|
F20000
|
direct allocation
|
page execute and read and write
|
 |
|
|
| Name: |
00000004.00000002.859489672.0000000000F20000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
F20000
|
| Size: |
36864
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Found malware configuration |
AV Detection |
|
| Yara detected CobaltStrike |
Remote Access Functionality |
|
| Yara signature match |
System Summary |
|
|
|
252DBC10000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.859680337.00000252DBC10000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
252DBC10000
|
| Size: |
36864
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected CobaltStrike |
Remote Access Functionality |
|
| Yara signature match |
System Summary |
|
|
|
17B0DF20000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000006.00000003.360377779.0000017B0DF20000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
17B0DF20000
|
| Size: |
262144
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected CobaltStrike |
Remote Access Functionality |
|
| Yara detected CobaltStrike |
Remote Access Functionality |
|
| Yara signature match |
System Summary |
|
|
|
252DD8E0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000003.363165809.00000252DD8E0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
252DD8E0000
|
| Size: |
262144
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected CobaltStrike |
Remote Access Functionality |
|
| Yara detected CobaltStrike |
Remote Access Functionality |
|
| Yara signature match |
System Summary |
|
|
|
24696A70000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000003.360293137.0000024696A70000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
24696A70000
|
| Size: |
262144
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected CobaltStrike |
Remote Access Functionality |
|
| Yara detected CobaltStrike |
Remote Access Functionality |
|
| Yara signature match |
System Summary |
|
|
|
3050000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000003.359212533.0000000003050000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
3050000
|
| Size: |
262144
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected CobaltStrike |
Remote Access Functionality |
|
| Yara detected CobaltStrike |
Remote Access Functionality |
|
| Yara signature match |
System Summary |
|
|
|
246965A0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.860191836.00000246965A0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
246965A0000
|
| Size: |
36864
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected CobaltStrike |
Remote Access Functionality |
|
| Yara signature match |
System Summary |
|
|
|
17B0C2B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000006.00000002.860031988.0000017B0C2B0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
17B0C2B0000
|
| Size: |
36864
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected CobaltStrike |
Remote Access Functionality |
|
| Yara signature match |
System Summary |
|
|
|
3253000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.860419231.0000000003253000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3253000
|
| Size: |
4096
|
|
|
24694D4E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.850071905.0000024694D4E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4E000
|
| Size: |
4096
|
|
|
1C886880000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.861000110.000001C886880000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C886880000
|
| Size: |
4096
|
|
|
24696C6D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.606203399.0000024696C6D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C6D000
|
| Size: |
4096
|
|
|
3253000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.756427769.0000000003253000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3253000
|
| Size: |
4096
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.572829602.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
413696
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.839437663.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.603066824.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
481BE8C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.859356701.000000481BE8C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
481BE8C000
|
| Size: |
16384
|
|
|
24696C6D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.719445512.0000024696C6D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C6D000
|
| Size: |
4096
|
|
|
252DDAB8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.692231301.00000252DDAB8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB8000
|
| Size: |
28672
|
|
|
24696C56000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.394912004.0000024696C56000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C56000
|
| Size: |
16384
|
|
|
19BBDC70000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.408280339.0000019BBDC70000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
19BBDC70000
|
| Size: |
20480
|
|
|
326A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.764463284.000000000326A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326A000
|
| Size: |
4096
|
|
|
3270000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.746851441.0000000003270000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3270000
|
| Size: |
4096
|
|
|
481CEFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.859727518.000000481CEFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
481CEFF000
|
| Size: |
4096
|
|
|
22DDF186000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.491661999.0000022DDF186000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF186000
|
| Size: |
4096
|
|
|
17B0E106000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.508114837.0000017B0E106000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0E106000
|
| Size: |
4096
|
|
|
10E9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.449637130.00000000010E9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E9000
|
| Size: |
24576
|
|
|
252DDABF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.821552223.00000252DDABF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDABF000
|
| Size: |
4096
|
|
|
17B0C1F8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.487029454.0000017B0C1F8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1F8000
|
| Size: |
28672
|
|
|
246965B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.860224218.00000246965B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
246965B0000
|
| Size: |
4096
|
|
|
1C88AB60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.518641575.000001C88AB60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C88AB60000
|
| Size: |
4096
|
|
|
22DDF188000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.491796843.0000022DDF188000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF188000
|
| Size: |
12288
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.726429269.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
252DDAC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.439994556.00000252DDAC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC0000
|
| Size: |
12288
|
|
|
22DDE829000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.506026849.0000022DDE829000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE829000
|
| Size: |
73728
|
|
|
326A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.756453213.000000000326A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326A000
|
| Size: |
4096
|
|
|
252DBC75000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.859753834.00000252DBC75000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DBC75000
|
| Size: |
28672
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.785516705.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
22DDE84C000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.505447084.0000022DDE84C000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE84C000
|
| Size: |
4096
|
|
|
1C88AB20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.861135028.000001C88AB20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C88AB20000
|
| Size: |
4096
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.703921375.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
10EB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.805587386.00000000010EB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10EB000
|
| Size: |
16384
|
|
|
1C886500000
|
trusted library section
|
page readonly
|
|
|
|
| Name: |
00000014.00000002.860860901.000001C886500000.00000002.08000000.00040000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page readonly
|
| Base address: |
1C886500000
|
| Size: |
65536
|
|
|
10EA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.361343857.00000000010EA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10EA000
|
| Size: |
20480
|
|
|
326A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.616492295.000000000326A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326A000
|
| Size: |
4096
|
|
|
3249000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.449710074.0000000003249000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3249000
|
| Size: |
8192
|
|
|
27A93108000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.389671470.0000027A93108000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
27A93108000
|
| Size: |
24576
|
|
|
244E7B10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000017.00000002.860207153.00000244E7B10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
244E7B10000
|
| Size: |
4096
|
|
|
3276000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.715050328.0000000003276000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3276000
|
| Size: |
4096
|
|
|
17B0C1FE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.395584900.0000017B0C1FE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FE000
|
| Size: |
4096
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.785150759.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
24696C56000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.614425588.0000024696C56000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C56000
|
| Size: |
32768
|
|
|
3267000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.726378063.0000000003267000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3267000
|
| Size: |
16384
|
|
|
F92B97F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.493826818.000000F92B97F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F92B97F000
|
| Size: |
4096
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.643000973.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
24696C56000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.446770571.0000024696C56000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C56000
|
| Size: |
12288
|
|
|
22DDF663000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.494062860.0000022DDF663000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF663000
|
| Size: |
397312
|
|
|
3251000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.520827343.0000000003251000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3251000
|
| Size: |
12288
|
|
|
252DDABF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.776080722.00000252DDABF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDABF000
|
| Size: |
4096
|
|
|
17B0C17F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.715787384.0000017B0C17F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C17F000
|
| Size: |
45056
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
22DDEF90000
|
remote allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.483454941.0000022DDEF90000.00000004.00000400.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
remote allocation
|
| Protect: |
page read and write
|
| Base address: |
22DDEF90000
|
| Size: |
4096
|
|
|
244E6F40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000017.00000003.577721283.00000244E6F40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
244E6F40000
|
| Size: |
4096
|
|
|
17B0C1FD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.593126827.0000017B0C1FD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FD000
|
| Size: |
8192
|
|
|
22DDF159000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.505031308.0000022DDF159000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF159000
|
| Size: |
45056
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.785392929.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.773192099.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.627835518.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
3276000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.764658605.0000000003276000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3276000
|
| Size: |
4096
|
|
|
326A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.576002836.000000000326A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326A000
|
| Size: |
4096
|
|
|
24694D47000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.624745750.0000024694D47000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D47000
|
| Size: |
4096
|
|
|
24696C58000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.625023962.0000024696C58000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C58000
|
| Size: |
24576
|
|
|
24696C57000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.769021309.0000024696C57000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C57000
|
| Size: |
57344
|
|
|
24694DD0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.860140695.0000024694DD0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694DD0000
|
| Size: |
12288
|
|
|
E7477FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.859570764.000000E7477FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E7477FE000
|
| Size: |
8192
|
|
|
24696C6D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.737960402.0000024696C6D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C6D000
|
| Size: |
4096
|
|
|
17B0C1FB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.572934603.0000017B0C1FB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FB000
|
| Size: |
4096
|
|
|
108B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.462382246.000000000108B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
108B000
|
| Size: |
196608
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.849957289.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
1ECE9410000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.441760165.000001ECE9410000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1ECE9410000
|
| Size: |
4096
|
|
|
24696C56000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.554609957.0000024696C56000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C56000
|
| Size: |
32768
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.639576128.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
22DDF600000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.506324067.0000022DDF600000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF600000
|
| Size: |
8192
|
|
|
24694D4C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.678093026.0000024694D4C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4C000
|
| Size: |
12288
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.616699763.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.737718143.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.670389372.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
24576
|
|
|
3231000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.575559246.0000000003231000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3231000
|
| Size: |
4096
|
|
|
3270000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.756580345.0000000003270000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3270000
|
| Size: |
4096
|
|
|
3263000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.785131617.0000000003263000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3263000
|
| Size: |
4096
|
|
|
326A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.693421901.000000000326A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326A000
|
| Size: |
4096
|
|
|
1C88A8F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.861060743.000001C88A8F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C88A8F0000
|
| Size: |
4096
|
|
|
3278000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.746921448.0000000003278000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3278000
|
| Size: |
4096
|
|
|
7FFD7792C000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000006.00000002.860800424.00007FFD7792C000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FFD7792C000
|
| Size: |
8192
|
|
|
3278000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.715056117.0000000003278000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3278000
|
| Size: |
4096
|
|
|
C3EECFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.389549123.000000C3EECFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C3EECFF000
|
| Size: |
4096
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.746666229.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
3276000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.797240609.0000000003276000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3276000
|
| Size: |
4096
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.737585324.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
24696C6D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.746929900.0000024696C6D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C6D000
|
| Size: |
4096
|
|
|
17B0C1F6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.395572508.0000017B0C1F6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1F6000
|
| Size: |
8192
|
|
|
17B0C191000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.813059300.0000017B0C191000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C191000
|
| Size: |
385024
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3249000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.462246020.0000000003249000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3249000
|
| Size: |
8192
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.639591129.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
24696C63000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.614628830.0000024696C63000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C63000
|
| Size: |
4096
|
|
|
22DDE89E000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.482882540.0000022DDE89E000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE89E000
|
| Size: |
4096
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.627855857.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
3FCC4FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.859460461.0000003FCC4FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3FCC4FE000
|
| Size: |
8192
|
|
|
10DD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.839489227.00000000010DD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10DD000
|
| Size: |
4096
|
|
|
1C88A880000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.861010864.000001C88A880000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C88A880000
|
| Size: |
4096
|
|
|
252DD8D0000
|
remote allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.355465861.00000252DD8D0000.00000004.00000400.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
remote allocation
|
| Protect: |
page read and write
|
| Base address: |
252DD8D0000
|
| Size: |
4096
|
|
|
25CB5242000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.493437361.0000025CB5242000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
25CB5242000
|
| Size: |
110592
|
|
|
3276000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.693307288.0000000003276000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3276000
|
| Size: |
4096
|
|
|
326A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.639558926.000000000326A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326A000
|
| Size: |
4096
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.628016177.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.597225874.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
24696C59000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.690189069.0000024696C59000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C59000
|
| Size: |
45056
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.545118649.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
27A93013000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.389579749.0000027A93013000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
27A93013000
|
| Size: |
90112
|
|
|
1C885340000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.859738004.000001C885340000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C885340000
|
| Size: |
4096
|
|
|
2E4D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.860207771.0000000002E4D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2E4D000
|
| Size: |
12288
|
|
|
22DDE849000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.505554585.0000022DDE849000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE849000
|
| Size: |
8192
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.395641871.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
389120
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.693290646.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
F129DFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.505979671.000000F129DFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F129DFE000
|
| Size: |
8192
|
|
|
3270000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.703864251.0000000003270000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3270000
|
| Size: |
4096
|
|
|
22DDE856000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.506058432.0000022DDE856000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE856000
|
| Size: |
12288
|
|
|
17B0C1FC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.781012324.0000017B0C1FC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FC000
|
| Size: |
12288
|
|
|
17B0C1FD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.631544513.0000017B0C1FD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FD000
|
| Size: |
8192
|
|
|
24694D42000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.363803138.0000024694D42000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D42000
|
| Size: |
4096
|
|
|
24696C59000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.815858889.0000024696C59000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C59000
|
| Size: |
49152
|
|
|
24696C56000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.576834309.0000024696C56000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C56000
|
| Size: |
32768
|
|
|
27A93077000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.389645395.0000027A93077000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
27A93077000
|
| Size: |
4096
|
|
|
10E7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.361571377.00000000010E7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E7000
|
| Size: |
4096
|
|
|
3264000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.639550515.0000000003264000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3264000
|
| Size: |
4096
|
|
|
481C9F9000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.859630015.000000481C9F9000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
481C9F9000
|
| Size: |
28672
|
|
|
326A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.566113643.000000000326A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326A000
|
| Size: |
4096
|
|
|
24694D4C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.458670696.0000024694D4C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4C000
|
| Size: |
12288
|
|
|
22DDF15A000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.506289259.0000022DDF15A000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF15A000
|
| Size: |
40960
|
|
|
3269000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.839577789.0000000003269000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3269000
|
| Size: |
8192
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.650626666.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.575797300.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
1C88AD04000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.861599181.000001C88AD04000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C88AD04000
|
| Size: |
20480
|
|
|
10BC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.413241296.00000000010BC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10BC000
|
| Size: |
135168
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.795280871.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
36864
|
|
|
252DDAD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.652488963.00000252DDAD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD4000
|
| Size: |
8192
|
|
|
252DDAD1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.420358415.00000252DDAD1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD1000
|
| Size: |
4096
|
|
|
17B0C168000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.859736589.0000017B0C168000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C168000
|
| Size: |
90112
|
|
|
3276000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.850024189.0000000003276000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3276000
|
| Size: |
4096
|
|
|
252DDAC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.476719724.00000252DDAC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC0000
|
| Size: |
8192
|
|
|
252DDAB8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.756006033.00000252DDAB8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB8000
|
| Size: |
28672
|
|
|
328B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.557337884.000000000328B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328B000
|
| Size: |
4096
|
|
|
252DDACA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.633515423.00000252DDACA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACA000
|
| Size: |
8192
|
|
|
252DD8E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.860196667.00000252DD8E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DD8E3000
|
| Size: |
4096
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.671599693.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.620853877.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
252DDAD2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.574147722.00000252DDAD2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD2000
|
| Size: |
4096
|
|
|
17B0C168000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.715770618.0000017B0C168000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C168000
|
| Size: |
90112
|
|
|
252DDAC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.420337492.00000252DDAC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC0000
|
| Size: |
8192
|
|
|
10DD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.828783434.00000000010DD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10DD000
|
| Size: |
8192
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.560359790.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
413696
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3278000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.715214161.0000000003278000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3278000
|
| Size: |
4096
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.624820194.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
24576
|
|
|
3269000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.715170195.0000000003269000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3269000
|
| Size: |
8192
|
|
|
17B0C1FB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.635430131.0000017B0C1FB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FB000
|
| Size: |
4096
|
|
|
1C885458000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.860076362.000001C885458000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C885458000
|
| Size: |
65536
|
|
|
22DDF602000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.491170501.0000022DDF602000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF602000
|
| Size: |
147456
|
|
|
24694D4E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.827977536.0000024694D4E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4E000
|
| Size: |
4096
|
|
|
7FFD7792E000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.860939345.00007FFD7792E000.00000004.00000001.01000000.00000003.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
7FFD7792E000
|
| Size: |
4096
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.566005381.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
4096
|
|
|
1088000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.462371062.0000000001088000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1088000
|
| Size: |
8192
|
|
|
17B0E107000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.699427977.0000017B0E107000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0E107000
|
| Size: |
8192
|
|
|
3FCC5FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.859490791.0000003FCC5FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3FCC5FE000
|
| Size: |
8192
|
|
|
10EB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.726889077.00000000010EB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10EB000
|
| Size: |
16384
|
|
|
252DDAB8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.614733654.00000252DDAB8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB8000
|
| Size: |
28672
|
|
|
F92B8FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.493821864.000000F92B8FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F92B8FF000
|
| Size: |
4096
|
|
|
17B0E107000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.610543400.0000017B0E107000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0E107000
|
| Size: |
12288
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.681754988.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.597457498.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
24696C56000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.586075694.0000024696C56000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C56000
|
| Size: |
32768
|
|
|
27A93113000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.389677022.0000027A93113000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
27A93113000
|
| Size: |
12288
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.546459916.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
4096
|
|
|
25CB51D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.493841700.0000025CB51D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
25CB51D0000
|
| Size: |
8192
|
|
|
1C8853F0000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.859794872.000001C8853F0000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
1C8853F0000
|
| Size: |
4096
|
|
|
1ECE9629000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.441816296.000001ECE9629000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1ECE9629000
|
| Size: |
73728
|
|
|
17B0C1FD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.584055042.0000017B0C1FD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FD000
|
| Size: |
8192
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.639496664.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
3278000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.693461632.0000000003278000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3278000
|
| Size: |
4096
|
|
|
1ECE9E02000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.441932208.000001ECE9E02000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1ECE9E02000
|
| Size: |
4096
|
|
|
1C88AA30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.861091004.000001C88AA30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C88AA30000
|
| Size: |
4096
|
|
|
326A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.746648334.000000000326A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326A000
|
| Size: |
4096
|
|
|
3268000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.588982530.0000000003268000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3268000
|
| Size: |
12288
|
|
|
252DDAC3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.381317864.00000252DDAC3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC3000
|
| Size: |
8192
|
|
|
252DDABD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.476802228.00000252DDABD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDABD000
|
| Size: |
4096
|
|
|
3253000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.607426002.0000000003253000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3253000
|
| Size: |
4096
|
|
|
10E9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.429470219.00000000010E9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E9000
|
| Size: |
24576
|
|
|
24694D46000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.634824173.0000024694D46000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D46000
|
| Size: |
4096
|
|
|
