564.000000000462F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
462F000
|
| Size: |
4096
|
|
|
395A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000395A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
395A000
|
| Size: |
4096
|
|
|
130E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3362289982.000000000130E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
130E000
|
| Size: |
8192
|
|
|
2A74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1355475542.0000000002A74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A74000
|
| Size: |
4096
|
|
|
69FF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1182210716.00000000069FF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
69FF000
|
| Size: |
45056
|
|
|
3D53000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D53000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D53000
|
| Size: |
12288
|
|
|
279C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1628868582.000000000279C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
279C000
|
| Size: |
4096
|
|
|
39C4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000039C4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39C4000
|
| Size: |
32768
|
|
|
39BC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000039BC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39BC000
|
| Size: |
4096
|
|
|
B15000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000005.00000002.1212865294.0000000000B15000.00000002.00000001.01000000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
B15000
|
| Size: |
28672
|
|
|
3B24000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B24000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B24000
|
| Size: |
4096
|
|
|
3746000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003746000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3746000
|
| Size: |
4096
|
|
|
D0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000010.00000002.1597203159.00000000000D0000.00000002.00000001.01000000.0000000D.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
D0000
|
| Size: |
4096
|
|
|
5685000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3366740013.0000000005685000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5685000
|
| Size: |
36864
|
|
|
3ADF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003ADF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3ADF000
|
| Size: |
4096
|
|
|
D3B000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.1628312807.0000000000D3B000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
D3B000
|
| Size: |
4096
|
|
|
E5F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1628616127.0000000000E5F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E5F000
|
| Size: |
4096
|
|
|
3CBA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003CBA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3CBA000
|
| Size: |
4096
|
|
|
76C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1212642157.000000000076C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
76C000
|
| Size: |
16384
|
|
|
62D0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.1653972450.00000000062D0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
62D0000
|
| Size: |
65536
|
|
|
2A54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000003.1660575532.0000000002A54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A54000
|
| Size: |
4096
|
|
|
5DB9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1598673015.0000000005DB9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5DB9000
|
| Size: |
4136960
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
5660000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3366740013.0000000005660000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5660000
|
| Size: |
8192
|
|
|
D30000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000002.1180738917.0000000000D30000.00000002.00000001.01000000.00000004.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
D30000
|
| Size: |
102400
|
|
|
26F0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.1629479273.00000000026F0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
26F0000
|
| Size: |
65536
|
|
|
3DF5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003DF5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3DF5000
|
| Size: |
4096
|
|
|
D29000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000000.1075233973.0000000000D29000.00000002.00000001.01000000.00000004.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
D29000
|
| Size: |
24576
|
|
|
A20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1627697628.0000000000A20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A20000
|
| Size: |
12288
|
|
|
3B39000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003B39000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B39000
|
| Size: |
4096
|
|
|
3AC6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003AC6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AC6000
|
| Size: |
12288
|
|
|
DDC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1628368968.0000000000DDC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DDC000
|
| Size: |
253952
|
|
|
3AF3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003AF3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AF3000
|
| Size: |
53248
|
|
|
CC7000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000000.1075233973.0000000000CC7000.00000002.00000001.01000000.00000004.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
CC7000
|
| Size: |
32768
|
|
|
37F6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000037F6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37F6000
|
| Size: |
4096
|
|
|
3CD5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003CD5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3CD5000
|
| Size: |
4096
|
|
|
47A2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1468287492.00000000047A2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
47A2000
|
| Size: |
512000
|
|
|
2EE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3364128167.0000000002EE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EE0000
|
| Size: |
8192
|
|
|
3D98000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D98000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D98000
|
| Size: |
4096
|
|
|
D26000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.1628207490.0000000000D26000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
D26000
|
| Size: |
8192
|
|
|
2D7F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1468027953.0000000002D7F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2D7F000
|
| Size: |
4096
|
|
|
1FF000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1597419030.00000000001FF000.00000004.00000001.01000000.0000000D.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1FF000
|
| Size: |
12288
|
|
|
372F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000372F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
372F000
|
| Size: |
4096
|
|
|
62AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1653783677.00000000062AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
62AE000
|
| Size: |
8192
|
|
|
4E50000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1629387538.0000000004E50000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4E50000
|
| Size: |
4096
|
|
|
3C12000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C12000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C12000
|
| Size: |
20480
|
|
|
3C09000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C09000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C09000
|
| Size: |
12288
|
|
|
60BC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3368503695.00000000060BC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
60BC000
|
| Size: |
16384
|
|
|
1270000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3362033555.0000000001270000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1270000
