|
797A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360161791501.000000000797A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
797A000
|
| Size: |
8192
|
|
|
7FD30000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.359775378136.000000007FD30000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7FD30000
|
| Size: |
1110016
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3941000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360084822071.0000000003941000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3941000
|
| Size: |
4096
|
|
|
1C49000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037192057.0000000001C49000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C49000
|
| Size: |
208896
|
|
|
199000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361029709557.0000000000199000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
199000
|
| Size: |
28672
|
|
|
79A3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360767107687.00000000079A3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79A3000
|
| Size: |
45056
|
|
|
76E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360149575363.000000000076E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
76E000
|
| Size: |
77824
|
|
|
1C35000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360155858612.0000000001C35000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C35000
|
| Size: |
8192
|
|
|
24A9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360150932608.00000000024A9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24A9000
|
| Size: |
24576
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360140334524.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360148860336.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
7944000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361040096534.0000000007944000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7944000
|
| Size: |
20480
|
|
|
7A15000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360767107687.0000000007A15000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7A15000
|
| Size: |
40960
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
225E000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.360152027259.000000000225E000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
225E000
|
| Size: |
4096
|
|
|
2300000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360146554288.0000000002300000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2300000
|
| Size: |
4096
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360097724113.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
7951000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360768889428.0000000007951000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7951000
|
| Size: |
36864
|
|
|
1C8A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037371386.0000000001C8A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C8A000
|
| Size: |
73728
|
|
|
B5E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360150811408.0000000000B5E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B5E000
|
| Size: |
8192
|
|
|
79E9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360765967433.00000000079E9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79E9000
|
| Size: |
176128
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360151130282.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360151449978.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
8192
|
|
|
7922000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360768103740.0000000007922000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7922000
|
| Size: |
40960
|
|
|
44C8000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361039172066.00000000044C8000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
44C8000
|
| Size: |
4096
|
|
|
4522000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361039172066.0000000004522000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4522000
|
| Size: |
12288
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360151643571.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
8192
|
|
|
7A9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360149814985.00000000007A9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7A9000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360150879819.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
797000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360149814985.0000000000797000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
797000
|
| Size: |
4096
|
|
|
610000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360149338229.0000000000610000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
610000
|
| Size: |
16384
|
|
|
7DA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360150569685.00000000007DA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7DA000
|
| Size: |
12288
|
|
|
7EE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360148264387.00000000007EE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7EE000
|
| Size: |
8192
|
|
|
7CD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360150473874.00000000007CD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7CD000
|
| Size: |
36864
|
|
|
397D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360144748771.000000000397D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
397D000
|
| Size: |
28672
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360153098832.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
8192
|
|
|
79A1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360767684820.00000000079A1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79A1000
|
| Size: |
8192
|
|
|
23B2000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360146554288.00000000023B2000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
23B2000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360149576856.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360153297978.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
230E000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360146554288.000000000230E000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
230E000
|
| Size: |
8192
|
|
|
7E6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360148264387.00000000007E6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7E6000
|
| Size: |
4096
|
|
|
41A000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000004.00000002.361030134580.000000000041A000.00000020.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
41A000
|
| Size: |
4640768
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
79B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360765967433.00000000079B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79B0000
|
| Size: |
4096
|
|
|
79FF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360192333937.00000000079FF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79FF000
|
| Size: |
4096
|
|
|
797C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360159233203.000000000797C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
797C000
|
| Size: |
4096
|
|
|
79B2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360768385214.00000000079B2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79B2000
|
| Size: |
4096
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360097122911.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
1BB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360148183534.0000000001BB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1BB4000
|
| Size: |
4096
|
|
|
1BB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360146826975.0000000001BB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1BB4000
|
| Size: |
4096
|
|
|
797A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360767684820.000000000797A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
797A000
|
| Size: |
8192
|
|
|
29A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.360153781409.00000000029A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29A0000
|
| Size: |
4096
|
|
|
4CAF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361039964730.0000000004CAF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4CAF000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360153779230.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
8192
|
|
|
6882000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360141673655.0000000006882000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
6882000
|
| Size: |
6545408
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360150338799.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
7966000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361040396927.0000000007966000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7966000
|
| Size: |
28672
|
|
|
7FE41000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.359775378136.000000007FE41000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7FE41000
|
| Size: |
57344
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360154186500.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360150843660.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
793A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360768103740.000000000793A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
793A000
|
| Size: |
8192
|
|
|
2340000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.360152027259.0000000002340000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2340000
|
| Size: |
4096
|
|
|
3350000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.359778647699.0000000003350000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3350000
|
| Size: |
12288
|
|
|
79D5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361040783798.00000000079D5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79D5000
|
| Size: |
77824
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
17E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361029709557.000000000017E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
17E000
|
| Size: |
8192
|
|
|
1161000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000004.00000002.361033599336.0000000001161000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
1161000
|
| Size: |
9814016
|
|
|
2373000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.360152027259.0000000002373000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2373000
|
| Size: |
4096
|
|
|
3647000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360145823459.0000000003647000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3647000
|
| Size: |
40960
|
|
|
7BC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.359827124745.00000000007BC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7BC000
|
| Size: |
122880
|
|
|
23F8000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360146554288.00000000023F8000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
23F8000
|
| Size: |
8192
|
|
|
792D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360768652676.000000000792D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
792D000
|
| Size: |
4096
|
|
|
1C7D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360156387125.0000000001C7D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C7D000
|
| Size: |
8192
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360153341472.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
3683000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360145823459.0000000003683000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3683000
|
| Size: |
4096
|
|
|
2274000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.360152027259.0000000002274000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2274000
|
| Size: |
4096
|
|
|
4561000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361039172066.0000000004561000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4561000
|
| Size: |
8192
|
|
|
1BB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360148267788.0000000001BB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1BB4000
|
| Size: |
4096
|
|
|
2356000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.360152027259.0000000002356000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2356000
|
| Size: |
4096
|
|
|
23AA000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360146554288.00000000023AA000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
23AA000
|
| Size: |
8192
|
|
|
79A5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360768571308.00000000079A5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79A5000
|
| Size: |
16384
|
|
|
1C54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360156036933.0000000001C54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C54000
|
| Size: |
135168
|
|
|
18D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360148800100.000000000018D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
18D000
|
| Size: |
8192
|
|
|
A39000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361031314244.0000000000A39000.00000004.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
A39000
|
| Size: |
8192
|
|
|