24696C57000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.756376591.0000024696C57000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C57000
|
| Size: |
57344
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.627844387.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
24694D1D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.860037531.0000024694D1D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D1D000
|
| Size: |
159744
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.756506476.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
22DDE84F000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.506048132.0000022DDE84F000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE84F000
|
| Size: |
4096
|
|
|
252DDAC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.429562832.00000252DDAC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC0000
|
| Size: |
12288
|
|
|
1C885400000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.859806561.000001C885400000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C885400000
|
| Size: |
73728
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.773303692.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.726616506.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.756468941.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
244E6CF0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000017.00000002.859617635.00000244E6CF0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
244E6CF0000
|
| Size: |
4096
|
|
|
10E4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.588909369.00000000010E4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E4000
|
| Size: |
45056
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.726658378.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
252DDAB6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.369022381.00000252DDAB6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB6000
|
| Size: |
16384
|
|
|
22DDF188000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.488203648.0000022DDF188000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF188000
|
| Size: |
53248
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.828638596.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
7FFD77900000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000001.00000002.860613453.00007FFD77900000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FFD77900000
|
| Size: |
4096
|
|
|
22DDF15D000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.489816559.0000022DDF15D000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF15D000
|
| Size: |
65536
|
|
|
3276000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.785173162.0000000003276000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3276000
|
| Size: |
4096
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.746727642.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.715038151.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
24696C56000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.414090870.0000024696C56000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C56000
|
| Size: |
16384
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.681493279.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
3268000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.544848445.0000000003268000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3268000
|
| Size: |
12288
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.764506728.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
481C5FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.859518603.000000481C5FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
481C5FE000
|
| Size: |
8192
|
|
|
252DDAC2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.486888331.00000252DDAC2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC2000
|
| Size: |
4096
|
|
|
3265000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.588970336.0000000003265000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3265000
|
| Size: |
4096
|
|
|
3276000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.785535434.0000000003276000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3276000
|
| Size: |
4096
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.527986408.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
413696
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3269000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.671575246.0000000003269000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3269000
|
| Size: |
8192
|
|
|
22DDE853000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.506053369.0000022DDE853000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE853000
|
| Size: |
4096
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.715623899.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
389120
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3253000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.785095445.0000000003253000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3253000
|
| Size: |
4096
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.589031957.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
24696C57000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.730400301.0000024696C57000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C57000
|
| Size: |
57344
|
|
|
C3EE6FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.389508278.000000C3EE6FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C3EE6FF000
|
| Size: |
4096
|
|
|
252DDAB6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.390419983.00000252DDAB6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB6000
|
| Size: |
8192
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.860313738.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
36864
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.663950422.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
3253000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.616469258.0000000003253000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3253000
|
| Size: |
4096
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.850283477.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.671783161.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
252DDACA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.821566420.00000252DDACA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACA000
|
| Size: |
8192
|
|
|
17B0E107000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.631600173.0000017B0E107000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0E107000
|
| Size: |
8192
|
|
|
29E0000
|
remote allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.350547785.00000000029E0000.00000004.00000400.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
remote allocation
|
| Protect: |
page read and write
|
| Base address: |
29E0000
|
| Size: |
4096
|
|
|
22DDF168000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.489961566.0000022DDF168000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF168000
|
| Size: |
20480
|
|
|
3278000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.850032952.0000000003278000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3278000
|
| Size: |
4096
|
|
|
10E4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.470890525.00000000010E4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E4000
|
| Size: |
45056
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
22DDE913000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.506221660.0000022DDE913000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE913000
|
| Size: |
8192
|
|
|
24696C6D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.625071492.0000024696C6D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C6D000
|
| Size: |
4096
|
|
|
24694D4E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.815774278.0000024694D4E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4E000
|
| Size: |
4096
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.693448565.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
3278000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.764523210.0000000003278000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3278000
|
| Size: |
4096
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.833221636.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
36864
|
|
|
24696C5D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.382175248.0000024696C5D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C5D000
|
| Size: |
8192
|
|
|
17B0E107000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.667436377.0000017B0E107000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0E107000
|
| Size: |
4096
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.821574663.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
36864
|
|
|
326A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.575674297.000000000326A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326A000
|
| Size: |
4096
|
|
|
F129BFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.505967498.000000F129BFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F129BFF000
|
| Size: |
4096
|
|
|
325D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.488898192.000000000325D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
325D000
|
| Size: |
16384
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.639603135.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
252DDAD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.614677857.00000252DDAD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD4000
|
| Size: |
8192
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.597428139.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.650542166.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
252DDAD2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.528069344.00000252DDAD2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD2000
|
| Size: |
4096
|
|
|
10DD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.449771389.00000000010DD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10DD000
|
| Size: |
4096
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.693468040.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
10ED000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.410947096.00000000010ED000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10ED000
|
| Size: |
8192
|
|
|
3276000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.839644170.0000000003276000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3276000
|
| Size: |
4096
|
|
|
1ECE964A000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.441236983.000001ECE964A000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1ECE964A000
|
| Size: |
24576
|
|
|
3269000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.816920977.0000000003269000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3269000
|
| Size: |
8192
|
|
|
3263000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.805233290.0000000003263000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3263000
|
| Size: |
8192
|
|
|
252DDABF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.748146435.00000252DDABF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDABF000
|
| Size: |
4096
|
|
|
4A0757E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.408196989.0000004A0757E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4A0757E000
|
| Size: |
8192
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.849964928.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
3276000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.726435983.0000000003276000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3276000
|
| Size: |
4096
|
|
|
252DDACA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.652475604.00000252DDACA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACA000
|
| Size: |
8192
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.773198307.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
24694D4D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.756314469.0000024694D4D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4D000
|
| Size: |
8192
|
|
|
27A93102000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.389663956.0000027A93102000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
27A93102000
|
| Size: |
16384
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.722763070.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
36864
|
|
|
7FFD77920000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000006.00000002.860739411.00007FFD77920000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FFD77920000
|
| Size: |
24576
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.650551741.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.726416968.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
25CB5256000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.493515552.0000025CB5256000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
25CB5256000
|
| Size: |
28672
|
|
|
FAC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.859525006.0000000000FAC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
FAC000
|
| Size: |
16384
|
|
|
10EE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.413145382.00000000010EE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10EE000
|
| Size: |
4096
|
|
|
22DDE8BB000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.506142574.0000022DDE8BB000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE8BB000
|
| Size: |
24576
|
|
|
252DDAD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.692174730.00000252DDAD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD4000
|
| Size: |
8192
|
|
|
3263000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.663643131.0000000003263000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3263000
|
| Size: |
12288
|
|
|
22DDF1C1000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.484635830.0000022DDF1C1000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF1C1000
|
| Size: |
126976
|
|
|
3270000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.715027819.0000000003270000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3270000
|
| Size: |
4096
|
|
|
F92B77E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.493795101.000000F92B77E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F92B77E000
|
| Size: |
8192
|
|
|
3263000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.566103728.0000000003263000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3263000
|
| Size: |
12288
|
|
|
22DDF19B000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.491696649.0000022DDF19B000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF19B000
|
| Size: |
8192
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.828691352.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
17B0C1FB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.802911293.0000017B0C1FB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FB000
|
| Size: |
16384
|
|
|
252DBD65000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.860002561.00000252DBD65000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DBD65000
|
| Size: |
32768
|
|
|
3269000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.737691978.0000000003269000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3269000
|
| Size: |
8192
|
|
|
3253000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.764445182.0000000003253000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3253000
|
| Size: |
4096
|
|
|
481CCFA000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.859713914.000000481CCFA000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
481CCFA000
|
| Size: |
24576
|
|
|
1C885D18000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.529279980.000001C885D18000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C885D18000
|
| Size: |
4096
|
|
|
73309FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.859489178.00000073309FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
73309FE000
|
| Size: |
8192
|
|
|
22DDE916000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.506227311.0000022DDE916000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE916000
|
| Size: |
4096
|
|
|
19BBDC52000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.407403247.0000019BBDC52000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
19BBDC52000
|
| Size: |
16384
|
|
|
7FFD7792C000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000002.860926722.00007FFD7792C000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FFD7792C000
|
| Size: |
8192
|
|
|
244E6D6A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000017.00000003.564635138.00000244E6D6A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
244E6D6A000
|
| Size: |
4096
|
|
|
17B0C1FD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.363868024.0000017B0C1FD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FD000
|
| Size: |
8192
|
|
|
3269000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.828871009.0000000003269000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3269000
|
| Size: |
8192
|
|
|
7FFD77900000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000002.860806233.00007FFD77900000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FFD77900000
|
| Size: |
4096
|
|
|
252DDAC9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.586199535.00000252DDAC9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC9000
|
| Size: |
8192
|
|
|
252DDAB8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.660489857.00000252DDAB8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB8000
|
| Size: |
28672
|
|
|
24696C63000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.586115102.0000024696C63000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C63000
|
| Size: |
4096
|
|
|
3269000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.860458113.0000000003269000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3269000
|
| Size: |
8192
|
|
|
3276000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.703905359.0000000003276000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3276000
|
| Size: |
4096
|
|
|
24696C57000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.719401559.0000024696C57000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C57000
|
| Size: |
57344
|
|
|
22DDE85A000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.506064480.0000022DDE85A000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE85A000
|
| Size: |
81920
|
|
|
24694D4E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.606109252.0000024694D4E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4E000
|
| Size: |
4096
|
|
|
1C88ACE2000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.861519580.000001C88ACE2000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C88ACE2000
|
| Size: |
4096
|
|
|
17B0E107000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.539213236.0000017B0E107000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0E107000
|
| Size: |
4096
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.597236832.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
24696C63000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.678154061.0000024696C63000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C63000
|
| Size: |
4096
|
|
|
252DDAC2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.556206846.00000252DDAC2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC2000
|
| Size: |
4096
|
|
|
252DDAD2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.565859837.00000252DDAD2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD2000
|
| Size: |
4096
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.607685158.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
3278000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.817179672.0000000003278000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3278000
|
| Size: |
4096
|
|
|
3270000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.860497348.0000000003270000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3270000
|
| Size: |
4096
|
|
|
7FFD77900000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000006.00000002.860650347.00007FFD77900000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FFD77900000
|
| Size: |
4096
|
|
|
1C885479000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.860233570.000001C885479000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C885479000
|
| Size: |
4096
|
|
|
252DBD6F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.860014506.00000252DBD6F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DBD6F000
|
| Size: |
319488
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
| URLs found in memory or binary data |
Networking |
|
|
|
252DDAC9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.574030244.00000252DDAC9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC9000
|
| Size: |
8192
|
|
|
22DDF186000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.492423327.0000022DDF186000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF186000
|
| Size: |
8192
|
|
|
1087000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.737877654.0000000001087000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1087000
|
| Size: |
212992
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3FCBF7C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.859335970.0000003FCBF7C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3FCBF7C000
|
| Size: |
16384
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.853581880.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
36864
|
|
|
17B0C1FA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.386639795.0000017B0C1FA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FA000
|
| Size: |
12288
|
|
|
22DDF19A000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.489388155.0000022DDF19A000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF19A000
|
| Size: |
4096
|
|
|
252DDAD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.633541732.00000252DDAD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD4000
|
| Size: |
8192
|
|
|
10E4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.488959384.00000000010E4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E4000
|
| Size: |
45056
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
22DDF602000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.493892554.0000022DDF602000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF602000
|
| Size: |
794624
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.703858469.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
24696E9B000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.860647896.0000024696E9B000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
24696E9B000
|
| Size: |
126976
|
|
|
25CB54F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.493935024.0000025CB54F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
25CB54F0000
|
| Size: |
12288
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.769196658.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3251000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.557292112.0000000003251000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3251000
|
| Size: |
12288
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.671631908.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
3253000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.650511639.0000000003253000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3253000
|
| Size: |
4096
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.565850558.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
4096
|
|
|
3278000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.693314373.0000000003278000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3278000
|
| Size: |
4096
|
|
|
10E5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.639662190.00000000010E5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E5000
|
| Size: |
40960
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
1087000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.850337492.0000000001087000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1087000
|
| Size: |
212992
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
22DDE83C000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.506037978.0000022DDE83C000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE83C000
|
| Size: |
45056
|
|
|
244E6FA5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000017.00000002.859842260.00000244E6FA5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
244E6FA5000
|
| Size: |
12288
|
|
|
3256000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.805223112.0000000003256000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3256000
|
| Size: |
24576
|
|
|
24696C58000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.614572661.0000024696C58000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C58000
|
| Size: |
24576
|
|
|
252DDAB9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.546529147.00000252DDAB9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB9000
|
| Size: |
20480
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.678586541.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
417792
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.607661803.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
3263000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.607440781.0000000003263000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3263000
|
| Size: |
12288
|
|
|
3278000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.797246473.0000000003278000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3278000
|
| Size: |
4096
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.671790053.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.839365841.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
244E6FA9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000017.00000002.859858856.00000244E6FA9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
244E6FA9000
|
| Size: |
4096
|
|
|
24694D4E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.489424695.0000024694D4E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4E000
|
| Size: |
4096
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.812438183.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
36864
|
|
|
24694D4A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.815760833.0000024694D4A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4A000
|
| Size: |
4096
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.628008598.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
1C88AA54000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.518768061.000001C88AA54000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C88AA54000
|
| Size: |
4096
|
|
|
25CB5230000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.493847528.0000025CB5230000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
25CB5230000
|
| Size: |
40960
|
|
|
24696C5E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.467792685.0000024696C5E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C5E000
|
| Size: |
4096
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.773219906.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
19BBDC00000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.408216469.0000019BBDC00000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
19BBDC00000
|
| Size: |
73728
|
|
|
7FFD77920000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000001.00000002.860679011.00007FFD77920000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FFD77920000
|
| Size: |
24576
|
|
|
24694D4D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.434021642.0000024694D4D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4D000
|
| Size: |
8192
|
|
|
1C885350000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.859754122.000001C885350000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C885350000
|
| Size: |
4096
|
|
|
17B0C1FA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.407822743.0000017B0C1FA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FA000
|
| Size: |
12288
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.639469927.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.731962539.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
24694D4D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.576776510.0000024694D4D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4D000
|
| Size: |
8192
|
|
|
328B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.557508362.000000000328B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328B000
|
| Size: |
4096
|
|
|
252DDACA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.776089570.00000252DDACA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACA000
|
| Size: |
8192
|
|
|
1C885D13000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.860621591.000001C885D13000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C885D13000
|
| Size: |
20480
|
|
|
1C885BE1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.860521577.000001C885BE1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C885BE1000
|
| Size: |
4096
|
|
|
17B0C138000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.715744098.0000017B0C138000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C138000
|
| Size: |
188416
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
| URLs found in memory or binary data |
Networking |
|
|
|
22DDE888000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.505718353.0000022DDE888000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE888000
|
| Size: |
24576
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.681486482.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
7FFD7791E000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000006.00000002.860718393.00007FFD7791E000.00000020.00000001.01000000.00000003.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
7FFD7791E000
|
| Size: |
4096
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.616499014.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
24694D4C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.403305521.0000024694D4C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4C000
|
| Size: |
12288
|
|
|
25CB525E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.493526130.0000025CB525E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
25CB525E000
|
| Size: |
8192
|
|
|
252DDAC9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.528054535.00000252DDAC9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC9000
|
| Size: |
4096
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.450723320.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
389120
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.734827372.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
36864
|
|
|
17B0C1F6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.428171637.0000017B0C1F6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1F6000
|
| Size: |
8192
|
|
|
252DDAB8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.606658069.00000252DDAB8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB8000
|
| Size: |
28672
|
|
|
24694D44000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.422973187.0000024694D44000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D44000
|
| Size: |
4096
|
|
|
22DDE851000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.505278236.0000022DDE851000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE851000
|
| Size: |
12288
|
|
|
3278000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.737736611.0000000003278000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3278000
|
| Size: |
4096
|
|
|
252DDAD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.597899600.00000252DDAD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD4000
|
| Size: |
8192
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.797234903.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
252DDAB8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.401454727.00000252DDAB8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB8000
|
| Size: |
4096
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.715201999.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
3253000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.773101494.0000000003253000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3253000
|
| Size: |
4096
|
|
|
10EE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.361493105.00000000010EE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10EE000
|
| Size: |
4096
|
|
|
3256000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.860438549.0000000003256000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3256000
|
| Size: |
24576
|
|
|
252DDAC8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.440117259.00000252DDAC8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC8000
|
| Size: |
4096
|
|
|
252DDAB8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.652531011.00000252DDAB8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB8000
|
| Size: |
28672
|
|
|
252DDAC9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.565808468.00000252DDAC9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC9000