|
| Size: |
4096
|
|
|
51AF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1598346277.00000000051AF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
51AF000
|
| Size: |
4096
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1095790631.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
3CE8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003CE8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3CE8000
|
| Size: |
4096
|
|
|
38F3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000038F3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38F3000
|
| Size: |
12288
|
|
|
2990000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1214307398.0000000002990000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2990000
|
| Size: |
12288
|
|
|
3250000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1181321708.0000000003250000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3250000
|
| Size: |
16384
|
|
|
36C2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000036C2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36C2000
|
| Size: |
4096
|
|
|
2F8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3364806133.0000000002F8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2F8E000
|
| Size: |
8192
|
|
|
3E14000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003E14000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E14000
|
| Size: |
4096
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1096211340.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
3AE5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003AE5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AE5000
|
| Size: |
4096
|
|
|
3A67000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003A67000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A67000
|
| Size: |
4096
|
|
|
2A74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1465685227.0000000002A74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A74000
|
| Size: |
4096
|
|
|
3ADD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003ADD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3ADD000
|
| Size: |
4096
|
|
|
586F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1181744026.000000000586F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
586F000
|
| Size: |
4096
|
|
|
9B0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000002.1180553657.00000000009B0000.00000002.00000001.01000000.00000004.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
9B0000
|
| Size: |
208896
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
37B9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000037B9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37B9000
|
| Size: |
16384
|
|
|
3C95000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C95000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C95000
|
| Size: |
4096
|
|
|
395E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000395E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
395E000
|
| Size: |
4096
|
|
|
39E6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000039E6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39E6000
|
| Size: |
4096
|
|
|
39B2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000039B2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39B2000
|
| Size: |
20480
|
|
|
308D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3365064039.000000000308D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
308D000
|
| Size: |
12288
|
|
|
58EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1652711323.00000000058EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
58EE000
|
| Size: |
8192
|
|
|
C8A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1628117346.0000000000C8A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C8A000
|
| Size: |
12288
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1096021074.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
3848000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003848000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3848000
|
| Size: |
20480
|
|
|
3875000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003875000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3875000
|
| Size: |
12288
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1096105872.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1523507723.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
3501000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003501000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3501000
|
| Size: |
176128
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1524206597.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
3C26000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C26000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C26000
|
| Size: |
4096
|
|
|
5B70000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1232475605.0000000005B70000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
5B70000
|
| Size: |
20480
|
|
|
3DB6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003DB6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3DB6000
|
| Size: |
4096
|
|
|
D13000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1627998638.0000000000D13000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
D13000
|
| Size: |
16384
|
|
|
28B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1629868428.00000000028B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
28B0000
|
| Size: |
65536
|
|
|
6660000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1235434069.0000000006660000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6660000
|
| Size: |
65536
|
|
|
3AA5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003AA5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AA5000
|
| Size: |
4096
|
|
|
526000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000010.00000002.1597447487.0000000000526000.00000002.00000001.01000000.0000000D.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
526000
|
| Size: |
8192
|
|
|
2993000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1214424900.0000000002993000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
2993000
|
| Size: |
4096
|
|
|
3C0D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C0D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C0D000
|
| Size: |
4096
|
|
|
3BDB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003BDB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BDB000
|
| Size: |
4096
|
|
|
63C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1654599549.00000000063C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
63C0000
|
| Size: |
20480
|
|
|
36B1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000036B1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36B1000
|
| Size: |
12288
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1567779490.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
6A0B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1182210716.0000000006A0B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6A0B000
|
| Size: |
8192
|
|
|
343E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1215659817.000000000343E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
343E000
|
| Size: |
1667072
|
|
|
86C000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1627298150.000000000086C000.00000004.00000001.01000000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
86C000
|
| Size: |
8192
|
|
|
3D1D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D1D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D1D000
|
| Size: |
4096
|
|
|
628E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1234056951.000000000628E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
628E000
|
| Size: |
8192
|
|
|
6C2000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000005.00000000.1140464457.00000000006C2000.00000002.00000001.01000000.00000008.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