4533000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361039172066.0000000004533000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4533000
|
| Size: |
4096
|
|
|
A6E000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.361031967039.0000000000A6E000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
A6E000
|
| Size: |
118784
|
|
|
23C5000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360146554288.00000000023C5000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
23C5000
|
| Size: |
8192
|
|
|
73BF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361040024458.00000000073BF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
73BF000
|
| Size: |
16384
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360151309915.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360149166350.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360151868807.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
417000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.360153322133.0000000000417000.00000004.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
417000
|
| Size: |
12288
|
|
|
7951000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360768829864.0000000007951000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7951000
|
| Size: |
36864
|
|
|
15E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361029709557.000000000015E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
15E000
|
| Size: |
8192
|
|
|
1BB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360147660134.0000000001BB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1BB4000
|
| Size: |
4096
|
|
|
7966000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360765967433.0000000007966000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7966000
|
| Size: |
45056
|
|
|
1CA5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360769257263.0000000001CA5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CA5000
|
| Size: |
8192
|
|
|
3AB8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037915554.0000000003AB8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3AB8000
|
| Size: |
28672
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360095981117.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
1ADD000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.361035993514.0000000001ADD000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
1ADD000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360149335391.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
2423000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360146554288.0000000002423000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2423000
|
| Size: |
12288
|
|
|
2431000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360146554288.0000000002431000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2431000
|
| Size: |
12288
|
|
|
79B4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360765967433.00000000079B4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79B4000
|
| Size: |
102400
|
|
|
401000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000004.00000002.361030134580.0000000000401000.00000020.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
401000
|
| Size: |
77824
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Detected Delphi use of System.ParamCount |
System Summary |
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360148497910.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360152325760.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
8192
|
|
|
7A15000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360767899257.0000000007A15000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7A15000
|
| Size: |
40960
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360147545298.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
225280
|
|
|
1BB5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361036460928.0000000001BB5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1BB5000
|
| Size: |
4096
|
|
|
1C30000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360154848028.0000000001C30000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C30000
|
| Size: |
114688
|
|
|
79A5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361040615016.00000000079A5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79A5000
|
| Size: |
16384
|
|
|
796E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361040467910.000000000796E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
796E000
|
| Size: |
12288
|
|
|
3BF1000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037975123.0000000003BF1000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3BF1000
|
| Size: |
16384
|
|
|
79DC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360192333937.00000000079DC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79DC000
|
| Size: |
32768
|
|
|
4A6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361039863547.0000000004A6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4A6E000
|
| Size: |
8192
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360097568535.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
7944000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360768103740.0000000007944000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7944000
|
| Size: |
40960
|
|
|
1C7D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360768969924.0000000001C7D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C7D000
|
| Size: |
40960
|
|
|
1C87000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360768918843.0000000001C87000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C87000
|
| Size: |
131072
|
|
|
54A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.360153475540.000000000054A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
54A000
|
| Size: |
12288
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360153378500.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
A44000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361031314244.0000000000A44000.00000004.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
A44000
|
| Size: |
163840
|
|
|
1BB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360147690194.0000000001BB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1BB4000
|
| Size: |
4096
|
|
|
363F000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360145823459.000000000363F000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
363F000
|
| Size: |
28672
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360152950887.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360154007601.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
79B4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360767107687.00000000079B4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79B4000
|
| Size: |
102400
|
|
|
44FC000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361039172066.00000000044FC000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
44FC000
|
| Size: |
12288
|
|
|
25CC000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.360151726804.00000000025CC000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
25CC000
|
| Size: |
73728
|
|
|
7C2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360149814985.00000000007C2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7C2000
|
| Size: |
4096
|
|
|
3AC0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037975123.0000000003AC0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3AC0000
|
| Size: |
155648
|
|
|
191000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360148800100.0000000000191000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
191000
|
| Size: |
61440
|
|
|
792D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361040096534.000000000792D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
792D000
|
| Size: |
4096
|
|
|
79B4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360768385214.00000000079B4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79B4000
|
| Size: |
40960
|
|
|
500000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360149106215.0000000000500000.00000004.00000001.01000000.00000004.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
500000
|
| Size: |
12288
|
|
|
500000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000002.00000000.359777866177.0000000000500000.00000008.00000001.01000000.00000004.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
500000
|
| Size: |
12288
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360153255501.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
887000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361031314244.0000000000887000.00000004.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
887000
|
| Size: |
237568
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| SQL strings found in memory and binary data |
System Summary |
|
|
|
4552000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361039172066.0000000004552000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4552000
|
| Size: |
8192
|
|
|
1ABD000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.361035699091.0000000001ABD000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
1ABD000
|
| Size: |
4096
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360094755727.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
1C7D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360156036933.0000000001C7D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C7D000
|
| Size: |
8192
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360152451127.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
8192
|
|
|
796D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360768533204.000000000796D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
796D000
|
| Size: |
16384
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360097399875.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
7E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360150569685.00000000007E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7E1000
|
| Size: |
8192
|
|
|
79B4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361040647156.00000000079B4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79B4000
|
| Size: |
40960
|
|
|
79B2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361040647156.00000000079B2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79B2000
|
| Size: |
4096
|
|
|
1C32000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361036602696.0000000001C32000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C32000
|
| Size: |
57344
|
|
|
18F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361029709557.000000000018F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
18F000
|
| Size: |
4096
|
|
|
397D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360151463815.000000000397D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
397D000
|
| Size: |
4096
|
|
|
1C79000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360157163259.0000000001C79000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C79000
|
| Size: |
4096
|
|
|
7D9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360148264387.00000000007D9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7D9000
|
| Size: |
16384
|
|
|
44DF000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361039172066.00000000044DF000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
44DF000
|
| Size: |
4096
|
|
|
1C4D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360157163259.0000000001C4D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C4D000
|
| Size: |
167936
|
|
|
A5F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360150770366.0000000000A5F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A5F000
|
| Size: |
4096
|
|
|
43ED000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361039139906.00000000043ED000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
43ED000
|
| Size: |
12288
|
|
|
9C3000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361031314244.00000000009C3000.00000004.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
9C3000
|
| Size: |
430080
|
|
|
793A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360768652676.000000000793A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
793A000
|
| Size: |
8192
|
|
|
7B1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360149814985.00000000007B1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7B1000
|
| Size: |
8192
|
|
|
3611000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360145823459.0000000003611000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3611000
|
| Size: |
4096
|
|
|
3981000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360151463815.0000000003981000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3981000
|
| Size: |
4096
|
|
|
AB4F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361041084995.000000000AB4F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
AB4F000
|
| Size: |
4096
|
|
|
A190000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361041005282.000000000A190000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A190000
|
| Size: |
65536
|
|
|