|
| Size: |
8192
|
|
|
24694D4D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.597579173.0000024694D4D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4D000
|
| Size: |
8192
|
|
|
24696C59000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.709406638.0000024696C59000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C59000
|
| Size: |
45056
|
|
|
24696C5F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.606185428.0000024696C5F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C5F000
|
| Size: |
4096
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.597435913.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
3276000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.726665996.0000000003276000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3276000
|
| Size: |
4096
|
|
|
108C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.817261148.000000000108C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
108C000
|
| Size: |
192512
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
19BBDC13000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.408227842.0000019BBDC13000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
19BBDC13000
|
| Size: |
90112
|
|
|
252DDCE0000
|
direct allocation
|
page execute read
|
|
|
|
| Name: |
00000001.00000002.860401788.00000252DDCE0000.00000020.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute read
|
| Base address: |
252DDCE0000
|
| Size: |
176128
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara signature match |
System Summary |
|
|
|
17B0C1FC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.731909632.0000017B0C1FC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FC000
|
| Size: |
12288
|
|
|
24696C5F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.597758359.0000024696C5F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C5F000
|
| Size: |
4096
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.639567337.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.737706439.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.588801557.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
10E5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.400795799.00000000010E5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E5000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
10E7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.361323160.00000000010E7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E7000
|
| Size: |
4096
|
|
|
25CB51B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.493837621.0000025CB51B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
25CB51B0000
|
| Size: |
4096
|
|
|
24694D4C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.382316836.0000024694D4C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4C000
|
| Size: |
12288
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.805491859.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
F12938D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.505912697.000000F12938D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F12938D000
|
| Size: |
12288
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.544884597.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
252DDAC3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.390285865.00000252DDAC3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC3000
|
| Size: |
8192
|
|
|
1ECE9470000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.441766818.000001ECE9470000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1ECE9470000
|
| Size: |
8192
|
|
|
3268000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.597212274.0000000003268000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3268000
|
| Size: |
12288
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.496057753.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
413696
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
24696C6D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.565503948.0000024696C6D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C6D000
|
| Size: |
4096
|
|
|
10EC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.764747103.00000000010EC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10EC000
|
| Size: |
12288
|
|
|
10E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.737793258.00000000010E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E3000
|
| Size: |
49152
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
24694CBD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.859849483.0000024694CBD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694CBD000
|
| Size: |
86016
|
|
|
252DDAD5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.574153729.00000252DDAD5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD5000
|
| Size: |
4096
|
|
|
22DDF100000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.506238197.0000022DDF100000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF100000
|
| Size: |
45056
|
|
|
22DDEF90000
|
remote allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.483397362.0000022DDEF90000.00000004.00000400.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
remote allocation
|
| Protect: |
page read and write
|
| Base address: |
22DDEF90000
|
| Size: |
4096
|
|
|
24694D4C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.422982246.0000024694D4C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4C000
|
| Size: |
12288
|
|
|
B9B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.859399158.0000000000B9B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B9B000
|
| Size: |
20480
|
|
|
3267000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.532965895.0000000003267000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3267000
|
| Size: |
16384
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.785494986.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
19BBE402000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.408320846.0000019BBE402000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
19BBE402000
|
| Size: |
4096
|
|
|
27A9303C000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.389605451.0000027A9303C000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
27A9303C000
|
| Size: |
81920
|
|
|
1ECE9708000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.441911748.000001ECE9708000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1ECE9708000
|
| Size: |
24576
|
|
|
22DDF1CD000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.489659172.0000022DDF1CD000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF1CD000
|
| Size: |
61440
|
|
|
3263000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.693263269.0000000003263000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3263000
|
| Size: |
20480
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.652482599.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
24576
|
|
|
3278000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.671805256.0000000003278000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3278000
|
| Size: |
4096
|
|
|
17B0C1FD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.363260412.0000017B0C1FD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FD000
|
| Size: |
8192
|
|
|
25CB525E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.493454692.0000025CB525E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
25CB525E000
|
| Size: |
8192
|
|
|
17B0C1F4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.583956689.0000017B0C1F4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1F4000
|
| Size: |
4096
|
|
|
3270000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.726642569.0000000003270000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3270000
|
| Size: |
4096
|
|
|
17B0C100000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.859530995.0000017B0C100000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C100000
|
| Size: |
24576
|
|
|
24696C61000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.510632932.0000024696C61000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C61000
|
| Size: |
8192
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.597269785.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
9ACFB7F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.441734324.0000009ACFB7F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9ACFB7F000
|
| Size: |
4096
|
|
|
252DDAC2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.519941829.00000252DDAC2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC2000
|
| Size: |
4096
|
|
|
3256000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.816910457.0000000003256000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3256000
|
| Size: |
24576
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.589025914.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
10E4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.449574804.00000000010E4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E4000
|
| Size: |
45056
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.849992065.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
252DDABF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.785285178.00000252DDABF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDABF000
|
| Size: |
4096
|
|
|
252DDACA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.795273336.00000252DDACA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACA000
|
| Size: |
8192
|
|
|
1C88AA31000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.518553274.000001C88AA31000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C88AA31000
|
| Size: |
4096
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.839374451.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.756459807.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
17B0C1FB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.822962281.0000017B0C1FB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FB000
|
| Size: |
16384
|
|
|
252DDAC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.556138822.00000252DDAC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC0000
|
| Size: |
12288
|
|
|
24694D4C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.519780799.0000024694D4C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4C000
|
| Size: |
12288
|
|
|
252DDAC2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.476613265.00000252DDAC2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC2000
|
| Size: |
4096
|
|
|
244E6CD0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000017.00000002.859579712.00000244E6CD0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
244E6CD0000
|
| Size: |
8192
|
|
|
73308FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.859461416.00000073308FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
73308FF000
|
| Size: |
4096
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.597472686.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.715222340.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
1ECE9400000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.441754684.000001ECE9400000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1ECE9400000
|
| Size: |
4096
|
|
|
10E5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.850116784.00000000010E5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E5000
|
| Size: |
40960
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
24696C5D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.446786151.0000024696C5D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C5D000
|
| Size: |
8192
|
|
|
1ECE9613000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.441795954.000001ECE9613000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1ECE9613000
|
| Size: |
77824
|
|
|
24694D4E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.480381409.0000024694D4E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4E000
|
| Size: |
4096
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.550411838.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
413696
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
24694D45000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.414017282.0000024694D45000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D45000
|
| Size: |
4096
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.671774843.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
10E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.361474829.00000000010E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E3000
|
| Size: |
20480
|
|
|
24694D4E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.395129320.0000024694D4E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4E000
|
| Size: |
4096
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.681799582.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
17B0C1F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.439874979.0000017B0C1F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1F0000
|
| Size: |
8192
|
|
|
10E9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.441455138.00000000010E9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E9000
|
| Size: |
24576
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.616525819.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
1087000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.413209941.0000000001087000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1087000
|
| Size: |
212992
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.576064963.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
7FFD7793B000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000002.860963847.00007FFD7793B000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FFD7793B000
|
| Size: |
4096
|
|
|
24694D48000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.363872303.0000024694D48000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D48000
|
| Size: |
20480
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.566170050.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
17B0C1FA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.395749626.0000017B0C1FA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FA000
|
| Size: |
12288
|
|
|
7FFD7793B000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000006.00000002.860837969.00007FFD7793B000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FFD7793B000
|
| Size: |
4096
|
|
|
106E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.859920647.000000000106E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
106E000
|
| Size: |
102400
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
252DDAD1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.410640693.00000252DDAD1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD1000
|
| Size: |
4096
|
|
|
2A79000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.860141320.0000000002A79000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2A79000
|
| Size: |
28672
|
|
|
19BBDC8D000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.408297852.0000019BBDC8D000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
19BBDC8D000
|
| Size: |
20480
|
|
|
252DDAC9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.586087774.00000252DDAC9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC9000
|
| Size: |
8192
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.764678752.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
C3EE67B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.389499855.000000C3EE67B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C3EE67B000
|
| Size: |
20480
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.607672402.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
10EC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.764798962.00000000010EC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10EC000
|
| Size: |
12288
|
|
|
3268000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.597409441.0000000003268000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3268000
|
| Size: |
12288
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.557501646.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
3253000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.805216523.0000000003253000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3253000
|
| Size: |
4096
|
|
|
24696C6D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.586124462.0000024696C6D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C6D000
|
| Size: |
4096
|
|
|
24694D4C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.697950082.0000024694D4C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4C000
|
| Size: |
12288
|
|
|
27A93078000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000008.00000003.389181217.0000027A93078000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
27A93078000
|
| Size: |
36864
|
|
|
22DDF180000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.484549231.0000022DDF180000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF180000
|
| Size: |
114688
|
|
|
246966E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.860255071.00000246966E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
246966E0000
|
| Size: |
20480
|
|
|
AE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.859383138.0000000000AE0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AE0000
|
| Size: |
4096
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.627869528.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
7FD387A000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000017.00000002.859445499.0000007FD387A000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7FD387A000
|
| Size: |
24576
|
|
|
EE5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.859450868.0000000000EE5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EE5000
|
| Size: |
32768
|
|
|
3259000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.746580546.0000000003259000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3259000
|
| Size: |
4096
|
|
|
10ED000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.382857501.00000000010ED000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10ED000
|
| Size: |
8192
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.746885940.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
17B0E107000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.710609282.0000017B0E107000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0E107000
|
| Size: |
4096
|
|
|
3270000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.805269374.0000000003270000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3270000
|
| Size: |
4096
|
|
|
C3EE97B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.389525396.000000C3EE97B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C3EE97B000
|
| Size: |
20480
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.566585309.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
22DDF186000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.493515784.0000022DDF186000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF186000
|
| Size: |
61440
|
|
|
C3EE77E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.389513644.000000C3EE77E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C3EE77E000
|
| Size: |
8192
|
|
|
252DDAC9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.556213953.00000252DDAC9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC9000
|
| Size: |
8192
|
|
|
17B0DF10000
|
remote allocation
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.352192264.0000017B0DF10000.00000004.00000400.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
remote allocation
|
| Protect: |
page read and write
|
| Base address: |
17B0DF10000
|
| Size: |
4096
|
|
|
17B0E104000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.620979656.0000017B0E104000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0E104000
|
| Size: |
4096
|
|
|
1ECE9702000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.441894770.000001ECE9702000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1ECE9702000
|
| Size: |
12288
|
|
|
17B0C1FB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.715571941.0000017B0C1FB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FB000
|
| Size: |
16384
|
|
|
24694D47000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.614340516.0000024694D47000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D47000
|
| Size: |
4096
|
|
|
252DDABF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.853571501.00000252DDABF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDABF000
|
| Size: |
4096
|
|
|
24696C50000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.860403912.0000024696C50000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C50000
|
| Size: |
20480
|
|
|
17B0C1FD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.572943443.0000017B0C1FD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FD000
|
| Size: |
8192
|
|
|
7FFD77927000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.860860975.00007FFD77927000.00000004.00000001.01000000.00000003.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
7FFD77927000
|
| Size: |
8192
|
|
|
305F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.860364183.000000000305F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
305F000
|
| Size: |
4096
|
|
|
22DDF10C000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.506247040.0000022DDF10C000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF10C000
|
| Size: |
57344
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.805249992.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
10E4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.462319073.00000000010E4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E4000
|
| Size: |
45056
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.703871054.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
252DDAB8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.833288776.00000252DDAB8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB8000
|
| Size: |
28672
|
|
|
24696C6D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.860476282.0000024696C6D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C6D000
|
| Size: |
4096
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.773285339.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
17B0C1F9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.419812043.0000017B0C1F9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1F9000
|
| Size: |
4096
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.660268147.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
24576
|
|
|
10DE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.817041285.00000000010DE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10DE000
|
| Size: |
4096
|
|
|
4A06DEE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.408157931.0000004A06DEE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4A06DEE000
|
| Size: |
8192
|
|
|
24696C63000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.597767263.0000024696C63000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C63000
|
| Size: |
4096
|
|
|
E74787D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.859582226.000000E74787D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E74787D000
|
| Size: |
12288
|
|
|
24696C55000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.815849888.0000024696C55000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C55000
|
| Size: |
8192
|
|
|
24696C63000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.624903829.0000024696C63000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C63000
|
| Size: |
4096
|
|
|
17B0C1F9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.363975515.0000017B0C1F9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1F9000
|
| Size: |
8192
|
|
|
17B0C220000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.859995434.0000017B0C220000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C220000
|
| Size: |
4096
|
|
|
252DDACA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.712052950.00000252DDACA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACA000
|
| Size: |
8192
|
|
|
17B0E104000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.439985942.0000017B0E104000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0E104000
|
| Size: |
4096
|
|
|
1C885489000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.860284209.000001C885489000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C885489000
|
| Size: |
16384
|
|
|
10DD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.462304578.00000000010DD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10DD000
|
| Size: |
4096
|
|
|
7FFD7792C000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000001.00000002.860706612.00007FFD7792C000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FFD7792C000
|
| Size: |
8192
|
|
|
10E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.371797899.00000000010E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E1000
|
| Size: |
24576
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
24696C6D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.782799018.0000024696C6D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C6D000
|
| Size: |
4096
|
|
|
252DDAC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.368939048.00000252DDAC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC1000
|
| Size: |
4096
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.758061061.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
22DDE7A0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.505997981.0000022DDE7A0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE7A0000
|
| Size: |
4096
|
|
|
19BBDC4A000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.407877044.0000019BBDC4A000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
19BBDC4A000
|
| Size: |
12288
|
|
|
24696C6D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.690204735.0000024696C6D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C6D000
|
| Size: |
4096
|
|
|
17B0C1FB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.841977409.0000017B0C1FB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FB000
|
| Size: |
16384
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.764642563.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
17B0C1FC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.746249249.0000017B0C1FC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FC000
|
| Size: |
12288
|
|
|
326A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.663654269.000000000326A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326A000
|
| Size: |
4096
|
|
|
1C88ACFD000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.861575993.000001C88ACFD000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C88ACFD000
|
| Size: |
4096
|
|
|
24694D4E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.860097136.0000024694D4E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4E000
|
| Size: |
4096
|
|
|
3278000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.805513993.0000000003278000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3278000
|
| Size: |
4096
|
|
|
1C885490000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.860319949.000001C885490000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C885490000
|
| Size: |
49152
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.756621262.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
24694D4B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.554670051.0000024694D4B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4B000
|
| Size: |
8192
|
|
|
3258000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.773116129.0000000003258000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3258000
|
| Size: |
8192
|
|
|
24696C61000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.531125670.0000024696C61000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C61000
|
| Size: |
8192
|
|
|
24696C5D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.374034468.0000024696C5D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C5D000
|
| Size: |
8192
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.576057906.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
17B0BFC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.859516483.0000017B0BFC0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0BFC0000
|
| Size: |
4096
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.671592572.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
17B0C1F7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.474917893.0000017B0C1F7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1F7000
|
| Size: |
32768
|
|
|
252DDAC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.546603376.00000252DDAC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC0000
|
| Size: |
8192
|
|
|
304E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.860347907.000000000304E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
304E000
|
| Size: |
8192
|
|
|
10E5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.418616263.00000000010E5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E5000
|
| Size: |
20480
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
7FFD77901000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000001.00000002.860628023.00007FFD77901000.00000020.00000001.01000000.00000003.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
7FFD77901000
|
| Size: |
94208
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.726651338.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
22DDF128000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.506265117.0000022DDF128000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF128000
|
| Size: |
196608
|
|
|
7FFD7792C000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000005.00000002.860873241.00007FFD7792C000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FFD7792C000
|
| Size: |
8192
|
|
|
244E6D71000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000017.00000003.564420311.00000244E6D71000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
244E6D71000
|
| Size: |
8192
|
|
|
24694D42000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.374148543.0000024694D42000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D42000
|
| Size: |
12288
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.606559360.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
4096
|
|
|
22DDE770000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.505993713.0000022DDE770000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
22DDE770000
|
| Size: |
12288
|
|
|
252DDAB8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.860290019.00000252DDAB8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB8000
|
| Size: |
28672
|
|
|
3263000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.616482616.0000000003263000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3263000
|
| Size: |
4096
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.748166434.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
36864
|
|
|
252DDAB9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.499487590.00000252DDAB9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB9000
|
| Size: |
20480
|
|
|
BD0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.859418614.0000000000BD0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BD0000
|
| Size: |
12288
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.764531795.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
17B0C3D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.860097524.0000017B0C3D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C3D0000
|
| Size: |
12288
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.589020622.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
24694C5E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.859669092.0000024694C5E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694C5E000
|
| Size: |
57344
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.607484987.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
3251000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.532929239.0000000003251000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3251000
|
| Size: |
12288
|
|
|
10E5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.828794323.00000000010E5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E5000
|
| Size: |
40960
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
10E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.391374882.00000000010E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E0000
|
| Size: |
4096
|
|
|
252DDAB8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.712130009.00000252DDAB8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB8000
|
| Size: |
28672
|
|
|
10E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.756674989.00000000010E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E3000
|
| Size: |
32768
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
1085000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.839709744.0000000001085000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1085000
|
| Size: |
8192
|
|
|
244E6D20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000017.00000002.859647246.00000244E6D20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