6C2000
|
| Size: |
94208
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
3B72000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B72000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B72000
|
| Size: |
4096
|
|
|
2A74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1465443169.0000000002A74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A74000
|
| Size: |
4096
|
|
|
134D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3362486965.000000000134D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
134D000
|
| Size: |
53248
|
|
|
3B5D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003B5D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B5D000
|
| Size: |
45056
|
|
|
2377B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1198140708.000000002377B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2377B000
|
| Size: |
20480
|
|
|
4BE9000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.1661565366.0000000004BE9000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4BE9000
|
| Size: |
4096
|
|
|
23EF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1198498080.0000000023EF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23EF0000
|
| Size: |
1196032
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
3A46000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003A46000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A46000
|
| Size: |
4096
|
|
|
D2A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.1628235017.0000000000D2A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
D2A000
|
| Size: |
4096
|
|
|
3B10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003B10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B10000
|
| Size: |
4096
|
|
|
3DF1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003DF1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3DF1000
|
| Size: |
4096
|
|
|
39A7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000039A7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39A7000
|
| Size: |
4096
|
|
|
676E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1235645252.000000000676E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
676E000
|
| Size: |
8192
|
|
|
3E0C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003E0C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E0C000
|
| Size: |
4096
|
|
|
3E87000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003E87000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E87000
|
| Size: |
8192
|
|
|
3BC8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003BC8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BC8000
|
| Size: |
4096
|
|
|
36EA000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1216191553.00000000036EA000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
36EA000
|
| Size: |
4096
|
|
|
3D92000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D92000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D92000
|
| Size: |
4096
|
|
|
4C7000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000010.00000000.1500880234.00000000004C7000.00000002.00000001.01000000.0000000D.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
4C7000
|
| Size: |
32768
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1096171597.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1524136605.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1095427240.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
3CB6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003CB6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3CB6000
|
| Size: |
4096
|
|
|
4807000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.1661304071.0000000004807000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4807000
|
| Size: |
290816
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
D1D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.1628100870.0000000000D1D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
D1D000
|
| Size: |
4096
|
|
|
251C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1199570459.00000000251C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
251C0000
|
| Size: |
1884160
|
|
|
3E9A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003E9A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E9A000
|
| Size: |
4096
|
|
|
3A83000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003A83000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A83000
|
| Size: |
4096
|
|
|
162E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3363983978.000000000162E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
162E000
|
| Size: |
8192
|
|
|
4DE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1629287175.0000000004DE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4DE0000
|
| Size: |
20480
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1095814628.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
D29000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000002.1180738917.0000000000D29000.00000002.00000001.01000000.00000004.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
D29000
|
| Size: |
24576
|
|
|
3B03000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B03000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B03000
|
| Size: |
20480
|
|
|
379C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000379C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
379C000
|
| Size: |
4096
|
|
|
6A15000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1182210716.0000000006A15000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6A15000
|
| Size: |
98304
|
|
|
4DBD000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1468797617.0000000004DBD000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4DBD000
|
| Size: |
458752
|
|
|
3896000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003896000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3896000
|
| Size: |
4096
|
|
|
3BD3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003BD3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BD3000
|
| Size: |
4096
|
|
|
3860000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003860000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3860000
|
| Size: |
4096
|
|
|
3C42000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C42000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C42000
|
| Size: |
4096
|
|
|
506F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1598312005.000000000506F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
506F000
|
| Size: |
4096
|
|
|
D00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1627889407.0000000000D00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
D00000
|
| Size: |
12288
|
|
|
2CFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1467938377.0000000002CFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2CFE000
|
| Size: |
8192
|
|
|
3B91000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003B91000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B91000
|
| Size: |
69632
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1523168015.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
62F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1654117804.00000000062F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
62F0000
|
| Size: |
4096
|
|
|
3BA4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003BA4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BA4000
|
| Size: |
4096
|
|
|
3090000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3365101633.0000000003090000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3090000
|
| Size: |
45056
|
|
|
CF0000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1213421166.0000000000CF0000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
CF0000
|
| Size: |
4096
|
|
|
38C0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1216613281.00000000038C0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
38C0000
|
| Size: |
4096
|
|
|