3C40000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361038953695.0000000003C40000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3C40000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360153432650.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
3916000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037726532.0000000003916000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3916000
|
| Size: |
36864
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360151718981.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
798C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360159233203.000000000798C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
798C000
|
| Size: |
8192
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360151527133.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
226D000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.360152027259.000000000226D000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
226D000
|
| Size: |
4096
|
|
|
1C8E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360157163259.0000000001C8E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C8E000
|
| Size: |
200704
|
|
|
7D5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.359923497711.00000000007D5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7D5000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360151988725.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
8192
|
|
|
781000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360145519196.0000000000781000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
781000
|
| Size: |
94208
|
|
|
30000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361029520006.0000000000030000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
30000
|
| Size: |
4096
|
|
|
415000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000004.00000002.361030134580.0000000000415000.00000020.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
415000
|
| Size: |
12288
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360149096130.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360152720763.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360151378818.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
79B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360149814985.000000000079B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79B000
|
| Size: |
4096
|
|
|
79A1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360765967433.00000000079A1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79A1000
|
| Size: |
53248
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360096530418.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360154151045.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
7972000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360161791501.0000000007972000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7972000
|
| Size: |
24576
|
|
|
3AF0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037975123.0000000003AF0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3AF0000
|
| Size: |
4096
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360097455445.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360095134289.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
3941000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360151427390.0000000003941000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3941000
|
| Size: |
4096
|
|
|
397F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360151463815.000000000397F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
397F000
|
| Size: |
4096
|
|
|
3983000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360145125275.0000000003983000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3983000
|
| Size: |
4096
|
|
|
1CA9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037594799.0000000001CA9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CA9000
|
| Size: |
24576
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360150074712.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
79F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360147896075.000000000079F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79F000
|
| Size: |
8192
|
|
|
30000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.360153131780.0000000000030000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
30000
|
| Size: |
4096
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360096200994.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360095876529.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
1C54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360155858612.0000000001C54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C54000
|
| Size: |
135168
|
|
|
24A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360150932608.00000000024A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24A0000
|
| Size: |
12288
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360152528977.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
8192
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360144988526.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
EFB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361041154588.000000000EFB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
EFB0000
|
| Size: |
4096
|
|
|
19D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.360153233534.000000000019D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
19D000
|
| Size: |
12288
|
|
|
400000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000002.361030064221.0000000000400000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
400000
|
| Size: |
4096
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360095558154.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360084995938.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
8192
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360096376100.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360096318182.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
795B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361040365197.000000000795B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
795B000
|
| Size: |
8192
|
|
|
3BCD000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037975123.0000000003BCD000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3BCD000
|
| Size: |
8192
|
|
|
50B000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000002.00000000.359777866177.000000000050B000.00000008.00000001.01000000.00000004.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
50B000
|
| Size: |
16384
|
|
|
73B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361040024458.00000000073B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
73B0000
|
| Size: |
53248
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360151785496.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
367A000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360145823459.000000000367A000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
367A000
|
| Size: |
12288
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360085237761.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
365D000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360145823459.000000000365D000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
365D000
|
| Size: |
8192
|
|
|
347E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360151240429.000000000347E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
347E000
|
| Size: |
8192
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360152875137.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
795A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360768356977.000000000795A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
795A000
|
| Size: |
12288
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360152760482.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
25C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360151077201.00000000025C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
25C0000
|
| Size: |
4096
|
|
|
1BB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360148312341.0000000001BB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1BB4000
|
| Size: |
4096
|
|
|
3B52000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037975123.0000000003B52000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3B52000
|
| Size: |
8192
|
|
|
A8C000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.361031967039.0000000000A8C000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
A8C000
|
| Size: |
7163904
|
|
|
784000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360149814985.0000000000784000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
784000
|
| Size: |
8192
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360085157134.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
3B59000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037975123.0000000003B59000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3B59000
|
| Size: |
36864
|
|
|
79B2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360765967433.00000000079B2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79B2000
|
| Size: |
4096
|
|
|
66C0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360141673655.00000000066C0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
66C0000
|
| Size: |
1581056
|
|
|
A3F000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361031314244.0000000000A3F000.00000004.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
A3F000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360153060173.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
1C9C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360769068501.0000000001C9C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C9C000
|
| Size: |
45056
|
|
|
34BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360151274187.00000000034BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
34BE000
|
| Size: |
8192
|
|
|
792D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360768103740.000000000792D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
792D000
|
| Size: |
4096
|
|
|
227B000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.360152027259.000000000227B000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
227B000
|
| Size: |
4096
|
|
|
7D7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360150473874.00000000007D7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7D7000
|
| Size: |
4096
|
|
|
1C7D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360769161292.0000000001C7D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C7D000
|
| Size: |
40960
|
|
|
412000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.360153322133.0000000000412000.00000004.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
412000
|
| Size: |
16384
|
|
|
796D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360159233203.000000000796D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
796D000
|
| Size: |
4096
|
|
|
2315000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360146554288.0000000002315000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2315000
|
| Size: |
8192
|
|
|
7931000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360768652676.0000000007931000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7931000
|
| Size: |
32768
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
2A90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360151174143.0000000002A90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A90000
|
| Size: |
4096
|
|
|
50B000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360149168875.000000000050B000.00000004.00000001.01000000.00000004.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
50B000
|
| Size: |
8192
|
|
|
3983000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360151463815.0000000003983000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3983000
|
| Size: |
4096
|
|
|
232E000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360146554288.000000000232E000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
232E000
|
| Size: |
450560
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360097175157.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
3982000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360085066505.0000000003982000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3982000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360154081312.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
76A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360149575363.000000000076A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
76A000
|
| Size: |
12288
|
|
|
1B30000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361036388427.0000000001B30000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B30000
|
| Size: |
16384
|
|
|
3BB8000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037975123.0000000003BB8000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3BB8000
|
| Size: |
45056
|
|
|
7C6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360147896075.00000000007C6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7C6000
|
| Size: |
4096
|
|
|