244E6D20000
|
| Size: |
24576
|
|
|
1085000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.449864688.0000000001085000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1085000
|
| Size: |
20480
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.663678875.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
3270000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.805474356.0000000003270000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3270000
|
| Size: |
4096
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.616664476.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
1087000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.639763229.0000000001087000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1087000
|
| Size: |
212992
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
22DDF1A9000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.486905127.0000022DDF1A9000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF1A9000
|
| Size: |
90112
|
|
|
24696C6D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.624968498.0000024696C6D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C6D000
|
| Size: |
4096
|
|
|
3278000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.681814566.0000000003278000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3278000
|
| Size: |
4096
|
|
|
10ED000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.371741922.00000000010ED000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10ED000
|
| Size: |
8192
|
|
|
10EE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.413079115.00000000010EE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10EE000
|
| Size: |
4096
|
|
|
24694CD3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.859881429.0000024694CD3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694CD3000
|
| Size: |
65536
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
3276000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.746714702.0000000003276000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3276000
|
| Size: |
4096
|
|
|
252DDACA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.734813832.00000252DDACA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACA000
|
| Size: |
8192
|
|
|
252DDACA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.670378529.00000252DDACA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACA000
|
| Size: |
8192
|
|
|
7FFD77930000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000006.00000002.860826612.00007FFD77930000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FFD77930000
|
| Size: |
4096
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.616707912.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.538828333.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
413696
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
24694D4D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.719334907.0000024694D4D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4D000
|
| Size: |
8192
|
|
|
24696A60000
|
remote allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.352041176.0000024696A60000.00000004.00000400.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
remote allocation
|
| Protect: |
page read and write
|
| Base address: |
24696A60000
|
| Size: |
4096
|
|
|
22DDF002000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.506232761.0000022DDF002000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF002000
|
| Size: |
4096
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.816953705.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
3278000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.703775659.0000000003278000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3278000
|
| Size: |
4096
|
|
|
252DDAC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.528169228.00000252DDAC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC0000
|
| Size: |
8192
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.663916713.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.773337573.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
252DBCED000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.859810526.00000252DBCED000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DBCED000
|
| Size: |
20480
|
|
|
17B0C1F1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.428159911.0000017B0C1F1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1F1000
|
| Size: |
4096
|
|
|
1C886303000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.860707325.000001C886303000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C886303000
|
| Size: |
4096
|
|
|
22DDF602000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.487097311.0000022DDF602000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF602000
|
| Size: |
73728
|
|
|
244E7B60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000017.00000003.577594284.00000244E7B60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
244E7B60000
|
| Size: |
20480
|
|
|
244E6B90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000017.00000002.859530272.00000244E6B90000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
244E6B90000
|
| Size: |
4096
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.828627058.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.650663586.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
7FFD77901000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000004.00000002.860814865.00007FFD77901000.00000020.00000001.01000000.00000003.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
7FFD77901000
|
| Size: |
94208
|
|
|
3270000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.764633811.0000000003270000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3270000
|
| Size: |
4096
|
|
|
24694D4C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.374155101.0000024694D4C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4C000
|
| Size: |
12288
|
|
|
3253000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.627756131.0000000003253000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3253000
|
| Size: |
4096
|
|
|
7330CFD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.859556355.0000007330CFD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7330CFD000
|
| Size: |
12288
|
|
|
22DDF1B3000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.487025911.0000022DDF1B3000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF1B3000
|
| Size: |
73728
|
|
|
252DDAB8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.624901165.00000252DDAB8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB8000
|
| Size: |
28672
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.681821654.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.773325724.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
7FFD7791E000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000005.00000002.860837085.00007FFD7791E000.00000020.00000001.01000000.00000003.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
7FFD7791E000
|
| Size: |
4096
|
|
|
3276000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.737730167.0000000003276000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3276000
|
| Size: |
4096
|
|
|
2FCD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.860314507.0000000002FCD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2FCD000
|
| Size: |
12288
|
|
|
252DDAD1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.556160328.00000252DDAD1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD1000
|
| Size: |
8192
|
|
|
19BBDC4D000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.407821702.0000019BBDC4D000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
19BBDC4D000
|
| Size: |
8192
|
|
|
10E9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.413139325.00000000010E9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E9000
|
| Size: |
4096
|
|
|
3276000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.797142003.0000000003276000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3276000
|
| Size: |
4096
|
|
|
1ECE964B000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.441840300.000001ECE964B000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1ECE964B000
|
| Size: |
20480
|
|
|
3270000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.797123273.0000000003270000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3270000
|
| Size: |
4096
|
|
|
29E0000
|
remote allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.350797192.00000000029E0000.00000004.00000400.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
remote allocation
|
| Protect: |
page read and write
|
| Base address: |
29E0000
|
| Size: |
4096
|
|
|
22DDF186000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.485907309.0000022DDF186000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF186000
|
| Size: |
61440
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.849998606.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
10ED000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.411042199.00000000010ED000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10ED000
|
| Size: |
8192
|
|
|
24694D4C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.531181909.0000024694D4C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4C000
|
| Size: |
12288
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.667002049.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
417792
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
24696C59000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.828066480.0000024696C59000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C59000
|
| Size: |
53248
|
|
|
252DDACA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.767157756.00000252DDACA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACA000
|
| Size: |
8192
|
|
|
252DDABF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.381393441.00000252DDABF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDABF000
|
| Size: |
16384
|
|
|
E7475FB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.859452154.000000E7475FB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E7475FB000
|
| Size: |
20480
|
|
|
17B0C1FB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.603010675.0000017B0C1FB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FB000
|
| Size: |
4096
|
|
|
17B0C290000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.860014008.0000017B0C290000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C290000
|
| Size: |
4096
|
|
|
252DDABF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.624754200.00000252DDABF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDABF000
|
| Size: |
4096
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.588783367.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
252DDAC2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.574109316.00000252DDAC2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC2000
|
| Size: |
4096
|
|
|
17B0C1FD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.610620330.0000017B0C1FD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FD000
|
| Size: |
8192
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.746682341.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
252DDAD5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.586238440.00000252DDAD5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD5000
|
| Size: |
4096
|
|
|
24696C57000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.746885237.0000024696C57000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C57000
|
| Size: |
57344
|
|
|
22DDF16C000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.491475989.0000022DDF16C000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF16C000
|
| Size: |
8192
|
|
|
252DDAB8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.803709135.00000252DDAB8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB8000
|
| Size: |
28672
|
|
|
252DDAC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.556325276.00000252DDAC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC0000
|
| Size: |
8192
|
|
|
3276000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.737618474.0000000003276000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3276000
|
| Size: |
4096
|
|
|
7FFD77901000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000005.00000002.860764689.00007FFD77901000.00000020.00000001.01000000.00000003.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
7FFD77901000
|
| Size: |
94208
|
|
|
17B0DF10000
|
remote allocation
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.352401939.0000017B0DF10000.00000004.00000400.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
remote allocation
|
| Protect: |
page read and write
|
| Base address: |
17B0DF10000
|
| Size: |
4096
|
|
|
22DDF186000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.487310329.0000022DDF186000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF186000
|
| Size: |
147456
|
|
|
E74747B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.859411866.000000E74747B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E74747B000
|
| Size: |
20480
|
|
|
17B0C1EF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.386449658.0000017B0C1EF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1EF000
|
| Size: |
4096
|
|
|
7FFD7791E000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000004.00000002.860880876.00007FFD7791E000.00000020.00000001.01000000.00000003.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
7FFD7791E000
|
| Size: |
4096
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.703195258.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
36864
|
|
|
24696C56000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.467919050.0000024696C56000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C56000
|
| Size: |
32768
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3270000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.849985530.0000000003270000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3270000
|
| Size: |
4096
|
|
|
3266000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.671750973.0000000003266000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3266000
|
| Size: |
4096
|
|
|
252DDABF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.812412847.00000252DDABF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDABF000
|
| Size: |
4096
|
|
|
10BC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.839748770.00000000010BC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10BC000
|
| Size: |
135168
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
17B0C1F7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.462530549.0000017B0C1F7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1F7000
|
| Size: |
32768
|
|
|
24696C6D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.597774857.0000024696C6D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C6D000
|
| Size: |
4096
|
|
|
24696C56000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.480446041.0000024696C56000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C56000
|
| Size: |
36864
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3276000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.773204360.0000000003276000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3276000
|
| Size: |
4096
|
|
|
325B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.520658545.000000000325B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
325B000
|
| Size: |
4096
|
|
|
22DDF197000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.493357803.0000022DDF197000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF197000
|
| Size: |
176128
|
|
|
252DDAB8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.722825602.00000252DDAB8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB8000
|
| Size: |
28672
|
|
|
10E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.681665327.00000000010E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E3000
|
| Size: |
49152
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
17B0C191000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.823116757.0000017B0C191000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C191000
|
| Size: |
405504
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
22DDE8AB000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.506126673.0000022DDE8AB000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE8AB000
|
| Size: |
16384
|
|
|
10E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.650705191.00000000010E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E3000
|
| Size: |
4096
|
|
|
19BBDC76000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.408286352.0000019BBDC76000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
19BBDC76000
|
| Size: |
4096
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.764617422.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
22DDF1AE000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.485840071.0000022DDF1AE000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF1AE000
|
| Size: |
90112
|
|
|
252DDAC2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.528046455.00000252DDAC2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC2000
|
| Size: |
4096
|
|
|
17B0C1F9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.428182121.0000017B0C1F9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1F9000
|
| Size: |
24576
|
|
|
24696C63000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.655082472.0000024696C63000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C63000
|
| Size: |
4096
|
|
|
10E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.805373721.00000000010E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E3000
|
| Size: |
49152
|
|
|
1C88AA18000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.518528147.000001C88AA18000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C88AA18000
|
| Size: |
16384
|
|
|
1C88AC84000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.861380056.000001C88AC84000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C88AC84000
|
| Size: |
12288
|
|
|
3253000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.737562774.0000000003253000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3253000
|
| Size: |
4096
|
|
|
25CB5261000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.493459162.0000025CB5261000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
25CB5261000
|
| Size: |
57344
|
|
|
252DDAB8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.670469387.00000252DDAB8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB8000
|
| Size: |
28672
|
|
|
17B0C1FC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.528062135.0000017B0C1FC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FC000
|
| Size: |
12288
|
|
|
24694C95000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.859754329.0000024694C95000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694C95000
|
| Size: |
155648
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
| URLs found in memory or binary data |
Networking |
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.650562200.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
24694D4D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.730337013.0000024694D4D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4D000
|
| Size: |
8192
|
|
|
17B0C3D5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.860122357.0000017B0C3D5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C3D5000
|
| Size: |
28672
|
|
|
325B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.773135431.000000000325B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
325B000
|
| Size: |
4096
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.363202660.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
401408
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.652942103.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
417792
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
24696C59000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.698004683.0000024696C59000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C59000
|
| Size: |
45056
|
|
|
252DDAB8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.812514636.00000252DDAB8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB8000
|
| Size: |
28672
|
|
|
24696C5F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.576848905.0000024696C5F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C5F000
|
| Size: |
4096
|
|
|
24696C61000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.510679653.0000024696C61000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C61000
|
| Size: |
8192
|
|
|
17B0E320000
|
direct allocation
|
page execute read
|
|
|
|
| Name: |
00000006.00000002.860402726.0000017B0E320000.00000020.00001000.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute read
|
| Base address: |
17B0E320000
|
| Size: |
176128
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara signature match |
System Summary |
|
|
|
3270000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.839615683.0000000003270000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3270000
|
| Size: |
4096
|
|
|
10E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.715277706.00000000010E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E3000
|
| Size: |
49152
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
252DDAC9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.536488181.00000252DDAC9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC9000
|
| Size: |
4096
|
|
|
252DDABA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.585918687.00000252DDABA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDABA000
|
| Size: |
36864
|
|
|
326A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.616648459.000000000326A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326A000
|
| Size: |
4096
|
|
|
24696C59000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.678145499.0000024696C59000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C59000
|
| Size: |
36864
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.650650124.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.556270958.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
4096
|
|
|
24696E70000
|
direct allocation
|
page execute read
|
|
|
|
| Name: |
00000005.00000002.860504892.0000024696E70000.00000020.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute read
|
| Base address: |
24696E70000
|
| Size: |
176128
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara signature match |
System Summary |
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.842022925.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3269000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.715005406.0000000003269000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3269000
|
| Size: |
8192
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.693322114.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
252DDAD2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.565938589.00000252DDAD2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD2000
|
| Size: |
4096
|
|
|
252DDABF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.652468572.00000252DDABF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDABF000
|
| Size: |
4096
|
|
|
252DDACA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.803630322.00000252DDACA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACA000
|
| Size: |
8192
|
|
|
3267000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.785373591.0000000003267000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3267000
|
| Size: |
16384
|
|
|
24696C61000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.489366956.0000024696C61000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C61000
|
| Size: |
8192
|
|
|
252DDAD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.624839806.00000252DDAD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD4000
|
| Size: |
8192
|
|
|
244E6D27000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000017.00000002.859689062.00000244E6D27000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
244E6D27000
|
| Size: |
425984
|
|
|
24696C56000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.374221132.0000024696C56000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C56000
|
| Size: |
16384
|
|
|
1C885513000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.860492346.000001C885513000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C885513000
|
| Size: |
12288
|
|
|
24696C56000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.606163576.0000024696C56000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C56000
|
| Size: |
32768
|
|
|
22DDF11B000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.489469925.0000022DDF11B000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF11B000
|
| Size: |
49152
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.764650605.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
252DDD2B000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.860586819.00000252DDD2B000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
252DDD2B000
|
| Size: |
4096
|
|
|
10DD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.413061574.00000000010DD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10DD000
|
| Size: |
8192
|
|
|
10E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.566254333.00000000010E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E3000
|
| Size: |
49152
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
323B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.520795173.000000000323B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
323B000
|
| Size: |
4096
|
|
|
17B0C1F6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.419805692.0000017B0C1F6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1F6000
|
| Size: |
8192
|
|
|
3253000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.839331710.0000000003253000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3253000
|
| Size: |
4096
|
|
|
1088000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.859954205.0000000001088000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1088000
|
| Size: |
208896
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
10E4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.449785481.00000000010E4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E4000
|
| Size: |
20480
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
22DDF19D000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.490937322.0000022DDF19D000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF19D000
|
| Size: |
143360
|
|
|
4A0747E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.408191893.0000004A0747E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4A0747E000
|
| Size: |
8192
|
|
|
3278000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.828939961.0000000003278000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3278000
|
| Size: |
4096
|
|
|
3253000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.566090290.0000000003253000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3253000
|
| Size: |
4096
|
|
|
10E5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.839508298.00000000010E5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E5000
|
| Size: |
40960
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.607678076.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
252DDAD2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.586230448.00000252DDAD2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD2000
|
| Size: |
4096
|
|
|
22DDF1A8000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.487008152.0000022DDF1A8000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF1A8000
|
| Size: |
4096
|
|
|
252DBD6E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.354871847.00000252DBD6E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DBD6E000
|
| Size: |
45056
|
|
|
22DDF166000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.492358605.0000022DDF166000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF166000
|
| Size: |
20480
|
|
|
1C8854AE000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.860393032.000001C8854AE000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C8854AE000
|
| Size: |
45056
|
|
|
25CB525E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.493899651.0000025CB525E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
25CB525E000
|
| Size: |
8192
|
|
|
252DDAB8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.748222129.00000252DDAB8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB8000
|
| Size: |
28672
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.723215707.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.557484806.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
24696C6D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.815873198.0000024696C6D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C6D000
|
| Size: |
4096
|
|
|
3278000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.797147986.0000000003278000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3278000
|
| Size: |
4096
|
|
|
244E6FA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000017.00000002.859830628.00000244E6FA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
244E6FA0000
|
| Size: |
12288
|
|
|
19BBDA20000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.408205376.0000019BBDA20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
19BBDA20000
|
| Size: |
4096
|
|
|
22DDE84B000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.505497155.0000022DDE84B000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE84B000
|
| Size: |
4096
|
|
|
3269000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.850193125.0000000003269000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3269000
|
| Size: |
8192
|
|
|
252DDAB8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.642446313.00000252DDAB8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB8000
|
| Size: |
28672
|
|
|
24696C56000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.510623100.0000024696C56000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C56000
|
| Size: |
28672
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
252DDABA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.565794121.00000252DDABA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDABA000
|
| Size: |
36864
|
|
|
22DDE84D000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.505378023.0000022DDE84D000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE84D000
|
| Size: |
12288
|
|
|
17B0E106000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.519378228.0000017B0E106000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0E106000
|
| Size: |
4096
|
|
|
252DDAB9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.536549741.00000252DDAB9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB9000
|
| Size: |
20480
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.671813559.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
24694D4E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.634839705.0000024694D4E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4E000
|
| Size: |
4096
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.860481309.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
3270000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.737712412.0000000003270000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3270000
|
| Size: |
4096
|
|
|
481CBFA000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.859690409.000000481CBFA000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
481CBFA000
|
| Size: |
24576
|
|
|
24696C5F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.614438687.0000024696C5F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C5F000
|
| Size: |
4096
|
|
|
22DDE902000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.506202694.0000022DDE902000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE902000
|
| Size: |
16384
|
|
|
3278000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.746720663.0000000003278000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3278000
|
| Size: |
4096
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.681599835.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
17B0C1FB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.363380984.0000017B0C1FB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FB000
|
| Size: |
4096
|
|
|
17B0C1F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.859915030.0000017B0C1F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1F0000
|
| Size: |
16384
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.860524903.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
27A9302A000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.389591670.0000027A9302A000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
27A9302A000
|
| Size: |
69632
|
|
|
17B0C1EF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.395566179.0000017B0C1EF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1EF000
|
| Size: |
4096
|
|
|