3807000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003807000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3807000
|
| Size: |
4096
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1096442805.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
36F9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000036F9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36F9000
|
| Size: |
4096
|
|
|
482F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1598181429.000000000482F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
482F000
|
| Size: |
4096
|
|
|
385C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000385C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
385C000
|
| Size: |
4096
|
|
|
CE0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000000.1075233973.0000000000CE0000.00000002.00000001.01000000.00000004.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
CE0000
|
| Size: |
172032
|
|
|
9E4000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000004.00000002.1180705283.00000000009E4000.00000008.00000001.01000000.00000004.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
9E4000
|
| Size: |
110592
|
|
|
56B0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1469155521.00000000056B0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
56B0000
|
| Size: |
4096
|
|
|
668F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1235498497.000000000668F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
668F000
|
| Size: |
4096
|
|
|
2372E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1182210716.000000002372E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2372E000
|
| Size: |
32768
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3E44000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003E44000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E44000
|
| Size: |
4096
|
|
|
3DF3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003DF3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3DF3000
|
| Size: |
4096
|
|
|
3716000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003716000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3716000
|
| Size: |
4096
|
|
|
3710000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003710000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3710000
|
| Size: |
4096
|
|
|
382C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000382C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
382C000
|
| Size: |
4096
|
|
|
3A48000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003A48000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A48000
|
| Size: |
4096
|
|
|
36AD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000036AD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36AD000
|
| Size: |
4096
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1213472466.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
212992
|
|
|
3769000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003769000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3769000
|
| Size: |
53248
|
|
|
2DDB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1181137842.0000000002DDB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2DDB000
|
| Size: |
20480
|
|
|
3862000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003862000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3862000
|
| Size: |
4096
|
|
|
4DD000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000010.00000000.1500880234.00000000004DD000.00000002.00000001.01000000.0000000D.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
4DD000
|
| Size: |
8192
|
|
|
3A7B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003A7B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A7B000
|
| Size: |
4096
|
|
|
C82000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1628117346.0000000000C82000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C82000
|
| Size: |
28672
|
|
|
DA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1628368968.0000000000DA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DA0000
|
| Size: |
24576
|
|
|
3D59000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D59000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D59000
|
| Size: |
4096
|
|
|
3798000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003798000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3798000
|
| Size: |
4096
|
|
|
1328000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3362486965.0000000001328000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1328000
|
| Size: |
90112
|
|
|
3C80000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C80000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C80000
|
| Size: |
12288
|
|
|
39DD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000039DD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39DD000
|
| Size: |
32768
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1523724809.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
249C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1611801355.00000000249C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
249C0000
|
| Size: |
1884160
|
|
|
3723000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003723000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3723000
|
| Size: |
4096
|
|
|
3EF9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003EF9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3EF9000
|
| Size: |
4096
|
|
|
3E3C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003E3C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E3C000
|
| Size: |
4096
|
|
|
3977000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003977000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3977000
|
| Size: |
4096
|
|
|
3BCA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003BCA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BCA000
|
| Size: |
49152
|
|
|
3BA3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003BA3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BA3000
|
| Size: |
4096
|
|
|
2970000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1597900856.0000000002970000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2970000
|
| Size: |
20480
|
|
|
573E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1652469165.000000000573E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
573E000
|
| Size: |
8192
|
|
|
D10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1627998638.0000000000D10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
D10000
|
| Size: |
4096
|
|
|
3DED000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003DED000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3DED000
|
| Size: |
4096
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1567738338.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
6153000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1653379235.0000000006153000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6153000
|
| Size: |
8192
|
|
|
3C1A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C1A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C1A000
|
| Size: |
20480
|
|
|
30B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3365411426.00000000030B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30B0000
|
| Size: |
28672
|
|
|
3898000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003898000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3898000
|
| Size: |
53248
|
|
|
8D1000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000004.00000002.1180479722.00000000008D1000.00000020.00000001.01000000.00000004.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
8D1000
|
| Size: |
913408
|
|
|
39A5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000039A5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39A5000
|
| Size: |
4096
|
|
|
37EE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000037EE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37EE000
|
| Size: |
4096
|
|
|