79BE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360767899257.00000000079BE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79BE000
|
| Size: |
61440
|
|
|
42AD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361039078247.00000000042AD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
42AD000
|
| Size: |
12288
|
|
|
22A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.360152027259.00000000022A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
22A0000
|
| Size: |
4096
|
|
|
8F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361029604304.000000000008F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8F000
|
| Size: |
69632
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360150293565.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360153815355.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
8192
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360152158543.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
1BB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360148024833.0000000001BB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1BB4000
|
| Size: |
4096
|
|
|
795F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360765967433.000000000795F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
795F000
|
| Size: |
4096
|
|
|
3673000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360145823459.0000000003673000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3673000
|
| Size: |
4096
|
|
|
34C0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360141608716.00000000034C0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
34C0000
|
| Size: |
16384
|
|
|
7956000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360162028428.0000000007956000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7956000
|
| Size: |
16384
|
|
|
760000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360149575363.0000000000760000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
760000
|
| Size: |
36864
|
|
|
400000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.359773680049.0000000000400000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
400000
|
| Size: |
4096
|
|
|
2364000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.360152027259.0000000002364000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2364000
|
| Size: |
8192
|
|
|
1BB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360147812704.0000000001BB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1BB4000
|
| Size: |
4096
|
|
|
1C44000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360156036933.0000000001C44000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C44000
|
| Size: |
8192
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360150435142.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
2B50000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360151209208.0000000002B50000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B50000
|
| Size: |
4096
|
|
|
234F000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.360152027259.000000000234F000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
234F000
|
| Size: |
4096
|
|
|
2601000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.360151726804.0000000002601000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2601000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360153845675.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
8192
|
|
|
397D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360145125275.000000000397D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
397D000
|
| Size: |
12288
|
|
|
2299000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.360152027259.0000000002299000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2299000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360148717812.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360149700918.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
79B2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360767107687.00000000079B2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79B2000
|
| Size: |
4096
|
|
|
3B16000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037975123.0000000003B16000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3B16000
|
| Size: |
8192
|
|
|
2320000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.360152027259.0000000002320000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2320000
|
| Size: |
77824
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360151345819.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
3B06000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037975123.0000000003B06000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3B06000
|
| Size: |
8192
|
|
|
500000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.360153433860.0000000000500000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
500000
|
| Size: |
4096
|
|
|
1C40000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360768969924.0000000001C40000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C40000
|
| Size: |
245760
|
|
|
4568000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361039172066.0000000004568000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4568000
|
| Size: |
16384
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360095444441.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
7987000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360767684820.0000000007987000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7987000
|
| Size: |
102400
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360152911100.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
2438000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360146554288.0000000002438000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2438000
|
| Size: |
8192
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360149752753.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360140149092.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360151007126.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
8192
|
|
|
3B8C000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037975123.0000000003B8C000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3B8C000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3B31000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037975123.0000000003B31000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3B31000
|
| Size: |
4096
|
|
|
16B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361029709557.000000000016B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
16B000
|
| Size: |
20480
|
|
|
7F3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360145071054.00000000007F3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7F3000
|
| Size: |
8192
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360154039335.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360153597768.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
3B21000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037975123.0000000003B21000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3B21000
|
| Size: |
4096
|
|
|
7923000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360768652676.0000000007923000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7923000
|
| Size: |
36864
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360151494292.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
7961000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361040396927.0000000007961000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7961000
|
| Size: |
16384
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360140194750.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360094914748.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
1BB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360147629380.0000000001BB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1BB4000
|
| Size: |
4096
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360094816696.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360152247777.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
7BC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360147896075.00000000007BC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7BC000
|
| Size: |
8192
|
|
|
7951000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361040329463.0000000007951000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7951000
|
| Size: |
36864
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360095387651.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360153134038.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
8192
|
|
|
7A9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.359778816218.00000000007A9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7A9000
|
| Size: |
110592
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360148544905.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
1C9E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037371386.0000000001C9E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C9E000
|
| Size: |
28672
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360151059130.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
8192
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360095929477.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
1BB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360148140924.0000000001BB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1BB4000
|
| Size: |
4096
|
|
|
3691000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360145823459.0000000003691000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3691000
|
| Size: |
8192
|
|
|
795A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360161791501.000000000795A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
795A000
|
| Size: |
12288
|
|
|
25E4000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.360151726804.00000000025E4000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
25E4000
|
| Size: |
4096
|
|
|
7961000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360768258154.0000000007961000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7961000
|
| Size: |
16384
|
|
|
1B23000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000002.361036135315.0000000001B23000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
1B23000
|
| Size: |
28672
|
|
|
7951000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360768652676.0000000007951000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7951000
|
| Size: |
36864
|
|
|
2610000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.359774893928.0000000002610000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2610000
|
| Size: |
1126400
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
7AD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360147896075.00000000007AD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7AD000
|
| Size: |
20480
|
|
|
3AB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037915554.0000000003AB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3AB0000
|
| Size: |
24576
|
|
|
3BE3000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037975123.0000000003BE3000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3BE3000
|
| Size: |
4096
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
4519000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361039172066.0000000004519000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4519000
|
| Size: |
12288
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360151686076.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
8192
|
|
|
4570000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361039762892.0000000004570000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4570000
|
| Size: |
16384
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
1AE1000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000002.361036135315.0000000001AE1000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
1AE1000
|
| Size: |
8192
|
|
|
240D000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360146554288.000000000240D000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
240D000
|
| Size: |
12288
|
|
|
2725000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.359774893928.0000000002725000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2725000
|
| Size: |
57344
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360097609841.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
3942000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360145125275.0000000003942000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3942000
|
| Size: |
8192
|
|
|
79B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360145519196.000000000079B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79B000
|
| Size: |
28672
|
|
|
799F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360768571308.000000000799F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
799F000
|
| Size: |
4096
|
|
|
2450000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360150848568.0000000002450000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2450000
|
| Size: |
4096