22DDF1BB000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.489314628.0000022DDF1BB000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF1BB000
|
| Size: |
61440
|
|
|
25CB54F5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.493943165.0000025CB54F5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
25CB54F5000
|
| Size: |
8192
|
|
|
252DDABF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.734801170.00000252DDABF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDABF000
|
| Size: |
4096
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.693278323.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
3268000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.627783568.0000000003268000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3268000
|
| Size: |
12288
|
|
|
252DDAC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.536603612.00000252DDAC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC0000
|
| Size: |
8192
|
|
|
3269000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.681468436.0000000003269000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3269000
|
| Size: |
8192
|
|
|
EF0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.859475902.0000000000EF0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EF0000
|
| Size: |
4096
|
|
|
326A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.693271892.000000000326A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326A000
|
| Size: |
4096
|
|
|
17B0E100000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.860199045.0000017B0E100000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0E100000
|
| Size: |
28672
|
|
|
24696C6D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.614650357.0000024696C6D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C6D000
|
| Size: |
4096
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.628000016.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.597242621.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
252DDAC2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.546422923.00000252DDAC2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC2000
|
| Size: |
4096
|
|
|
10E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.544973196.00000000010E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E3000
|
| Size: |
49152
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
1C88AC3D000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.861305535.000001C88AC3D000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C88AC3D000
|
| Size: |
49152
|
|
|
24694D48000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.363327019.0000024694D48000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D48000
|
| Size: |
28672
|
|
|
252DDAC8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.410557565.00000252DDAC8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC8000
|
| Size: |
8192
|
|
|
1C886400000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.860741646.000001C886400000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C886400000
|
| Size: |
4096
|
|
|
22DDF197000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.493534885.0000022DDF197000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF197000
|
| Size: |
200704
|
|
|
3276000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.805294661.0000000003276000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3276000
|
| Size: |
4096
|
|
|
19BBDA80000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.408209234.0000019BBDA80000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
19BBDA80000
|
| Size: |
8192
|
|
|
252DDAC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.528237530.00000252DDAC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC0000
|
| Size: |
8192
|
|
|
17B0C2F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.860075436.0000017B0C2F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C2F0000
|
| Size: |
20480
|
|
|
24694D50000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.860116705.0000024694D50000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D50000
|
| Size: |
4096
|
|
|
3264000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.726590866.0000000003264000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3264000
|
| Size: |
4096
|
|
|
22DDF186000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.491785472.0000022DDF186000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF186000
|
| Size: |
4096
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.607667601.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
252DDAD0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.440019675.00000252DDAD0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD0000
|
| Size: |
8192
|
|
|
1ECE963C000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.441828217.000001ECE963C000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1ECE963C000
|
| Size: |
57344
|
|
|
3263000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.726366679.0000000003263000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3263000
|
| Size: |
8192
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.474770039.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
389120
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
10E5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.575927545.00000000010E5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E5000
|
| Size: |
40960
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.850223168.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
3270000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.817148167.0000000003270000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3270000
|
| Size: |
4096
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.671585307.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
1C88AB50000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.861178153.000001C88AB50000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C88AB50000
|
| Size: |
4096
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.773175309.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.839635418.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.746708396.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
3263000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.681455491.0000000003263000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3263000
|
| Size: |
16384
|
|
|
1C88AC13000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.861238060.000001C88AC13000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C88AC13000
|
| Size: |
32768
|
|
|
3FCC37D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.859410685.0000003FCC37D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3FCC37D000
|
| Size: |
12288
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.737591652.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
252DDAB8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.767246533.00000252DDAB8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB8000
|
| Size: |
28672
|
|
|
F129977000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.505940583.000000F129977000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F129977000
|
| Size: |
36864
|
|
|
17B0C1FC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.519331046.0000017B0C1FC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FC000
|
| Size: |
12288
|
|
|
9ACF67C000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.441681766.0000009ACF67C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9ACF67C000
|
| Size: |
16384
|
|
|
1ECE9652000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.441848080.000001ECE9652000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1ECE9652000
|
| Size: |
118784
|
|
|
3259000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.520652384.0000000003259000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3259000
|
| Size: |
4096
|
|
|
3253000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.639450457.0000000003253000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3253000
|
| Size: |
4096
|
|
|
3263000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.671563258.0000000003263000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3263000
|
| Size: |
16384
|
|
|
24696C6D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.756423091.0000024696C6D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C6D000
|
| Size: |
4096
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.785145043.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.642381485.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
24576
|
|
|
7330DF9000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.859601049.0000007330DF9000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7330DF9000
|
| Size: |
28672
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.805462117.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
252DDAB9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.486945664.00000252DDAB9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB9000
|
| Size: |
20480
|
|
|
3278000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.726443524.0000000003278000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3278000
|
| Size: |
4096
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.576035892.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.756573017.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.816960465.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
252DDAB8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.843198199.00000252DDAB8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB8000
|
| Size: |
28672
|
|
|
F1296FC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.505919426.000000F1296FC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F1296FC000
|
| Size: |
16384
|
|
|
326A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.663792487.000000000326A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326A000
|
| Size: |
4096
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.715184051.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
1C88AD07000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.528304040.000001C88AD07000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C88AD07000
|
| Size: |
8192
|
|
|
252DDAD1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.556225113.00000252DDAD1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD1000
|
| Size: |
8192
|
|
|
481C3FB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.859475314.000000481C3FB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
481C3FB000
|
| Size: |
20480
|
|
|
252DDABF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.703161359.00000252DDABF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDABF000
|
| Size: |
4096
|
|
|
3234000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.382923526.0000000003234000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3234000
|
| Size: |
12288
|
|
|
17B0C1FB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.832663900.0000017B0C1FB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FB000
|
| Size: |
16384
|
|
|
252DDAC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.499497109.00000252DDAC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC0000
|
| Size: |
8192
|
|
|
17B0E107000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.690945379.0000017B0E107000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0E107000
|
| Size: |
4096
|
|
|
24694D4C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.414033283.0000024694D4C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4C000
|
| Size: |
12288
|
|
|
3450000
|
direct allocation
|
page execute read
|
|
|
|
| Name: |
00000004.00000002.860598009.0000000003450000.00000020.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute read
|
| Base address: |
3450000
|
| Size: |
176128
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara signature match |
System Summary |
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.860469377.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
325D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.489020627.000000000325D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
325D000
|
| Size: |
16384
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.584153048.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
24696C61000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.480310863.0000024696C61000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C61000
|
| Size: |
8192
|
|
|
1C88AA1E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.518543066.000001C88AA1E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C88AA1E000
|
| Size: |
73728
|
|
|
C3EE87C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.389519324.000000C3EE87C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C3EE87C000
|
| Size: |
16384
|
|
|
17B0C1EF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.363964617.0000017B0C1EF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1EF000
|
| Size: |
16384
|
|
|
10E4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.429375890.00000000010E4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E4000
|
| Size: |
45056
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
22DDE8A5000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.482890023.0000022DDE8A5000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE8A5000
|
| Size: |
20480
|
|
|
3270000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.764489685.0000000003270000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3270000
|
| Size: |
4096
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.593073988.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
17B0DF2E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.860146946.0000017B0DF2E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0DF2E000
|
| Size: |
4096
|
|
|
29F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.860122682.00000000029F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29F0000
|
| Size: |
20480
|
|
|
3266000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.681730520.0000000003266000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3266000
|
| Size: |
4096
|
|
|
252DDAC8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.440008287.00000252DDAC8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC8000
|
| Size: |
4096
|
|
|
252DDAC9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.546435839.00000252DDAC9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC9000
|
| Size: |
4096
|
|
|
3276000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.681505534.0000000003276000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3276000
|
| Size: |
4096
|
|
|
24694D4B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.746728832.0000024694D4B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4B000
|
| Size: |
4096
|
|
|
17B0C1FB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.812981297.0000017B0C1FB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FB000
|
| Size: |
16384
|
|
|
326A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.764598748.000000000326A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326A000
|
| Size: |
4096
|
|
|
24696C63000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.634914666.0000024696C63000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C63000
|
| Size: |
4096
|
|
|
4A0717C000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.408170305.0000004A0717C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4A0717C000
|
| Size: |
16384
|
|
|
FFB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.859587073.0000000000FFB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FFB000
|
| Size: |
405504
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
| URLs found in memory or binary data |
Networking |
|
|
|
252DDACA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.722754972.00000252DDACA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACA000
|
| Size: |
8192
|
|
|
22DDE8B0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.506133887.0000022DDE8B0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE8B0000
|
| Size: |
28672
|
|
|
F12977E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.505926311.000000F12977E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F12977E000
|
| Size: |
8192
|
|
|
3235000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.400866346.0000000003235000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3235000
|
| Size: |
16384
|
|
|
3265000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.597391828.0000000003265000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3265000
|
| Size: |
4096
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.586209709.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
4096
|
|
|
22DDF18D000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.491675022.0000022DDF18D000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF18D000
|
| Size: |
32768
|
|
|
252DDAB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.860254610.00000252DDAB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB0000
|
| Size: |
12288
|
|
|
3278000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.737627672.0000000003278000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3278000
|
| Size: |
4096
|
|
|
24696C56000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.458732916.0000024696C56000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C56000
|
| Size: |
20480
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.797155588.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
22DDE8DE000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.506172835.0000022DDE8DE000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE8DE000
|
| Size: |
40960
|
|
|
252DDAB8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.556126716.00000252DDAB8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB8000
|
| Size: |
28672
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.566418080.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
17B0C17F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.859789487.0000017B0C17F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C17F000
|
| Size: |
49152
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.663668482.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
24694C50000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.859631391.0000024694C50000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694C50000
|
| Size: |
40960
|
|
|
10EA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.860086195.00000000010EA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10EA000
|
| Size: |
12288
|
|
|
24694D42000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.395099635.0000024694D42000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D42000
|
| Size: |
24576
|
|
|
252DDACA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.624766094.00000252DDACA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACA000
|
| Size: |
8192
|
|
|
17B0C107000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.859555760.0000017B0C107000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C107000
|
| Size: |
389120
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
| URLs found in memory or binary data |
Networking |
|
|
|
22DDF1C1000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.491333405.0000022DDF1C1000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF1C1000
|
| Size: |
147456
|
|
|
244E7AE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000017.00000002.860085543.00000244E7AE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
244E7AE0000
|
| Size: |
65536
|
|
|
17B0E36B000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.860587424.0000017B0E36B000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
17B0E36B000
|
| Size: |
4096
|
|
|
252DDAC2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.586191887.00000252DDAC2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC2000
|
| Size: |
4096
|
|
|
24694D4D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.586013280.0000024694D4D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4D000
|
| Size: |
8192
|
|
|
252DDAD5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.586131996.00000252DDAD5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD5000
|
| Size: |
4096
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.839662323.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
1088000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.829028035.0000000001088000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1088000
|
| Size: |
208896
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
17B0C1FC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.723157353.0000017B0C1FC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FC000
|
| Size: |
12288
|
|
|
25CB523B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.493859548.0000025CB523B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
25CB523B000
|
| Size: |
28672
|
|
|
9ACFA77000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.441725913.0000009ACFA77000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9ACFA77000
|
| Size: |
36864
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.715020330.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
3270000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.839382539.0000000003270000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3270000
|
| Size: |
4096
|
|
|
1C88AB30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.861153719.000001C88AB30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C88AB30000
|
| Size: |
4096
|
|
|
1ECE9670000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.441864127.000001ECE9670000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1ECE9670000
|
| Size: |
49152
|
|
|
3278000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.756499614.0000000003278000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3278000
|
| Size: |
4096
|
|
|
3253000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.663635932.0000000003253000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3253000
|
| Size: |
4096
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.639480848.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.817192586.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
10EE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.449803761.00000000010EE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10EE000
|
| Size: |
4096
|
|
|
7330FFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.859646238.0000007330FFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7330FFF000
|
| Size: |
4096
|
|
|
24694D4D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.655017228.0000024694D4D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4D000
|
| Size: |
8192
|
|
|
10EA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.449795854.00000000010EA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10EA000
|
| Size: |
8192
|
|
|
10E9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.747052299.00000000010E9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E9000
|
| Size: |
8192
|
|
|
10E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.726523447.00000000010E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E3000
|
| Size: |
49152
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
10ED000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.418632451.00000000010ED000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10ED000
|
| Size: |
8192
|
|
|
326A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.756554876.000000000326A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326A000
|
| Size: |
4096
|
|
|
7FFD77927000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.860692869.00007FFD77927000.00000004.00000001.01000000.00000003.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
7FFD77927000
|
| Size: |
8192
|
|
|
24694D4E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.554680510.0000024694D4E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4E000
|
| Size: |
4096
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.681786295.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
3269000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.797097063.0000000003269000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3269000
|
| Size: |
8192
|
|
|
17B0E10B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.860304356.0000017B0E10B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0E10B000
|
| Size: |
4096
|
|
|
252DDACA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.660247737.00000252DDACA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACA000
|
| Size: |
8192
|
|
|
24694D47000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.606097541.0000024694D47000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D47000
|
| Size: |
4096
|
|
|
17B0C1FB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.678637154.0000017B0C1FB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FB000
|
| Size: |
16384
|
|
|
24696C57000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.795055007.0000024696C57000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C57000
|
| Size: |
57344
|
|
|
17B0C1FD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.635456266.0000017B0C1FD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FD000
|
| Size: |
8192
|
|
|
1C885474000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.860186140.000001C885474000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C885474000
|
| Size: |
4096
|
|
|
1C885429000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.859966178.000001C885429000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C885429000
|
| Size: |
86016
|
|
|
22DDF188000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.488357005.0000022DDF188000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF188000
|
| Size: |
131072
|
|
|
17B0C1FB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.584021155.0000017B0C1FB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FB000
|
| Size: |
4096
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.528062830.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
4096
|
|
|
19BBDC56000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.407264853.0000019BBDC56000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
19BBDC56000
|
| Size: |
102400
|
|
|
22DDF16F000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.484460645.0000022DDF16F000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF16F000
|
| Size: |
32768
|
|
|
3264000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.663743399.0000000003264000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3264000
|
| Size: |
8192
|
|
|
24694D4B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.756306727.0000024694D4B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4B000
|
| Size: |
4096
|
|
|
19BBDC77000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.407188762.0000019BBDC77000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
19BBDC77000
|
| Size: |
40960
|
|
|
252DDACA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.833208221.00000252DDACA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACA000
|
| Size: |
8192
|
|
|
481C77E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.859571229.000000481C77E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
481C77E000
|
| Size: |
8192
|
|
|
17B0C1FC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.508056027.0000017B0C1FC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FC000
|
| Size: |
12288
|
|
|
22DDF19B000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.489179646.0000022DDF19B000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF19B000
|
| Size: |
32768
|
|
|
347B000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.860668422.000000000347B000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
347B000
|
| Size: |
126976
|
|
|
17B0C1FA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.407976419.0000017B0C1FA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FA000
|
| Size: |
12288
|
|
|
3278000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.671617814.0000000003278000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3278000
|
| Size: |
4096
|
|
|
22DDE854000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.505222320.0000022DDE854000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE854000
|
| Size: |
20480
|
|
|
252DDABF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.755915961.00000252DDABF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDABF000
|
| Size: |
4096
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.428251366.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
389120
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.663926581.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
17B0C1FE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.363983757.0000017B0C1FE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FE000
|
| Size: |
4096
|
|
|
22DDE850000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.505329245.0000022DDE850000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE850000
|
| Size: |
4096
|
|
|
328B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.566179003.000000000328B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328B000
|
| Size: |
4096
|
|
|
FF0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.859546569.0000000000FF0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FF0000
|
| Size: |
40960
|
|
|
24696C56000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.860425273.0000024696C56000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C56000
|
| Size: |
4096
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.803649979.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
36864
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.785167633.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
17B0C1F9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.439887342.0000017B0C1F9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1F9000
|
| Size: |
24576
|
|
|
3278000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.703913294.0000000003278000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3278000
|
| Size: |
4096
|
|
|
22DDF1D8000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.493437025.0000022DDF1D8000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF1D8000
|
| Size: |
159744
|
|
|
3278000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.756612948.0000000003278000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3278000
|
| Size: |
4096
|
|
|
481C87F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.859601553.000000481C87F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
481C87F000
|
| Size: |
4096
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.839588917.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
24694D4E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.467858125.0000024694D4E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4E000
|
| Size: |
4096
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.519270495.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
413696
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3267000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.663648987.0000000003267000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3267000
|
| Size: |
8192
|
|
|
24696A60000
|
remote allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.352145230.0000024696A60000.00000004.00000400.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
remote allocation
|
| Protect: |
page read and write
|
| Base address: |
24696A60000
|
| Size: |
4096
|
|
|
1C88ACF7000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.861566798.000001C88ACF7000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C88ACF7000
|
| Size: |
20480
|
|
|
29E0000
|
remote allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.350877366.00000000029E0000.00000004.00000400.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
remote allocation
|
| Protect: |
page read and write
|
| Base address: |
29E0000
|
| Size: |
4096
|
|
|
252DDACA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.755929787.00000252DDACA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACA000
|
| Size: |
8192
|
|
|
3278000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.773211896.0000000003278000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3278000
|
| Size: |
4096
|
|
|
1C885413000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.859867012.000001C885413000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C885413000
|
| Size: |
86016
|
|
|
252DDACA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.785300129.00000252DDACA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACA000
|
| Size: |
8192
|
|
|
19BBDC54000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.408262382.0000019BBDC54000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
19BBDC54000
|
| Size: |
8192
|
|
|
24696C56000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.624814808.0000024696C56000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C56000
|
| Size: |
32768
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.781077954.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