3A33000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003A33000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A33000
|
| Size: |
12288
|
|
|
3E40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003E40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E40000
|
| Size: |
4096
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1524653526.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
3BDD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003BDD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BDD000
|
| Size: |
4096
|
|
|
68A0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1236133187.00000000068A0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
68A0000
|
| Size: |
65536
|
|
|
6600000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1235216999.0000000006600000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6600000
|
| Size: |
57344
|
|
|
2A74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1243593574.0000000002A74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A74000
|
| Size: |
4096
|
|
|
3B83000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B83000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B83000
|
| Size: |
4096
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1095922475.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
38AE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000038AE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38AE000
|
| Size: |
4096
|
|
|
38A8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000038A8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38A8000
|
| Size: |
4096
|
|
|
3BCB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003BCB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BCB000
|
| Size: |
12288
|
|
|
37D7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000037D7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37D7000
|
| Size: |
4096
|
|
|
BBE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1627888228.0000000000BBE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
BBE000
|
| Size: |
8192
|
|
|
248C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1532394194.00000000248C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
248C0000
|
| Size: |
5603328
|
|
|
3AEE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003AEE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AEE000
|
| Size: |
4096
|
|
|
3C28000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C28000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C28000
|
| Size: |
4096
|
|
|
3C7E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C7E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C7E000
|
| Size: |
4096
|
|
|
6390000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.1654530815.0000000006390000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6390000
|
| Size: |
53248
|
|
|
BD0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1627754017.0000000000BD0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BD0000
|
| Size: |
16384
|
|
|
3B74000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B74000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B74000
|
| Size: |
4096
|
|
|
E90000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1213887758.0000000000E90000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
E90000
|
| Size: |
4096
|
|
|
64B1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1082322121.00000000064B1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
64B1000
|
| Size: |
221184
|
|
|
5AFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1232276307.0000000005AFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5AFE000
|
| Size: |
8192
|
|
|
3EB1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003EB1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3EB1000
|
| Size: |
4096
|
|
|
250C0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1199516902.00000000250C0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
250C0000
|
| Size: |
4096
|
|
|
36E2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216137298.00000000036E2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36E2000
|
| Size: |
4096
|
|
|
2A70000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1467704987.0000000002A70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A70000
|
| Size: |
16384
|
|
|
3621000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003621000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3621000
|
| Size: |
4096
|
|
|
26E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1629460647.00000000026E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
26E0000
|
| Size: |
4096
|
|
|
3C63000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C63000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C63000
|
| Size: |
4096
|
|
|
61C6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1653640029.00000000061C6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
61C6000
|
| Size: |
32768
|
|
|
36C6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000036C6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36C6000
|
| Size: |
4096
|
|
|
3D25000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D25000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D25000
|
| Size: |
4096
|
|
|
3211000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3365988066.0000000003211000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3211000
|
| Size: |
172032
|
|
|
61C2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1598673015.00000000061C2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
61C2000
|
| Size: |
8192
|
|
|
CE0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000002.1180738917.0000000000CE0000.00000002.00000001.01000000.00000004.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
CE0000
|
| Size: |
172032
|
|
|
2A74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1465348833.0000000002A74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A74000
|
| Size: |
4096
|
|
|
36CC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000036CC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36CC000
|
| Size: |
4096
|
|
|
6960000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1236882862.0000000006960000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6960000
|
| Size: |
65536
|
|
|
3C4C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C4C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C4C000
|
| Size: |
4096
|
|
|
36C4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000036C4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36C4000
|
| Size: |
4096
|
|
|
3A6A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003A6A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A6A000
|
| Size: |
4096
|
|
|
3D80000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D80000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D80000
|
| Size: |
20480
|
|
|
3A31000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003A31000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A31000
|
| Size: |
4096
|
|
|
3733000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003733000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3733000
|
| Size: |
4096
|
|
|
3C9F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C9F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C9F000
|
| Size: |
4096
|
|
|
65B9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1182210716.00000000065B9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
65B9000
|
| Size: |
4136960
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
B1C000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1212954659.0000000000B1C000.00000004.00000001.01000000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B1C000
|
| Size: |
8192
|
|
|
250C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1103812997.00000000250C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
250C0000
|
| Size: |
5603328
|
|
|