|
|
|
794D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361040298331.000000000794D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
794D000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360153627252.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
8192
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360150804579.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
6848000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360141673655.0000000006848000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
6848000
|
| Size: |
225280
|
|
|
25C3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360151077201.00000000025C3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
25C3000
|
| Size: |
40960
|
|
|
7B5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360147896075.00000000007B5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7B5000
|
| Size: |
16384
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360095271763.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
8192
|
|
|
1BB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360147837278.0000000001BB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1BB4000
|
| Size: |
4096
|
|
|
39C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360151608049.00000000039C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
39C0000
|
| Size: |
4096
|
|
|
79D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361040783798.00000000079D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79D0000
|
| Size: |
4096
|
|
|
235D000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.360152027259.000000000235D000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
235D000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360150206985.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
1C37000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360156387125.0000000001C37000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C37000
|
| Size: |
253952
|
|
|
228B000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.360152027259.000000000228B000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
228B000
|
| Size: |
4096
|
|
|
1C8E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360157424687.0000000001C8E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C8E000
|
| Size: |
200704
|
|
|
1CA7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360767829622.0000000001CA7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CA7000
|
| Size: |
53248
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360150732411.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
3A20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360146888673.0000000003A20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A20000
|
| Size: |
163840
|
|
|
7987000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361040500171.0000000007987000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7987000
|
| Size: |
98304
|
|
|
71E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360149529620.000000000071E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
71E000
|
| Size: |
8192
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360153218136.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
8192
|
|
|
51D000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.359777934383.000000000051D000.00000002.00000001.01000000.00000004.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
51D000
|
| Size: |
57344
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360095746598.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
44F4000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361039172066.00000000044F4000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
44F4000
|
| Size: |
8192
|
|
|
1BB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360147779341.0000000001BB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1BB4000
|
| Size: |
4096
|
|
|
7EA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.359923497711.00000000007EA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7EA000
|
| Size: |
4096
|
|
|
7931000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360768103740.0000000007931000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7931000
|
| Size: |
32768
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
48CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361039797866.00000000048CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
48CE000
|
| Size: |
8192
|
|
|
1CAF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360769100515.0000000001CAF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CAF000
|
| Size: |
20480
|
|
|
7966000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360161791501.0000000007966000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7966000
|
| Size: |
45056
|
|
|
41C000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.359773981224.000000000041C000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
41C000
|
| Size: |
28672
|
|
|
93000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360148687141.0000000000093000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
93000
|
| Size: |
53248
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360152487620.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
8192
|
|
|
7A15000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361040783798.0000000007A15000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7A15000
|
| Size: |
40960
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360151944365.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
1AE9000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000002.361036135315.0000000001AE9000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
1AE9000
|
| Size: |
225280
|
|
|
3BD4000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037975123.0000000003BD4000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3BD4000
|
| Size: |
16384
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
1BB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360148101402.0000000001BB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1BB4000
|
| Size: |
4096
|
|
|
44E6000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361039172066.00000000044E6000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
44E6000
|
| Size: |
8192
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360150005342.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
1BB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360147982478.0000000001BB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1BB4000
|
| Size: |
4096
|
|
|
A2E000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361031314244.0000000000A2E000.00000004.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
A2E000
|
| Size: |
4096
|
|
|
23A5000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360146554288.00000000023A5000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
23A5000
|
| Size: |
4096
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360140242080.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
3942000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360144748771.0000000003942000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3942000
|
| Size: |
163840
|
|
|
795F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360768258154.000000000795F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
795F000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360148405790.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360149821359.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
3920000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037788231.0000000003920000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3920000
|
| Size: |
53248
|
|
|
2265000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.360152027259.0000000002265000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2265000
|
| Size: |
8192
|
|
|
23F0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360146554288.00000000023F0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
23F0000
|
| Size: |
8192
|
|
|
2406000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360146554288.0000000002406000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2406000
|
| Size: |
16384
|
|
|
9FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.360153706862.00000000009FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9FF000
|
| Size: |
4096
|
|
|
79D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360767899257.00000000079D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79D0000
|
| Size: |
4096
|
|
|
7944000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360768652676.0000000007944000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7944000
|
| Size: |
40960
|
|
|
69E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360149440194.000000000069E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
69E000
|
| Size: |
8192
|
|
|
7DE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360148264387.00000000007DE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7DE000
|
| Size: |
8192
|
|
|
3BDC000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037975123.0000000003BDC000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3BDC000
|
| Size: |
12288
|
|
|
7931000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361040096534.0000000007931000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7931000
|
| Size: |
32768
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
787000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360149814985.0000000000787000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
787000
|
| Size: |
61440
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360150764043.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
3B0F000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037975123.0000000003B0F000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3B0F000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360149435442.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360151097242.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
8192
|
|
|
3BA2000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037975123.0000000003BA2000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3BA2000
|
| Size: |
69632
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360095610107.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
7987000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360765967433.0000000007987000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7987000
|
| Size: |
102400
|
|
|
3350000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.359778453954.0000000003350000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3350000
|
| Size: |
16384
|
|
|
44A9000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361039172066.00000000044A9000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
44A9000
|
| Size: |
73728
|
|
|
1CA6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037371386.0000000001CA6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CA6000
|
| Size: |
4096
|
|
|
7A15000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360765967433.0000000007A15000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7A15000
|
| Size: |
40960
|
|
|
1BB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360147941866.0000000001BB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1BB4000
|
| Size: |
4096
|
|
|
401000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000000.00000000.359773760570.0000000000401000.00000020.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
401000
|
| Size: |
69632
|
|
|
7973000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361040500171.0000000007973000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7973000
|
| Size: |
20480
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
| URLs found in memory or binary data |
Networking |
|
|
|
79B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360768385214.00000000079B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79B0000
|
| Size: |
4096
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360144650977.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360153473388.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360152077741.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360153977823.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
1BCA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361036602696.0000000001BCA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1BCA000
|
| Size: |
8192
|
|
|
23FF000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360146554288.00000000023FF000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
23FF000
|
| Size: |
20480
|
|
|
3941000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360084785691.0000000003941000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3941000
|
| Size: |
4096
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360095200125.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360153554056.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
8192
|
|
|
793A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361040096534.000000000793A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