10ED000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.400801352.00000000010ED000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10ED000
|
| Size: |
8192
|
|
|
1C885502000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.860457884.000001C885502000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C885502000
|
| Size: |
49152
|
|
|
10E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.706263240.00000000010E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E0000
|
| Size: |
4096
|
|
|
25CB5261000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.493531678.0000025CB5261000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
25CB5261000
|
| Size: |
57344
|
|
|
1085000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.785613393.0000000001085000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1085000
|
| Size: |
8192
|
|
|
24696C63000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.606195051.0000024696C63000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C63000
|
| Size: |
4096
|
|
|
24696C6D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.828087848.0000024696C6D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C6D000
|
| Size: |
4096
|
|
|
E747679000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.859491229.000000E747679000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E747679000
|
| Size: |
28672
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.726829746.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
3276000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.715208685.0000000003276000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3276000
|
| Size: |
4096
|
|
|
1C8864E0000
|
trusted library section
|
page readonly
|
|
|
|
| Name: |
00000014.00000002.860784651.000001C8864E0000.00000002.08000000.00040000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page readonly
|
| Base address: |
1C8864E0000
|
| Size: |
65536
|
|
|
10EC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.746999338.00000000010EC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10EC000
|
| Size: |
12288
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.785185362.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
252DDD0B000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.860481316.00000252DDD0B000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
252DDD0B000
|
| Size: |
126976
|
|
|
22DDF188000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.490015567.0000022DDF188000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF188000
|
| Size: |
45056
|
|
|
22DDF1AA000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.488281674.0000022DDF1AA000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF1AA000
|
| Size: |
32768
|
|
|
244E7AF0000
|
heap
|
page readonly
|
|
|
|
| Name: |
00000017.00000002.860157682.00000244E7AF0000.00000002.00000020.00020000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page readonly
|
| Base address: |
244E7AF0000
|
| Size: |
4096
|
|
|
3270000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.785503474.0000000003270000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3270000
|
| Size: |
4096
|
|
|
22DDE827000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.506021967.0000022DDE827000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE827000
|
| Size: |
4096
|
|
|
3278000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.785547567.0000000003278000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3278000
|
| Size: |
4096
|
|
|
24694D4D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.737890826.0000024694D4D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4D000
|
| Size: |
8192
|
|
|
323D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.520802965.000000000323D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
323D000
|
| Size: |
4096
|
|
|
E7476FD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.859548005.000000E7476FD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E7476FD000
|
| Size: |
12288
|
|
|
3256000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.797083955.0000000003256000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3256000
|
| Size: |
24576
|
|
|
1C88ACAA000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.861485383.000001C88ACAA000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C88ACAA000
|
| Size: |
212992
|
|
|
10E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.557385498.00000000010E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E3000
|
| Size: |
49152
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3268000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.607655192.0000000003268000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3268000
|
| Size: |
12288
|
|
|
17B0C1FD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.603016109.0000017B0C1FD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FD000
|
| Size: |
8192
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.805315200.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
7FFD77927000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.860792478.00007FFD77927000.00000004.00000001.01000000.00000003.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
7FFD77927000
|
| Size: |
8192
|
|
|
10E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.616579666.00000000010E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E3000
|
| Size: |
49152
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
1C88AD02000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.528292868.000001C88AD02000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C88AD02000
|
| Size: |
12288
|
|
|
17B0E34B000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.860518998.0000017B0E34B000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
17B0E34B000
|
| Size: |
126976
|
|
|
17B0E109000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.860285396.0000017B0E109000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0E109000
|
| Size: |
4096
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.715063094.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
252DDAB8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.381388626.00000252DDAB8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB8000
|
| Size: |
8192
|
|
|
24696C6D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.709422523.0000024696C6D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C6D000
|
| Size: |
4096
|
|
|
17B0E107000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.573006424.0000017B0E107000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0E107000
|
| Size: |
4096
|
|
|
24694D44000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.709343344.0000024694D44000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D44000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
24694D4B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.768918770.0000024694D4B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4B000
|
| Size: |
4096
|
|
|
24696C5F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.624840403.0000024696C5F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C5F000
|
| Size: |
8192
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.597448806.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.816929896.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
326A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.639464299.000000000326A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326A000
|
| Size: |
4096
|
|
|
22DDF19B000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.492438724.0000022DDF19B000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF19B000
|
| Size: |
4096
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.797228304.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
F129B7C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.505958606.000000F129B7C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F129B7C000
|
| Size: |
16384
|
|
|
252DDAD1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.410564531.00000252DDAD1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD1000
|
| Size: |
4096
|
|
|
22DDE88F000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.506105706.0000022DDE88F000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE88F000
|
| Size: |
20480
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.756486974.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
17B0C1FB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.859932367.0000017B0C1FB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FB000
|
| Size: |
16384
|
|
|
252DDAD1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.429597576.00000252DDAD1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD1000
|
| Size: |
4096
|
|
|
3253000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.681441951.0000000003253000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3253000
|
| Size: |
4096
|
|
|
244E78A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000017.00000002.859942261.00000244E78A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
244E78A0000
|
| Size: |
49152
|
|
|
24696C56000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.667184528.0000024696C56000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C56000
|
| Size: |
49152
|
|
|
3263000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.639458070.0000000003263000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3263000
|
| Size: |
8192
|
|
|
1C88AA10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.523084261.000001C88AA10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C88AA10000
|
| Size: |
4096
|
|
|
17B0C1F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.428324346.0000017B0C1F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1F0000
|
| Size: |
4096
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.566465362.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
1C88AAE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.521019334.000001C88AAE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C88AAE0000
|
| Size: |
4096
|
|
|
22DDF172000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.491277287.0000022DDF172000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF172000
|
| Size: |
65536
|
|
|
3265000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.557441660.0000000003265000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3265000
|
| Size: |
4096
|
|
|
1C885D02000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.860585974.000001C885D02000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C885D02000
|
| Size: |
32768
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.574042642.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
4096
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.663684500.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
3268000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.557460832.0000000003268000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3268000
|
| Size: |
12288
|
|
|
1C88AC00000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.861205331.000001C88AC00000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C88AC00000
|
| Size: |
73728
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.817132320.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
9ACF6FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.441691975.0000009ACF6FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9ACF6FE000
|
| Size: |
8192
|
|
|
17B0C1FB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.667374553.0000017B0C1FB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FB000
|
| Size: |
16384
|
|
|
3270000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.726410731.0000000003270000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3270000
|
| Size: |
4096
|
|
|
328B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.566595680.000000000328B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328B000
|
| Size: |
4096
|
|
|
1C88AB70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.518430359.000001C88AB70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C88AB70000
|
| Size: |
8192
|
|
|
22DDE848000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.505605013.0000022DDE848000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE848000
|
| Size: |
4096
|
|
|
25CB5257000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.493884263.0000025CB5257000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
25CB5257000
|
| Size: |
24576
|
|
|
3278000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.726672650.0000000003278000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3278000
|
| Size: |
4096
|
|
|
2F4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.860281296.0000000002F4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2F4E000
|
| Size: |
8192
|
|
|
7330EFD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.859629823.0000007330EFD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7330EFD000
|
| Size: |
12288
|
|
|
10EC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.361487766.00000000010EC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10EC000
|
| Size: |
4096
|
|
|
17B0C1F9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.450787887.0000017B0C1F9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1F9000
|
| Size: |
24576
|
|
|
17B0C191000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.462471146.0000017B0C191000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C191000
|
| Size: |
385024
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.737603561.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
3276000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.828710120.0000000003276000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3276000
|
| Size: |
4096
|
|
|
4A07377000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.408183323.0000004A07377000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4A07377000
|
| Size: |
36864
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.378254000.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
389120
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
17B0C1FB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.653019434.0000017B0C1FB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FB000
|
| Size: |
16384
|
|
|
22DDE859000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.505155249.0000022DDE859000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE859000
|
| Size: |
86016
|
|
|
3263000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.588734350.0000000003263000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3263000
|
| Size: |
12288
|
|
|
325B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.785121186.000000000325B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
325B000
|
| Size: |
4096
|
|
|
3259000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.488885755.0000000003259000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3259000
|
| Size: |
12288
|
|
|
252DBD52000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.859943549.00000252DBD52000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DBD52000
|
| Size: |
53248
|
|
|
252DDAD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.606588156.00000252DDAD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD4000
|
| Size: |
8192
|
|
|
3269000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.737578733.0000000003269000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3269000
|
| Size: |
8192
|
|
|
24694D70000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.860132433.0000024694D70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D70000
|
| Size: |
12288
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.588998307.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
17B0C1FD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.620925408.0000017B0C1FD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FD000
|
| Size: |
8192
|
|
|
252DDABF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.722746297.00000252DDABF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDABF000
|
| Size: |
4096
|
|
|
17B0C1FE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.496010716.0000017B0C1FE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FE000
|
| Size: |
4096
|
|
|
252DDAB8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.597944857.00000252DDAB8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB8000
|
| Size: |
28672
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.832726430.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3270000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.797221231.0000000003270000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3270000
|
| Size: |
4096
|
|
|
19BBDC82000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.408290428.0000019BBDC82000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
19BBDC82000
|
| Size: |
40960
|
|
|
252DBC40000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.859714810.00000252DBC40000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DBC40000
|
| Size: |
20480
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.805277431.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
3278000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.681586281.0000000003278000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3278000
|
| Size: |
4096
|
|
|
24696C6D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.730415210.0000024696C6D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C6D000
|
| Size: |
4096
|
|
|
22DDE847000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.505658946.0000022DDE847000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE847000
|
| Size: |
4096
|
|
|
3263000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.575615683.0000000003263000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3263000
|
| Size: |
16384
|
|
|
10ED000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.850563758.00000000010ED000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10ED000
|
| Size: |
8192
|
|
|
22DDE813000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.506011541.0000022DDE813000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE813000
|
| Size: |
73728
|
|
|
10BC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.829103590.00000000010BC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10BC000
|
| Size: |
135168
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
22DDE700000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.505984802.0000022DDE700000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
22DDE700000
|
| Size: |
4096
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.843143648.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
36864
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.828947569.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
3270000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.816944532.0000000003270000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3270000
|
| Size: |
4096
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.588756919.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
17B0E104000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.631593529.0000017B0E104000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0E104000
|
| Size: |
4096
|
|
|
24696C6D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.698021462.0000024696C6D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C6D000
|
| Size: |
4096
|
|
|
252DDACA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.812427236.00000252DDACA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACA000
|
| Size: |
8192
|
|
|
17B0C1F6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.386456931.0000017B0C1F6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1F6000
|
| Size: |
8192
|
|
|
24696C56000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.565433066.0000024696C56000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C56000
|
| Size: |
32768
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
25CB5268000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.493923961.0000025CB5268000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
25CB5268000
|
| Size: |
28672
|
|
|
1C885476000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.860206784.000001C885476000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C885476000
|
| Size: |
4096
|
|
|
1C88ACFF000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.861590848.000001C88ACFF000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C88ACFF000
|
| Size: |
8192
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.639491260.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
17B0C1EF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.407799635.0000017B0C1EF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1EF000
|
| Size: |
4096
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.726450548.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.663659273.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
22DDF164000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.491588571.0000022DDF164000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF164000
|
| Size: |
16384
|
|
|
17B0E106000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.528118534.0000017B0E106000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0E106000
|
| Size: |
4096
|
|
|
22DDE889000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.506098768.0000022DDE889000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE889000
|
| Size: |
20480
|
|
|
3270000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.785156071.0000000003270000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3270000
|
| Size: |
4096
|
|
|
22DDF1AC000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.489537894.0000022DDF1AC000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF1AC000
|
| Size: |
61440
|
|
|
10E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.497956598.00000000010E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E3000
|
| Size: |
49152
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
252DDAD1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.519972317.00000252DDAD1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD1000
|
| Size: |
8192
|
|
|
22DDF1A1000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.484776628.0000022DDF1A1000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF1A1000
|
| Size: |
131072
|
|
|
3269000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.817118490.0000000003269000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3269000
|
| Size: |
8192
|
|
|
252DDABD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.487023780.00000252DDABD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDABD000
|
| Size: |
4096
|
|
|
3278000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.839652778.0000000003278000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3278000
|
| Size: |
4096
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.566121723.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
1C88AC4A000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.861328633.000001C88AC4A000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C88AC4A000
|
| Size: |
81920
|
|
|
27A92F20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.389552716.0000027A92F20000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
27A92F20000
|
| Size: |
4096
|
|
|
3253000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.703672224.0000000003253000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3253000
|
| Size: |
4096
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.597875834.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
4096
|
|
|
17B0C1F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.419800444.0000017B0C1F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1F0000
|
| Size: |
8192
|
|
|
22DDF1CE000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.487376979.0000022DDF1CE000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF1CE000
|
| Size: |
147456
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.607516094.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
252DDACA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.642369195.00000252DDACA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACA000
|
| Size: |
8192
|
|
|
19BBDD02000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.408306453.0000019BBDD02000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
19BBDD02000
|
| Size: |
12288
|
|
|
10EE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.361588764.00000000010EE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10EE000
|
| Size: |
4096
|
|
|
24696C63000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.625062902.0000024696C63000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C63000
|
| Size: |
4096
|
|
|
19BBDB80000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.408213092.0000019BBDB80000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
19BBDB80000
|
| Size: |
4096
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.797130648.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
24696C61000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.499310924.0000024696C61000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C61000
|
| Size: |
8192
|
|
|
24696C59000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.860439229.0000024696C59000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C59000
|
| Size: |
57344
|
|
|
17B0C191000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.802966204.0000017B0C191000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C191000
|
| Size: |
405504
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3239000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.714984397.0000000003239000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3239000
|
| Size: |
4096
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.850258663.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
252DDACF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.586292025.00000252DDACF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACF000
|
| Size: |
4096
|
|
|
244E6BA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000017.00000002.859553076.00000244E6BA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
244E6BA0000
|
| Size: |
4096
|
|
|
252DDACF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.606569692.00000252DDACF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACF000
|
| Size: |
4096
|
|
|
3253000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.746572070.0000000003253000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3253000
|
| Size: |
4096
|
|
|
10BC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.462435442.00000000010BC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10BC000
|
| Size: |
135168
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
10E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.627932293.00000000010E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E3000
|
| Size: |
49152
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
24694D4B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.794994848.0000024694D4B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4B000
|
| Size: |
4096
|
|
|
252DDAB8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.821624949.00000252DDAB8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB8000
|
| Size: |
28672
|
|
|
7FFD77920000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000002.860893668.00007FFD77920000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FFD77920000
|
| Size: |
24576
|
|
|
7FFD7792E000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.860814188.00007FFD7792E000.00000004.00000001.01000000.00000003.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
7FFD7792E000
|
| Size: |
4096
|
|
|
24696C57000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.737946021.0000024696C57000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C57000
|
| Size: |
57344
|
|
|
3270000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.828910448.0000000003270000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3270000
|
| Size: |
4096
|
|
|
10DD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.850105785.00000000010DD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10DD000
|
| Size: |
4096
|
|
|
1C885C15000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.860558839.000001C885C15000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C885C15000
|
| Size: |
4096
|
|
|
1ECE9650000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.441051376.000001ECE9650000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1ECE9650000
|
| Size: |
126976
|
|
|
3267000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.785137901.0000000003267000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3267000
|
| Size: |
16384
|
|
|
7FD38FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000017.00000002.859469544.0000007FD38FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7FD38FE000
|
| Size: |
8192
|
|
|
10E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.797295525.00000000010E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E3000
|
| Size: |
49152
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
24696C5F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.625041827.0000024696C5F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C5F000
|
| Size: |
8192
|
|
|
10BC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.785701396.00000000010BC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10BC000
|
| Size: |
135168
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
F12928B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.505899903.000000F12928B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F12928B000
|
| Size: |
20480
|
|
|
3249000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.478979311.0000000003249000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3249000
|
| Size: |
8192
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.681499210.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
252DDAC2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.452304423.00000252DDAC2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC2000
|
| Size: |
4096
|
|
|
252DDACF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.586114331.00000252DDACF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACF000
|
| Size: |
4096
|
|
|
22DDF1AA000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.487220538.0000022DDF1AA000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF1AA000
|
| Size: |
294912
|
|
|
17B0E102000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.364067080.0000017B0E102000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0E102000
|
| Size: |
4096
|
|
|
252DDAC9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.556146960.00000252DDAC9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC9000
|
| Size: |
8192
|
|
|
22DDF11B000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.506256083.0000022DDF11B000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF11B000
|
| Size: |
49152
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.817140518.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
3267000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.663783552.0000000003267000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3267000
|
| Size: |
8192
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.756564655.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.681793093.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.557330871.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
24694D4D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.768940363.0000024694D4D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4D000
|
| Size: |
8192
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.650637110.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
24694D4D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.795003052.0000024694D4D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4D000
|
| Size: |
8192
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.715044585.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.439529244.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
389120
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
C3EEAF7000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.389536791.000000C3EEAF7000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C3EEAF7000
|
| Size: |
36864
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.828898361.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
7FD33EC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000017.00000002.859360248.0000007FD33EC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7FD33EC000
|
| Size: |
16384
|
|
|
22DDF186000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.493606068.0000022DDF186000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF186000
|
| Size: |
397312
|
|
|
24694D42000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.382311271.0000024694D42000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D42000
|
| Size: |