4C90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1468797617.0000000004C90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4C90000
|
| Size: |
1196032
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
51A000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000010.00000000.1500880234.000000000051A000.00000002.00000001.01000000.0000000D.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
51A000
|
| Size: |
45056
|
|
|
3D3C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003D3C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D3C000
|
| Size: |
4096
|
|
|
3DC2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003DC2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3DC2000
|
| Size: |
4096
|
|
|
4211000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3366557966.0000000004211000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4211000
|
| Size: |
24576
|
|
|
3A8A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003A8A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A8A000
|
| Size: |
4096
|
|
|
3BF8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003BF8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BF8000
|
| Size: |
24576
|
|
|
6440000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1234258298.0000000006440000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
6440000
|
| Size: |
1482752
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1095663740.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
3AE7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003AE7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AE7000
|
| Size: |
131072
|
|
|
8D0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000000.1075088560.00000000008D0000.00000002.00000001.01000000.00000004.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
8D0000
|
| Size: |
4096
|
|
|
3AE3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003AE3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AE3000
|
| Size: |
4096
|
|
|
69B6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1182210716.00000000069B6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
69B6000
|
| Size: |
36864
|
|
|
36FB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000036FB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36FB000
|
| Size: |
4096
|
|
|
6125000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1653167921.0000000006125000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6125000
|
| Size: |
36864
|
|
|
509F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1629480882.000000000509F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
509F000
|
| Size: |
4096
|
|
|
2B50000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.1660980301.0000000002B50000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2B50000
|
| Size: |
4096
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1522406796.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
3BA9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003BA9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BA9000
|
| Size: |
4096
|
|
|
3A87000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003A87000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A87000
|
| Size: |
40960
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1096233826.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
35AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1181414140.00000000035AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
35AE000
|
| Size: |
8192
|
|
|
3BAB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003BAB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BAB000
|
| Size: |
4096
|
|
|
36FF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000036FF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36FF000
|
| Size: |
4096
|
|
|
3A85000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003A85000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A85000
|
| Size: |
4096
|
|
|
4E0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000010.00000002.1597447487.00000000004E0000.00000002.00000001.01000000.0000000D.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
4E0000
|
| Size: |
172032
|
|
|
D0D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.1627973298.0000000000D0D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
D0D000
|
| Size: |
4096
|
|
|
A02000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000002.1180738917.0000000000A02000.00000002.00000001.01000000.00000004.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
A02000
|
| Size: |
2899968
|
|
|
5141000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1466170030.0000000005141000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
5141000
|
| Size: |
4096
|
|
|
3BD7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003BD7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BD7000
|
| Size: |
12288
|
|
|
3EAD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003EAD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3EAD000
|
| Size: |
4096
|
|
|
51AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1181621287.00000000051AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
51AE000
|
| Size: |
8192
|
|
|
3C44000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C44000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C44000
|
| Size: |
4096
|
|
|
3692000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003692000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3692000
|
| Size: |
4096
|
|
|
BAE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1627661794.0000000000BAE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
BAE000
|
| Size: |
8192
|
|
|
3B52000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003B52000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B52000
|
| Size: |
4096
|
|
|
B01000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000005.00000002.1212834500.0000000000B01000.00000020.00000001.01000000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
B01000
|
| Size: |
81920
|
|
|
392A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000392A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
392A000
|
| Size: |
4096
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1522652936.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
30F6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3365781377.00000000030F6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30F6000
|
| Size: |
8192
|
|
|
371C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000371C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
371C000
|
| Size: |
8192
|
|
|
E8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1213870282.0000000000E8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E8E000
|
| Size: |
8192
|
|
|
4F70000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.1661791426.0000000004F70000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
4F70000
|
| Size: |
4096
|
|
|
3CB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003CB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3CB0000
|
| Size: |
4096
|
|
|
2A54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000003.1660102229.0000000002A54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A54000
|
| Size: |
4096
|
|
|
3B8F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B8F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B8F000
|
| Size: |
4096
|
|
|
3828000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003828000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3828000
|
| Size: |
4096
|
|
|
2648000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1629418781.0000000002648000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2648000
|
| Size: |
8192
|
|
|
60CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1233868539.00000000060CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
60CE000
|
| Size: |
8192
|
|
|
CE0000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1627837787.0000000000CE0000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