793A000
|
| Size: |
8192
|
|
|
7C6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360150424108.00000000007C6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7C6000
|
| Size: |
4096
|
|
|
4B6F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361039895870.0000000004B6F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4B6F000
|
| Size: |
4096
|
|
|
AB50000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361041116017.000000000AB50000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AB50000
|
| Size: |
36864
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
1C7D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037192057.0000000001C7D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C7D000
|
| Size: |
40960
|
|
|
79E9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361040783798.00000000079E9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79E9000
|
| Size: |
176128
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360150927149.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
518000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.359777934383.0000000000518000.00000002.00000001.01000000.00000004.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
518000
|
| Size: |
12288
|
|
|
79E9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360767107687.00000000079E9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79E9000
|
| Size: |
176128
|
|
|
44A1000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361039172066.00000000044A1000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
44A1000
|
| Size: |
28672
|
|
|
620000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360149398927.0000000000620000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
620000
|
| Size: |
8192
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360149208968.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
3B4B000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037975123.0000000003B4B000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3B4B000
|
| Size: |
16384
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360153024856.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
7C5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360145338597.00000000007C5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7C5000
|
| Size: |
180224
|
|
|
7F2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360145338597.00000000007F2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7F2000
|
| Size: |
4096
|
|
|
1CB5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037662815.0000000001CB5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CB5000
|
| Size: |
40960
|
|
|
797A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360765967433.000000000797A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
797A000
|
| Size: |
8192
|
|
|
3AF9000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037975123.0000000003AF9000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3AF9000
|
| Size: |
16384
|
|
|
3B6F000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037975123.0000000003B6F000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3B6F000
|
| Size: |
4096
|
|
|
1C2A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361036602696.0000000001C2A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C2A000
|
| Size: |
28672
|
|
|
AA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.360153740157.0000000000AA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AA0000
|
| Size: |
8192
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360150969473.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
8192
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360153913988.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
8192
|
|
|
400000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000000.360137823958.0000000000400000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
400000
|
| Size: |
4096
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360097751676.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360096144085.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
7C2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360147896075.00000000007C2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7C2000
|
| Size: |
4096
|
|
|
1C48000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360769161292.0000000001C48000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C48000
|
| Size: |
212992
|
|
|
2292000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.360152027259.0000000002292000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2292000
|
| Size: |
4096
|
|
|
504000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360149168875.0000000000504000.00000004.00000001.01000000.00000004.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
504000
|
| Size: |
12288
|
|
|
2257000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.360152027259.0000000002257000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2257000
|
| Size: |
4096
|
|
|
79D5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360767899257.00000000079D5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79D5000
|
| Size: |
77824
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3698000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360145823459.0000000003698000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3698000
|
| Size: |
8192
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360154116085.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
79B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361040647156.00000000079B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79B0000
|
| Size: |
4096
|
|
|
7E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360148264387.00000000007E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7E3000
|
| Size: |
8192
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360153180995.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
8192
|
|
|
79F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360149814985.000000000079F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79F000
|
| Size: |
8192
|
|
|
401000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000002.00000000.359777608784.0000000000401000.00000020.00000001.01000000.00000004.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
401000
|
| Size: |
1044480
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360148605612.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
412000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000000.00000000.359773852488.0000000000412000.00000008.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
412000
|
| Size: |
4096
|
|
|
452A000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361039172066.000000000452A000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
452A000
|
| Size: |
12288
|
|
|
1BB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360148062804.0000000001BB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1BB4000
|
| Size: |
4096
|
|
|
242A000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360146554288.000000000242A000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
242A000
|
| Size: |
8192
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360151196125.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360154219389.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
3AF7000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037975123.0000000003AF7000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3AF7000
|
| Size: |
4096
|
|
|
1AE9000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000000.360139903301.0000000001AE9000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
1AE9000
|
| Size: |
225280
|
|
|
4CB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361039992731.0000000004CB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CB0000
|
| Size: |
4096
|
|
|
400000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.359777568866.0000000000400000.00000002.00000001.01000000.00000004.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
400000
|
| Size: |
4096
|
|
|
1B23000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000000.360139903301.0000000001B23000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
1B23000
|
| Size: |
28672
|
|
|
23BD000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360146554288.00000000023BD000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
23BD000
|
| Size: |
8192
|
|
|
241C000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360146554288.000000000241C000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
241C000
|
| Size: |
4096
|
|
|
3A90000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.361037889147.0000000003A90000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
3A90000
|
| Size: |
4096
|
|
|
3AC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360151641831.0000000003AC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3AC0000
|
| Size: |
4096
|
|
|
3C00000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361038926241.0000000003C00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3C00000
|
| Size: |
4096
|
|
|
7BF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360147896075.00000000007BF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7BF000
|
| Size: |
4096
|
|
|
7E8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360150569685.00000000007E8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7E8000
|
| Size: |
4096
|
|
|
3618000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360145823459.0000000003618000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3618000
|
| Size: |
106496
|
|
|
23E9000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360146554288.00000000023E9000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
23E9000
|
| Size: |
12288
|
|
|
7A3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360145519196.00000000007A3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7A3000
|
| Size: |
131072
|
|
|
2250000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.360152027259.0000000002250000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2250000
|
| Size: |
4096
|
|
|
3BC6000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037975123.0000000003BC6000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3BC6000
|
| Size: |
12288
|
|
|
1CB5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360767829622.0000000001CB5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CB5000
|
| Size: |
40960
|
|
|
1C43000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037119060.0000000001C43000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C43000
|
| Size: |
20480
|
|
|
38BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360151348765.00000000038BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
38BF000
|
| Size: |
4096
|
|
|
4542000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361039172066.0000000004542000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4542000
|
| Size: |
8192
|
|
|
8C2000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361031314244.00000000008C2000.00000004.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8C2000
|
| Size: |
8192
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360149393222.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
3638000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360145823459.0000000003638000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3638000
|
| Size: |
4096
|
|
|
3932000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037788231.0000000003932000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3932000
|
| Size: |
69632
|
|
|
2414000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360146554288.0000000002414000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2414000
|
| Size: |
8192
|
|
|
4A2F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361039830808.0000000004A2F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4A2F000
|
| Size: |
4096
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360095513842.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
24D0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.359774411195.00000000024D0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
24D0000
|
| Size: |
458752
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
1C7F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360157424687.0000000001C7F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C7F000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360150381961.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
1CB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037662815.0000000001CB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CB0000
|
| Size: |
16384
|
|
|
2282000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.360152027259.0000000002282000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2282000
|
| Size: |
4096
|
|
|
1BB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360147750546.0000000001BB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1BB4000
|
| Size: |
4096
|
|
|