12288
|
|
|
24696C63000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.667228954.0000024696C63000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C63000
|
| Size: |
4096
|
|
|
17B0E107000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.593169516.0000017B0E107000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0E107000
|
| Size: |
12288
|
|
|
24694D4E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.624760994.0000024694D4E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4E000
|
| Size: |
4096
|
|
|
10E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.361252302.00000000010E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E3000
|
| Size: |
20480
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3278000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.828718436.0000000003278000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3278000
|
| Size: |
4096
|
|
|
7FFD77901000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000006.00000002.860662367.00007FFD77901000.00000020.00000001.01000000.00000003.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
7FFD77901000
|
| Size: |
94208
|
|
|
252DDACA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.703180005.00000252DDACA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACA000
|
| Size: |
8192
|
|
|
252DDAD1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.556277030.00000252DDAD1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD1000
|
| Size: |
8192
|
|
|
3270000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.773182734.0000000003270000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3270000
|
| Size: |
4096
|
|
|
19BBDD08000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.408310772.0000019BBDD08000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
19BBDD08000
|
| Size: |
24576
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.566129262.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
9ACF97B000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.441716987.0000009ACF97B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9ACF97B000
|
| Size: |
20480
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.627862893.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
325F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.520663394.000000000325F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
325F000
|
| Size: |
8192
|
|
|
1ECE9600000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.441780383.000001ECE9600000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1ECE9600000
|
| Size: |
73728
|
|
|
252DDAD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.660294887.00000252DDAD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD4000
|
| Size: |
8192
|
|
|
105F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.859897442.000000000105F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
105F000
|
| Size: |
57344
|
|
|
24696C56000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.373972321.0000024696C56000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C56000
|
| Size: |
12288
|
|
|
1C88ACE6000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.861534161.000001C88ACE6000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C88ACE6000
|
| Size: |
40960
|
|
|
17B0C17F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.635560495.0000017B0C17F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C17F000
|
| Size: |
45056
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
1C88ACA7000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.861461207.000001C88ACA7000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C88ACA7000
|
| Size: |
8192
|
|
|
24696C5A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.362989977.0000024696C5A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C5A000
|
| Size: |
4096
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.785321293.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
36864
|
|
|
17B0C1FE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.407986228.0000017B0C1FE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FE000
|
| Size: |
4096
|
|
|
24696C63000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.646601206.0000024696C63000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C63000
|
| Size: |
4096
|
|
|
3258000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.764454298.0000000003258000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3258000
|
| Size: |
8192
|
|
|
24696A60000
|
remote allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.351707125.0000024696A60000.00000004.00000400.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
remote allocation
|
| Protect: |
page read and write
|
| Base address: |
24696A60000
|
| Size: |
4096
|
|
|
22DDF1C1000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.484699799.0000022DDF1C1000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF1C1000
|
| Size: |
126976
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.616513605.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
19BBDD00000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.408303117.0000019BBDD00000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
19BBDD00000
|
| Size: |
4096
|
|
|
3276000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.703765255.0000000003276000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3276000
|
| Size: |
4096
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.737637438.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.746701385.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
24694D4E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.363987331.0000024694D4E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4E000
|
| Size: |
4096
|
|
|
22DDF602000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.485993532.0000022DDF602000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF602000
|
| Size: |
94208
|
|
|
252DDABA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.574017057.00000252DDABA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDABA000
|
| Size: |
36864
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.773160551.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
252DDAB6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.381465770.00000252DDAB6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB6000
|
| Size: |
8192
|
|
|
10ED000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.391299367.00000000010ED000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10ED000
|
| Size: |
8192
|
|
|
17B0C191000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.793319388.0000017B0C191000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C191000
|
| Size: |
405504
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
17B0C1FB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.710558764.0000017B0C1FB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FB000
|
| Size: |
16384
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.556220215.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
4096
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.703897326.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.839606705.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
252DDAC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.486974358.00000252DDAC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC0000
|
| Size: |
8192
|
|
|
24696C56000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.395187989.0000024696C56000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C56000
|
| Size: |
16384
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
252DDAD2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.574049516.00000252DDAD2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD2000
|
| Size: |
4096
|
|
|
19BBDC2A000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.408239657.0000019BBDC2A000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
19BBDC2A000
|
| Size: |
69632
|
|
|
10E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.391381443.00000000010E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E3000
|
| Size: |
16384
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
22DDF199000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.490041019.0000022DDF199000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF199000
|
| Size: |
4096
|
|
|
73304FC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.859401202.00000073304FC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
73304FC000
|
| Size: |
16384
|
|
|
27A92FC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.389564381.0000027A92FC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
27A92FC0000
|
| Size: |
4096
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.692162345.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
24576
|
|
|
252DDAD2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.586123728.00000252DDAD2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD2000
|
| Size: |
4096
|
|
|
252DDAB8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.776153000.00000252DDAB8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB8000
|
| Size: |
28672
|
|
|
1C88AB40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.861167723.000001C88AB40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C88AB40000
|
| Size: |
4096
|
|
|
10E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.706288937.00000000010E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E3000
|
| Size: |
49152
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
24694D4E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.565387007.0000024694D4E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4E000
|
| Size: |
4096
|
|
|
252DDABC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.452362894.00000252DDABC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDABC000
|
| Size: |
24576
|
|
|
F92B7FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.493803653.000000F92B7FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F92B7FF000
|
| Size: |
4096
|
|
|
22DDE8D1000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.506161795.0000022DDE8D1000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE8D1000
|
| Size: |
49152
|
|
|
24694D4D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.782661122.0000024694D4D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4D000
|
| Size: |
8192
|
|
|
10EC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.361577637.00000000010EC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10EC000
|
| Size: |
4096
|
|
|
481C6FB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.859541491.000000481C6FB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
481C6FB000
|
| Size: |
20480
|
|
|
24696C6D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.769034212.0000024696C6D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C6D000
|
| Size: |
4096
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.566523270.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
24696C61000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.499386111.0000024696C61000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C61000
|
| Size: |
8192
|
|
|
27A92F90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.389560720.0000027A92F90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
27A92F90000
|
| Size: |
8192
|
|
|
252DDACA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.614661309.00000252DDACA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACA000
|
| Size: |
8192
|
|
|
3278000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.773355469.0000000003278000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3278000
|
| Size: |
4096
|
|
|
10E4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.441369001.00000000010E4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E4000
|
| Size: |
45056
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
17B0C1FE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.386466543.0000017B0C1FE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FE000
|
| Size: |
4096
|
|
|
24694D46000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.565375757.0000024694D46000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D46000
|
| Size: |
12288
|
|
|
10BC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.860043501.00000000010BC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10BC000
|
| Size: |
135168
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
326A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.566374481.000000000326A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326A000
|
| Size: |
4096
|
|
|
10E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.607596026.00000000010E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E3000
|
| Size: |
49152
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
1ECE9570000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.441773847.000001ECE9570000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1ECE9570000
|
| Size: |
4096
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.785162082.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
1087000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.726942630.0000000001087000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1087000
|
| Size: |
212992
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
252DDABF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.586353062.00000252DDABF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDABF000
|
| Size: |
12288
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.703756120.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.610666166.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
24694D4E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.840665597.0000024694D4E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4E000
|
| Size: |
4096
|
|
|
3278000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.816974667.0000000003278000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3278000
|
| Size: |
4096
|
|
|
252DDAC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.476825165.00000252DDAC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC0000
|
| Size: |
8192
|
|
|
244E7B00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000017.00000002.860185202.00000244E7B00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
244E7B00000
|
| Size: |
4096
|
|
|
3253000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.714996911.0000000003253000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3253000
|
| Size: |
4096
|
|
|
252DDAD2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.586301005.00000252DDAD2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD2000
|
| Size: |
4096
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.797136483.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
24694D4D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.746820290.0000024694D4D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4D000
|
| Size: |
8192
|
|
|
22DDF19D000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.491071457.0000022DDF19D000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF19D000
|
| Size: |
294912
|
|
|
252DDACA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.692150251.00000252DDACA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACA000
|
| Size: |
8192
|
|
|
3270000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.828680377.0000000003270000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3270000
|
| Size: |
4096
|
|
|
10BC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.449898043.00000000010BC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10BC000
|
| Size: |
135168
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3232000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.412991688.0000000003232000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3232000
|
| Size: |
4096
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.586282919.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
4096
|
|
|
22DDF169000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.491455992.0000022DDF169000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF169000
|
| Size: |
8192
|
|
|
3276000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.773343640.0000000003276000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3276000
|
| Size: |
4096
|
|
|
252DDAD0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.440149107.00000252DDAD0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD0000
|
| Size: |
8192
|
|
|
24694D4C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.433880222.0000024694D4C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4C000
|
| Size: |
12288
|
|
|
9ACF77F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.441698956.0000009ACF77F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9ACF77F000
|
| Size: |
4096
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.557320611.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
10E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.508955912.00000000010E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E3000
|
| Size: |
49152
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
1C885C00000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.860534429.000001C885C00000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C885C00000
|
| Size: |
4096
|
|
|
10E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.746988206.00000000010E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E3000
|
| Size: |
32768
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
24696C63000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.614445659.0000024696C63000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C63000
|
| Size: |
4096
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.746902014.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
7FFD77930000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000002.860952465.00007FFD77930000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FFD77930000
|
| Size: |
4096
|
|
|
3269000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.797199305.0000000003269000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3269000
|
| Size: |
8192
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.828701808.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
F92B67A000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.493779351.000000F92B67A000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F92B67A000
|
| Size: |
24576
|
|
|
3276000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.693454590.0000000003276000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3276000
|
| Size: |
4096
|
|
|
17B0C1FE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.395759577.0000017B0C1FE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FE000
|
| Size: |
4096
|
|
|
3238000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.715117609.0000000003238000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3238000
|
| Size: |
4096
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.616518729.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
24696C56000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.423066022.0000024696C56000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C56000
|
| Size: |
12288
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
481CA7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.859656260.000000481CA7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
481CA7E000
|
| Size: |
8192
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.746827676.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
10E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.639653659.00000000010E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E3000
|
| Size: |
4096
|
|
|
1C88AA40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.518690044.000001C88AA40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C88AA40000
|
| Size: |
8192
|
|
|
10BC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.850372771.00000000010BC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10BC000
|
| Size: |
135168
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
24696C55000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.828019484.0000024696C55000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C55000
|
| Size: |
8192
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.693297768.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
24696C56000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.655067849.0000024696C56000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C56000
|
| Size: |
45056
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.633528092.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
24576
|
|
|
244E6FB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000017.00000002.859866041.00000244E6FB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
244E6FB0000
|
| Size: |
4096
|
|
|
24696C5D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.373979902.0000024696C5D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C5D000
|
| Size: |
8192
|
|
|
17B0C1FC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.550467271.0000017B0C1FC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FC000
|
| Size: |
12288
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.365201018.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
389120
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
252DDAD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.682602494.00000252DDAD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD4000
|
| Size: |
8192
|
|
|
1ECE9700000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.441889697.000001ECE9700000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1ECE9700000
|
| Size: |
4096
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.817156275.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.576016412.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
17B0E109000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.378183207.0000017B0E109000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0E109000
|
| Size: |
12288
|
|
|
F129A7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.505951584.000000F129A7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F129A7E000
|
| Size: |
8192
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.715178039.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
326A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.650607986.000000000326A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326A000
|
| Size: |
4096
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.703697888.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.805484405.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
22DDEF90000
|
remote allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.483309439.0000022DDEF90000.00000004.00000400.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
remote allocation
|
| Protect: |
page read and write
|
| Base address: |
22DDEF90000
|
| Size: |
4096
|
|
|
3270000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.746674745.0000000003270000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3270000
|
| Size: |
4096
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.853555003.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
252DDAD2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.574205942.00000252DDAD2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD2000
|
| Size: |
4096
|
|
|
252DBD63000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.859966593.00000252DBD63000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DBD63000
|
| Size: |
4096
|
|
|
7FFD7791E000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000001.00000002.860663110.00007FFD7791E000.00000020.00000001.01000000.00000003.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
7FFD7791E000
|
| Size: |
4096
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.671608362.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
3270000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.756475025.0000000003270000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3270000
|
| Size: |
4096
|
|
|
3253000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.849916167.0000000003253000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3253000
|
| Size: |
4096
|
|
|
19BBDC4F000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.407708826.0000019BBDC4F000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
19BBDC4F000
|
| Size: |
12288
|
|
|
3278000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.839427971.0000000003278000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3278000
|
| Size: |
4096
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.557478257.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
24696C56000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.403380526.0000024696C56000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C56000
|
| Size: |
16384
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
24696C56000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.531239799.0000024696C56000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C56000
|
| Size: |
32768
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
24694D4E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.541895962.0000024694D4E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4E000
|
| Size: |
4096
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.737742801.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
24694D47000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.597559662.0000024694D47000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D47000
|
| Size: |
4096
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.715195939.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
2A80000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.860175313.0000000002A80000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A80000
|
| Size: |
4096
|
|
|
3268000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.557307091.0000000003268000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3268000
|
| Size: |
12288
|
|
|
3231000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.828579942.0000000003231000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3231000
|
| Size: |
4096
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.850210538.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
24696C56000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.541832961.0000024696C56000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C56000
|
| Size: |
32768
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
17B0C1FB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.631537858.0000017B0C1FB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FB000
|
| Size: |
4096
|
|
|
252DDABF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.633502366.00000252DDABF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDABF000
|
| Size: |
4096
|
|
|
24694D45000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.519770226.0000024694D45000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D45000
|
| Size: |
8192
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.737700126.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
10EB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.639715192.00000000010EB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10EB000
|
| Size: |
16384
|
|
|
1C885D59000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.529292071.000001C885D59000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C885D59000
|
| Size: |
4096
|
|
|
252DDACA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.682572383.00000252DDACA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACA000
|
| Size: |
8192
|
|
|
24696C57000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.782721746.0000024696C57000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C57000
|
| Size: |
57344
|
|
|
1C88AC1E000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.861257436.000001C88AC1E000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C88AC1E000
|
| Size: |
53248
|
|
|
252DBAA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.859655659.00000252DBAA0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DBAA0000
|
| Size: |
4096
|
|
|
F12930E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.505907267.000000F12930E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F12930E000
|
| Size: |
8192
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.817163453.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
22DDE710000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.505989601.0000022DDE710000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
22DDE710000
|
| Size: |
4096
|
|
|
252DDACF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.586224828.00000252DDACF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACF000
|
| Size: |
4096
|
|
|
10BC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.737966969.00000000010BC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10BC000
|
| Size: |
135168
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3263000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.597195484.0000000003263000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3263000
|
| Size: |
12288
|
|
|
22DDF19A000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.489607186.0000022DDF19A000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF19A000
|
| Size: |
4096
|
|
|
22DDF10B000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.489434542.0000022DDF10B000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF10B000
|
| Size: |
61440
|
|
|
24696C6D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.667244128.0000024696C6D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C6D000
|
| Size: |
4096
|
|
|
3251000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.544797575.0000000003251000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3251000
|
| Size: |
12288
|
|
|
3276000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.816967763.0000000003276000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3276000
|
| Size: |
4096
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.419749973.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
389120
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
252DDAD5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.586308834.00000252DDAD5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD5000
|
| Size: |
4096
|
|
|
3259000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.756442795.0000000003259000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3259000
|
| Size: |
4096
|
|
|
252DDABF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.803596721.00000252DDABF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDABF000
|
| Size: |
4096
|
|
|
17B0C168000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.635541434.0000017B0C168000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C168000
|
| Size: |
90112
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.519967418.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
4096
|
|
|
24696C56000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.382387806.0000024696C56000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C56000
|
| Size: |
16384
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.614667679.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
24576
|
|
|
24696C5D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.382105052.0000024696C5D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C5D000
|
| Size: |
8192
|
|
|
481C7FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.859587362.000000481C7FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
481C7FE000
|
| Size: |
8192
|
|
|
24696C5F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.586104457.0000024696C5F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C5F000
|
| Size: |
4096
|
|
|
1C8854AA000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.860384032.000001C8854AA000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C8854AA000
|
| Size: |
4096
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.756480877.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
17B0DF10000
|
remote allocation
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.352316734.0000017B0DF10000.00000004.00000400.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
remote allocation
|
| Protect: |
page read and write
|
| Base address: |
17B0DF10000
|
| Size: |
4096
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.816937041.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
108B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.449870214.000000000108B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
108B000
|
| Size: |
196608
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
7FFD7792E000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.860719247.00007FFD7792E000.00000004.00000001.01000000.00000003.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
7FFD7792E000
|
| Size: |
4096
|
|
|
7FD397B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000017.00000002.859491430.0000007FD397B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7FD397B000