CE0000
|
| Size: |
4096
|
|
|
2AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1523015616.0000000002AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF4000
|
| Size: |
4096
|
|
|
2A74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1465930467.0000000002A74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A74000
|
| Size: |
4096
|
|
|
2920000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.1660775095.0000000002920000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2920000
|
| Size: |
4096
|
|
|
3BC2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003BC2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BC2000
|
| Size: |
4096
|
|
|
3B5E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003B5E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B5E000
|
| Size: |
36864
|
|
|
5220000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1181659021.0000000005220000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5220000
|
| Size: |
4096
|
|
|
39EE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000039EE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39EE000
|
| Size: |
4096
|
|
|
3F01000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003F01000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3F01000
|
| Size: |
4096
|
|
|
2B60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1214885880.0000000002B60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B60000
|
| Size: |
4096
|
|
|
2A74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1243090725.0000000002A74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A74000
|
| Size: |
4096
|
|
|
3C5F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C5F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C5F000
|
| Size: |
4096
|
|
|
3731000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003731000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3731000
|
| Size: |
4096
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1096190503.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
3BC4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003BC4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BC4000
|
| Size: |
4096
|
|
|
D0B000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000000.1075233973.0000000000D0B000.00000002.00000001.01000000.00000004.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
D0B000
|
| Size: |
53248
|
|
|
6794000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1235858081.0000000006794000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6794000
|
| Size: |
20480
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1140677426.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
377F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000377F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
377F000
|
| Size: |
4096
|
|
|
1730000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3364069281.0000000001730000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1730000
|
| Size: |
16384
|
|
|
3E6A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003E6A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E6A000
|
| Size: |
16384
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1140659106.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
4E2E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1629354445.0000000004E2E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4E2E000
|
| Size: |
8192
|
|
|
30EC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3365636938.00000000030EC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30EC000
|
| Size: |
16384
|
|
|
3A7D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003A7D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A7D000
|
| Size: |
4096
|
|
|
30CA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3365468088.00000000030CA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30CA000
|
| Size: |
24576
|
|
|
3725000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003725000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3725000
|
| Size: |
20480
|
|
|
4E70000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.1661765235.0000000004E70000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
4E70000
|
| Size: |
20480
|
|
|
3DCF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003DCF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3DCF000
|
| Size: |
110592
|
|
|
3C4A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003C4A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C4A000
|
| Size: |
4096
|
|
|
62E0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.1654041804.00000000062E0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
62E0000
|
| Size: |
65536
|
|
|
3EA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003EA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3EA0000
|
| Size: |
4096
|
|
|
23A9D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1198245466.0000000023A9D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23A9D000
|
| Size: |
512000
|
|
|
2980000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1214190500.0000000002980000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2980000
|
| Size: |
8192
|
|
|
3CE2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216754524.0000000003CE2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3CE2000
|
| Size: |
4096
|
|
|
38FF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.00000000038FF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38FF000
|
| Size: |
4096
|
|
|
4C7000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000010.00000002.1597447487.00000000004C7000.00000002.00000001.01000000.0000000D.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
4C7000
|
| Size: |
32768
|
|
|
930000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.1627629002.0000000000930000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
930000
|
| Size: |
4096
|
|
|
A02000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000000.1075233973.0000000000A02000.00000002.00000001.01000000.00000004.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
A02000
|
| Size: |
2899968
|
|
|
7190000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1238266818.0000000007190000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7190000
|
| Size: |
20480
|
|
|
3254000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1095608977.0000000003254000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3254000
|
| Size: |
4096
|
|
|
36F7000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1216278863.00000000036F7000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
36F7000
|
| Size: |
4096
|
|
|
2A3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.1660803159.0000000002A3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2A3E000
|
| Size: |
8192
|
|
|
2A74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1247859616.0000000002A74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A74000
|
| Size: |
4096
|
|
|
3AA7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003AA7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AA7000
|
| Size: |
4096
|
|
|
3924000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003924000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3924000
|
| Size: |
4096
|
|
|
379E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.000000000379E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
379E000
|
| Size: |
4096
|
|
|
3AC4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.1630229801.0000000003AC4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AC4000
|
| Size: |
4096
|
|
|
2ADE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.1660902496.0000000002ADE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2ADE000
|
| Size: |
8192
|
|
|
5678000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.3366740013.0000000005678000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5678000
|
| Size: |
4096
|
|