7E8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360148264387.00000000007E8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7E8000
|
| Size: |
16384
|
|
|
3941000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360084851289.0000000003941000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3941000
|
| Size: |
4096
|
|
|
1C3E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360157163259.0000000001C3E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C3E000
|
| Size: |
4096
|
|
|
795F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360161791501.000000000795F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
795F000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360150637669.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
1ADE000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000004.00000002.361036064988.0000000001ADE000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
1ADE000
|
| Size: |
12288
|
|
|
1ABE000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000004.00000002.361035766015.0000000001ABE000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
1ABE000
|
| Size: |
20480
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360151234582.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360095683419.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
79A9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360768385214.00000000079A9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79A9000
|
| Size: |
20480
|
|
|
797A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361040500171.000000000797A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
797A000
|
| Size: |
8192
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360148822074.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
7972000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360765967433.0000000007972000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7972000
|
| Size: |
24576
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
| URLs found in memory or binary data |
Networking |
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360095342317.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
1BB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360147893162.0000000001BB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1BB4000
|
| Size: |
4096
|
|
|
39C1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360084913377.00000000039C1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
39C1000
|
| Size: |
225280
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360151832884.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
79D5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360767107687.00000000079D5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79D5000
|
| Size: |
77824
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360147860856.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
7961000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360161791501.0000000007961000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7961000
|
| Size: |
16384
|
|
|
7927000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361040096534.0000000007927000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7927000
|
| Size: |
12288
|
|
|
3B85000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037975123.0000000003B85000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3B85000
|
| Size: |
4096
|
|
|
7A01000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360192333937.0000000007A01000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7A01000
|
| Size: |
53248
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360149637524.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
368A000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360145823459.000000000368A000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
368A000
|
| Size: |
4096
|
|
|
23CC000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360146554288.00000000023CC000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
23CC000
|
| Size: |
36864
|
|
|
42EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361039108893.00000000042EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
42EE000
|
| Size: |
8192
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360146765410.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
65536
|
|
|
44D8000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361039172066.00000000044D8000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
44D8000
|
| Size: |
8192
|
|
|
1BB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360148222846.0000000001BB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1BB4000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360149483980.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360151606015.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
8192
|
|
|
7CF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.359856830532.00000000007CF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7CF000
|
| Size: |
114688
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360152205516.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
511000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.359777934383.0000000000511000.00000002.00000001.01000000.00000004.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
511000
|
| Size: |
24576
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360085189994.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
3B93000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037975123.0000000003B93000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3B93000
|
| Size: |
45056
|
|
|
3CB3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361038983335.0000000003CB3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3CB3000
|
| Size: |
40960
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360152373770.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
8192
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360097229354.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360095802626.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
7E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360148264387.00000000007E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7E1000
|
| Size: |
4096
|
|
|
79B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360767107687.00000000079B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79B0000
|
| Size: |
4096
|
|
|
7961000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360765967433.0000000007961000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7961000
|
| Size: |
16384
|
|
|
3B7D000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037975123.0000000003B7D000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3B7D000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360149958385.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
237A000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.360152027259.000000000237A000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
237A000
|
| Size: |
4096
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
23E2000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360146554288.00000000023E2000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
23E2000
|
| Size: |
8192
|
|
|
7949000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360768829864.0000000007949000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7949000
|
| Size: |
20480
|
|
|
3B3B000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037975123.0000000003B3B000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3B3B000
|
| Size: |
8192
|
|
|
1BB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360147859526.0000000001BB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1BB4000
|
| Size: |
4096
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360097510591.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
7EA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360150569685.00000000007EA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7EA000
|
| Size: |
8192
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360151908436.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
44ED000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361039172066.00000000044ED000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
44ED000
|
| Size: |
8192
|
|
|
37BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360151312656.00000000037BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
37BF000
|
| Size: |
4096
|
|
|
4BAE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361039929127.0000000004BAE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4BAE000
|
| Size: |
8192
|
|
|
1BB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361036460928.0000000001BB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1BB0000
|
| Size: |
16384
|
|
|
3BF8000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037975123.0000000003BF8000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3BF8000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360153740021.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
8192
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360152612567.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
8192
|
|
|
3B68000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037975123.0000000003B68000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3B68000
|
| Size: |
4096
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360140288838.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360153878645.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
8192
|
|
|
79E9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360767899257.00000000079E9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79E9000
|
| Size: |
176128
|
|
|
231C000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360146554288.000000000231C000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
231C000
|
| Size: |
8192
|
|
|
2324000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360146554288.0000000002324000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2324000
|
| Size: |
4096
|
|
|
2388000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.360152027259.0000000002388000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2388000
|
| Size: |
4096
|
|
|
794E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360765967433.000000000794E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
794E000
|
| Size: |
61440
|
|
|
7966000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360768258154.0000000007966000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7966000
|
| Size: |
45056
|
|
|
23DB000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360146554288.00000000023DB000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
23DB000
|
| Size: |
4096
|
|
|
22A7000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.360152027259.00000000022A7000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
22A7000
|
| Size: |
442368
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
1AC4000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000004.00000002.361035907228.0000000001AC4000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
1AC4000
|
| Size: |
102400
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360149269636.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
7972000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360767684820.0000000007972000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7972000
|
| Size: |
24576
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360150251680.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
3360000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.359778487027.0000000003360000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3360000
|
| Size: |
499712
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
79AA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361040647156.00000000079AA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79AA000
|
| Size: |
16384
|
|
|
7987000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360161791501.0000000007987000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7987000
|
| Size: |
45056
|
|
|
1C7D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360155858612.0000000001C7D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C7D000
|
| Size: |
8192
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360149536740.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
2339000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.360152027259.0000000002339000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2339000
|
| Size: |
8192
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360151749108.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
95F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360150735694.000000000095F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
95F000
|
| Size: |
4096
|
|
|
3B76000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037975123.0000000003B76000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3B76000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360096031684.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
1C44000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360155858612.0000000001C44000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C44000
|
| Size: |
8192
|
|
|
41AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361039047422.00000000041AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
41AE000
|
| Size: |
8192
|
|
|
2307000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360146554288.0000000002307000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2307000
|
| Size: |
8192
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360153514565.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360152286463.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
8192
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360097072321.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360152987630.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
8192
|
|
|
1CB5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360769100515.0000000001CB5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CB5000
|
| Size: |
40960
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360153700525.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
8192
|
|
|
1E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.360153272570.00000000001E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E0000
|
| Size: |
20480
|
|
|
8FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.360153661153.00000000008FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8FE000
|
| Size: |
8192
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360097279554.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
2608000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.360151726804.0000000002608000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2608000
|
| Size: |
4096
|
|
|
7A9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360147896075.00000000007A9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7A9000
|
| Size: |
12288
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360152567529.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
8192
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360149912211.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
A3EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361041048748.000000000A3EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A3EE000
|
| Size: |
8192
|
|
|
508000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360149168875.0000000000508000.00000004.00000001.01000000.00000004.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
508000
|
| Size: |
8192
|
|
|
1BB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360147719268.0000000001BB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1BB4000
|
| Size: |
4096
|
|
|
3656000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360145823459.0000000003656000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3656000
|
| Size: |
8192
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360150686133.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
366C000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360145823459.000000000366C000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
366C000
|
| Size: |
4096
|
|
|
30000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360148642662.0000000000030000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
30000
|
| Size: |
4096
|
|
|
25EC000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.360151726804.00000000025EC000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
25EC000
|
| Size: |
4096
|
|
|
9B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.360153179574.000000000009B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9B000
|
| Size: |
20480
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360148577915.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
1BC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361036602696.0000000001BC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1BC0000
|
| Size: |
36864
|
|
|
419000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000000.00000000.359773852488.0000000000419000.00000008.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
419000
|
| Size: |
4096
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360094697815.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
54E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.360153475540.000000000054E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
54E000
|
| Size: |
77824
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360094984528.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
1C7D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360157163259.0000000001C7D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C7D000
|
| Size: |
12288
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360151271324.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
7BC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360149814985.00000000007BC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7BC000
|
| Size: |
8192
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360152831402.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360152412505.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
8192
|
|
|
3A20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037861306.0000000003A20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3A20000
|
| Size: |
8192
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360152793768.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
2490000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.360150883996.0000000002490000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
2490000
|
| Size: |
4096
|
|
|
79D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360765967433.00000000079D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79D0000
|
| Size: |
4096
|
|
|
7C8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360147896075.00000000007C8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7C8000
|
| Size: |
12288
|
|
|
1161000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000004.00000000.360137934735.0000000001161000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
1161000
|
| Size: |
9961472
|
|
|
79D5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360765967433.00000000079D5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79D5000
|
| Size: |
77824
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360151411513.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360096082269.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360151161779.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
79A1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360768571308.00000000079A1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79A1000
|
| Size: |
8192
|
|
|
1AC3000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.361035838286.0000000001AC3000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
1AC3000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360153948276.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
2381000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.360152027259.0000000002381000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2381000
|
| Size: |
8192
|
|
|
3910000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037726532.0000000003910000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3910000
|
| Size: |
16384
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360153662673.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
8192
|
|
|
1BCE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361036602696.0000000001BCE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1BCE000
|
| Size: |
253952
|
|
|
1AE1000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000000.360139903301.0000000001AE1000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
1AE1000
|
| Size: |
8192
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360152122197.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360148451344.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
6DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360149482516.00000000006DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6DE000
|
| Size: |
8192
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360096611244.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
79EC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360192333937.00000000079EC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79EC000
|
| Size: |
73728
|
|
|
3981000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360145125275.0000000003981000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3981000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360152651650.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
24A5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360150932608.00000000024A5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24A5000
|
| Size: |
8192
|
|
|
236C000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.360152027259.000000000236C000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
236C000
|
| Size: |
4096
|
|
|
3BEA000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361037975123.0000000003BEA000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3BEA000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
79BF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361040783798.00000000079BF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79BF000
|
| Size: |
57344
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360150115598.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
7920000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361040096534.0000000007920000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7920000
|
| Size: |
8192
|
|
|
3CB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361038983335.0000000003CB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3CB0000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360151566271.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
8192
|
|
|
7AB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360149814985.00000000007AB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7AB000
|
| Size: |
16384
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360095070034.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360097347936.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360148663177.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
25F3000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.360151726804.00000000025F3000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
25F3000
|
| Size: |
4096
|
|
|
3941000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360084749560.0000000003941000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3941000
|
| Size: |
4096
|
|
|
424000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.359773981224.0000000000424000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
424000
|
| Size: |
12288
|
|
|
450B000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361039172066.000000000450B000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
450B000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360152686513.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360148364484.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
7992000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360161743612.0000000007992000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7992000
|
| Size: |
114688
|
|
|
3665000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360145823459.0000000003665000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3665000
|
| Size: |
4096
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360085124829.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
8192
|
|
|
3921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360152030052.0000000003921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3921000
|
| Size: |
4096
|
|
|
79D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.360767107687.00000000079D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79D0000
|
| Size: |
4096
|
|
|
1C0F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.361036602696.0000000001C0F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0F000
|
| Size: |
106496
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360140099251.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
8192
|
|
|
540000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.360153475540.0000000000540000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
540000
|
| Size: |
32768
|
|
|
614000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.360085383393.0000000000614000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
614000
|
| Size: |
4096
|
|
|
38C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.360151391015.00000000038C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
38C0000
|
| Size: |
4096
|
|
|
25FA000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.360151726804.00000000025FA000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
25FA000
|
| Size: |
4096
|
|