|
| Size: |
20480
|
|
|
25CB5150000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.493831288.0000025CB5150000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
25CB5150000
|
| Size: |
4096
|
|
|
3268000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.545065910.0000000003268000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3268000
|
| Size: |
12288
|
|
|
3256000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.839343195.0000000003256000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3256000
|
| Size: |
24576
|
|
|
252DDAD5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.574055813.00000252DDAD5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD5000
|
| Size: |
4096
|
|
|
10EC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.756745337.00000000010EC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10EC000
|
| Size: |
12288
|
|
|
7FFD7793B000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000005.00000002.860912241.00007FFD7793B000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FFD7793B000
|
| Size: |
4096
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.756592330.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
10EA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.450041230.00000000010EA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10EA000
|
| Size: |
8192
|
|
|
7FD37F9000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000017.00000002.859410639.0000007FD37F9000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7FD37F9000
|
| Size: |
28672
|
|
|
252DDAD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.642391781.00000252DDAD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD4000
|
| Size: |
8192
|
|
|
3263000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.544827442.0000000003263000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3263000
|
| Size: |
4096
|
|
|
7330BFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.859526165.0000007330BFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7330BFE000
|
| Size: |
8192
|
|
|
252DDABF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.682561355.00000252DDABF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDABF000
|
| Size: |
4096
|
|
|
27A92F30000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.389557291.0000027A92F30000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
27A92F30000
|
| Size: |
4096
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.690834815.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
417792
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
24696C58000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.364190548.0000024696C58000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C58000
|
| Size: |
8192
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.737610773.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
3276000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.764514990.0000000003276000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3276000
|
| Size: |
4096
|
|
|
3269000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.839355910.0000000003269000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3269000
|
| Size: |
8192
|
|
|
24694D4A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.850049692.0000024694D4A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4A000
|
| Size: |
4096
|
|
|
1C88AB70000
|
remote allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.521448772.000001C88AB70000.00000004.00000400.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
remote allocation
|
| Protect: |
page read and write
|
| Base address: |
1C88AB70000
|
| Size: |
4096
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.650556803.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
10EC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.756692614.00000000010EC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10EC000
|
| Size: |
12288
|
|
|
1C8853E0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.859781920.000001C8853E0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C8853E0000
|
| Size: |
4096
|
|
|
481C8FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.859617400.000000481C8FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
481C8FF000
|
| Size: |
4096
|
|
|
22DDE800000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.506001541.0000022DDE800000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE800000
|
| Size: |
73728
|
|
|
252DDAD5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.574216146.00000252DDAD5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD5000
|
| Size: |
4096
|
|
|
1C88546F000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.860167237.000001C88546F000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C88546F000
|
| Size: |
4096
|
|
|
17B0E107000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.678697061.0000017B0E107000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0E107000
|
| Size: |
4096
|
|
|
17B0E107000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.653066748.0000017B0E107000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0E107000
|
| Size: |
4096
|
|
|
25CB5247000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.493868836.0000025CB5247000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
25CB5247000
|
| Size: |
61440
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.650620013.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.785528973.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.557313812.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
7FFD7792E000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.860887457.00007FFD7792E000.00000004.00000001.01000000.00000003.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
7FFD7792E000
|
| Size: |
4096
|
|
|
3276000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.805500566.0000000003276000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3276000
|
| Size: |
4096
|
|
|
10EA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.411002464.00000000010EA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10EA000
|
| Size: |
4096
|
|
|
1C88549F000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.860349885.000001C88549F000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C88549F000
|
| Size: |
12288
|
|
|
244E7890000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000017.00000002.859923180.00000244E7890000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
244E7890000
|
| Size: |
4096
|
|
|
10E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.785231902.00000000010E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E3000
|
| Size: |
49152
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
24696C56000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.489485321.0000024696C56000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C56000
|
| Size: |
36864
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
24694D4E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.614369276.0000024694D4E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4E000
|
| Size: |
4096
|
|
|
27A93055000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.389620713.0000027A93055000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
27A93055000
|
| Size: |
106496
|
|
|
24696C6D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.795080759.0000024696C6D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C6D000
|
| Size: |
4096
|
|
|
326A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.773149880.000000000326A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326A000
|
| Size: |
4096
|
|
|
10BC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.726979883.00000000010BC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10BC000
|
| Size: |
135168
|
|
|
24694C6D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.859699787.0000024694C6D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694C6D000
|
| Size: |
159744
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
22DDF19D000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.491008634.0000022DDF19D000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF19D000
|
| Size: |
147456
|
|
|
3267000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.726599409.0000000003267000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3267000
|
| Size: |
16384
|
|
|
10E5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.650719119.00000000010E5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E5000
|
| Size: |
40960
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
24696C5D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.447028228.0000024696C5D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C5D000
|
| Size: |
8192
|
|
|
252DBCF3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.859830639.00000252DBCF3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DBCF3000
|
| Size: |
32768
|
|
|
22DDF1B5000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.488294113.0000022DDF1B5000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF1B5000
|
| Size: |
65536
|
|
|
10E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.773427456.00000000010E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E3000
|
| Size: |
49152
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.860512137.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
10E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.671694127.00000000010E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E3000
|
| Size: |
49152
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
252DDAD1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.420429378.00000252DDAD1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD1000
|
| Size: |
4096
|
|
|
22DDE86F000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.506077299.0000022DDE86F000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE86F000
|
| Size: |
86016
|
|
|
3249000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.470805842.0000000003249000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3249000
|
| Size: |
8192
|
|
|
252DDABF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.843125311.00000252DDABF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDABF000
|
| Size: |
4096
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.839392421.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.575845842.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
24694D4A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.803630632.0000024694D4A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4A000
|
| Size: |
4096
|
|
|
252DDABF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.670366156.00000252DDABF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDABF000
|
| Size: |
4096
|
|
|
1C88AC5F000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.861347903.000001C88AC5F000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C88AC5F000
|
| Size: |
147456
|
|
|
252DBCE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.859774857.00000252DBCE0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DBCE0000
|
| Size: |
49152
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.715013460.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
3259000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.737571491.0000000003259000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3259000
|
| Size: |
4096
|
|
|
3253000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.693255010.0000000003253000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3253000
|
| Size: |
4096
|
|
|
10E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.597332255.00000000010E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E3000
|
| Size: |
49152
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3253000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.828592445.0000000003253000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3253000
|
| Size: |
4096
|
|
|
17B0C1FA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.386462162.0000017B0C1FA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FA000
|
| Size: |
12288
|
|
|
22DDE8F9000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.506192888.0000022DDE8F9000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE8F9000
|
| Size: |
32768
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.797253022.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
3232000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.400859357.0000000003232000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3232000
|
| Size: |
4096
|
|
|
22DDE908000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.506211809.0000022DDE908000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE908000
|
| Size: |
28672
|
|
|
3270000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.773312483.0000000003270000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3270000
|
| Size: |
4096
|
|
|
17B0C1FB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.620916652.0000017B0C1FB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FB000
|
| Size: |
4096
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.764480890.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
17B0E104000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.450847804.0000017B0E104000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0E104000
|
| Size: |
4096
|
|
|
24696C5D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.403113744.0000024696C5D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C5D000
|
| Size: |
8192
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.805285818.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
C3EE9FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.389531752.000000C3EE9FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C3EE9FF000
|
| Size: |
4096
|
|
|
24694D4D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.519916786.0000024694D4D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4D000
|
| Size: |
8192
|
|
|
1085000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.829000587.0000000001085000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1085000
|
| Size: |
8192
|
|
|
1088000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.817252285.0000000001088000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1088000
|
| Size: |
8192
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.785560539.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
3276000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.756602996.0000000003276000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3276000
|
| Size: |
4096
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.544903703.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
24696C58000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.597738385.0000024696C58000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C58000
|
| Size: |
24576
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.663674004.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
3269000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.703683234.0000000003269000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3269000
|
| Size: |
8192
|
|
|
252DDAC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.520061448.00000252DDAC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC0000
|
| Size: |
8192
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.746842985.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
7FFD77927000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.860912949.00007FFD77927000.00000004.00000001.01000000.00000003.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
7FFD77927000
|
| Size: |
8192
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.703788019.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.726632329.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
252DDAC2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.499437084.00000252DDAC2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC2000
|
| Size: |
4096
|
|
|
17B0C1FE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.386645606.0000017B0C1FE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FE000
|
| Size: |
4096
|
|
|
17B0C1F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.715684884.0000017B0C1F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1F0000
|
| Size: |
24576
|
|
|
17B0E107000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.602962200.0000017B0E107000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0E107000
|
| Size: |
12288
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.639486660.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
1C88543F000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.860052646.000001C88543F000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C88543F000
|
| Size: |
98304
|
|
|
22DDF197000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.485925722.0000022DDF197000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF197000
|
| Size: |
94208
|
|
|
252DDABF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.390354690.00000252DDABF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDABF000
|
| Size: |
16384
|
|
|
1C88AA40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.861119987.000001C88AA40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C88AA40000
|
| Size: |
4096
|
|
|
1C88AC2C000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.861282382.000001C88AC2C000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C88AC2C000
|
| Size: |
53248
|
|
|
F129877000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.505932506.000000F129877000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F129877000
|
| Size: |
36864
|
|
|
24694B10000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.859616159.0000024694B10000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694B10000
|
| Size: |
4096
|
|
|
252DDAC9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.597861492.00000252DDAC9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC9000
|
| Size: |
8192
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.699276525.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
389120
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
17B0C1F7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.462580658.0000017B0C1F7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1F7000
|
| Size: |
32768
|
|
|
252DDAD2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.597893687.00000252DDAD2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD2000
|
| Size: |
4096
|
|
|
24694D4C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.709354753.0000024694D4C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4C000
|
| Size: |
12288
|
|
|
22DDE895000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.506112391.0000022DDE895000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE895000
|
| Size: |
73728
|
|
|
24696C6D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.678159863.0000024696C6D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C6D000
|
| Size: |
4096
|
|
|
3265000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.607649030.0000000003265000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3265000
|
| Size: |
4096
|
|
|
24694D4C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.690132714.0000024694D4C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4C000
|
| Size: |
12288
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.839626594.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
252DDAD1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.546468093.00000252DDAD1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD1000
|
| Size: |
8192
|
|
|
1ECE967C000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.440607262.000001ECE967C000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1ECE967C000
|
| Size: |
45056
|
|
|
27A93100000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.389657984.0000027A93100000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
27A93100000
|
| Size: |
4096
|
|
|
252DDAB9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.520050914.00000252DDAB9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB9000
|
| Size: |
20480
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.386528033.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
389120
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
9ACF87C000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.441706345.0000009ACF87C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9ACF87C000
|
| Size: |
16384
|
|
|
252DDAB9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.528152123.00000252DDAB9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB9000
|
| Size: |
20480
|
|
|
1C886520000
|
trusted library section
|
page readonly
|
|
|
|
| Name: |
00000014.00000002.860933562.000001C886520000.00000002.08000000.00040000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page readonly
|
| Base address: |
1C886520000
|
| Size: |
65536
|
|
|
1ECE968A000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.441874636.000001ECE968A000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1ECE968A000
|
| Size: |
32768
|
|
|
3256000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.849932145.0000000003256000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3256000
|
| Size: |
24576
|
|
|
25CB5261000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.493916387.0000025CB5261000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
25CB5261000
|
| Size: |
24576
|
|
|
252DDAD2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.566017496.00000252DDAD2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD2000
|
| Size: |
4096
|
|
|
3270000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.737597534.0000000003270000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3270000
|
| Size: |
4096
|
|
|
24696C59000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.803707557.0000024696C59000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C59000
|
| Size: |
49152
|
|
|
3270000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.850233541.0000000003270000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3270000
|
| Size: |
4096
|
|
|
1C886310000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.860719936.000001C886310000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C886310000
|
| Size: |
4096
|
|
|
24696C56000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.646589026.0000024696C56000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C56000
|
| Size: |
45056
|
|
|
481C2F8000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.859429819.000000481C2F8000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
481C2F8000
|
| Size: |
32768
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.663903856.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.850248406.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
24694D4C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.667117693.0000024694D4C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4C000
|
| Size: |
12288
|
|
|
24696C6D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.597692091.0000024696C6D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C6D000
|
| Size: |
4096
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.828925830.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
252DDACA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.606548635.00000252DDACA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACA000
|
| Size: |
8192
|
|
|
22DDF197000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.486994323.0000022DDF197000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF197000
|
| Size: |
53248
|
|
|
244E6D71000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000017.00000003.564766299.00000244E6D71000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
244E6D71000
|
| Size: |
12288
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.576043222.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
252DDAB6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.401541764.00000252DDAB6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB6000
|
| Size: |
8192
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.616675470.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
17B0C1F6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.407805209.0000017B0C1F6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1F6000
|
| Size: |
8192
|
|
|
17B0C1FE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.407843355.0000017B0C1FE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FE000
|
| Size: |
4096
|
|
|
24696C56000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.382095528.0000024696C56000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C56000
|
| Size: |
12288
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.828918244.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
1C886300000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.860692924.000001C886300000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C886300000
|
| Size: |
8192
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.764498060.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.839400253.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
24696C5D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.403179116.0000024696C5D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C5D000
|
| Size: |
8192
|
|
|
27A93000000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.389568406.0000027A93000000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
27A93000000
|
| Size: |
73728
|
|
|
3263000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.650522932.0000000003263000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3263000
|
| Size: |
4096
|
|
|
22DDF1AE000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.485777240.0000022DDF1AE000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF1AE000
|
| Size: |
90112
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.797115596.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
10BC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.817309074.00000000010BC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10BC000
|
| Size: |
135168
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
24696C5F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.597665759.0000024696C5F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C5F000
|
| Size: |
4096
|
|
|
22DDE88F000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.505738469.0000022DDE88F000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE88F000
|
| Size: |
20480
|
|
|
17B0C1FB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.642954353.0000017B0C1FB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FB000
|
| Size: |
16384
|
|
|
17B0C1F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.813121279.0000017B0C1F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1F0000
|
| Size: |
16384
|
|
|
3278000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.785179031.0000000003278000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3278000
|
| Size: |
4096
|
|
|
19BBDD13000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.408315874.0000019BBDD13000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
19BBDD13000
|
| Size: |
12288
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.507997937.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
413696
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
24694C5B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.859656107.0000024694C5B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694C5B000
|
| Size: |
8192
|
|
|
252DDAB9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.476685351.00000252DDAB9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB9000
|
| Size: |
20480
|
|
|
17B0C1FB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.690889771.0000017B0C1FB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FB000
|
| Size: |
16384
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.556153637.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
4096
|
|
|
3268000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.588743980.0000000003268000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3268000
|
| Size: |
12288
|
|
|
1088000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.785636872.0000000001088000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1088000
|
| Size: |
208896
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.650533758.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
1C885D00000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.860570119.000001C885D00000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C885D00000
|
| Size: |
4096
|
|
|
1C885C02000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.860547660.000001C885C02000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C885C02000
|
| Size: |
4096
|
|
|
EE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.859429319.0000000000EE0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EE0000
|
| Size: |
12288
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.828886496.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.607499203.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
3253000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.816901871.0000000003253000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3253000
|
| Size: |
4096
|
|
|
24694DD5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.860156960.0000024694DD5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694DD5000
|
| Size: |
20480
|
|
|
252DDAB8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.390347071.00000252DDAB8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB8000
|
| Size: |
4096
|
|
|
3236000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.412999870.0000000003236000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3236000
|
| Size: |
8192
|
|
|
252DD8D0000
|
remote allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.355656195.00000252DD8D0000.00000004.00000400.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
remote allocation
|
| Protect: |
page read and write
|
| Base address: |
252DD8D0000
|
| Size: |
4096
|
|
|
17B0C1EF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.378103333.0000017B0C1EF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1EF000
|
| Size: |
4096
|
|
|
3270000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.703731758.0000000003270000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3270000
|
| Size: |
4096
|
|
|
24694D4D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.803649980.0000024694D4D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4D000
|
| Size: |
8192
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.776096448.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
36864
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.574132364.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
4096
|
|
|
3270000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.715190081.0000000003270000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3270000
|
| Size: |
4096
|
|
|
24696C56000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.597644020.0000024696C56000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C56000
|
| Size: |
32768
|
|
|
252DDAD1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.536502863.00000252DDAD1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD1000
|
| Size: |
8192
|
|
|
24696C56000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.499296180.0000024696C56000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C56000
|
| Size: |
28672
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.486865813.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
413696
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
326A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.650529077.000000000326A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326A000
|
| Size: |
4096
|
|
|
252DDAC8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.410709797.00000252DDAC8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC8000
|
| Size: |
8192
|
|
|
19BBDC48000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.407940325.0000019BBDC48000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
19BBDC48000
|
| Size: |
8192
|
|
|
27A93082000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.389649143.0000027A93082000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
27A93082000
|
| Size: |
65536
|
|
|
1C886510000
|
trusted library section
|
page readonly
|
|
|
|
| Name: |
00000014.00000002.860893708.000001C886510000.00000002.08000000.00040000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page readonly
|
| Base address: |
1C886510000
|
| Size: |
65536
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.805451519.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
24696C6D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.614519501.0000024696C6D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C6D000
|
| Size: |
4096
|
|
|
17B0C1FD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.419875494.0000017B0C1FD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FD000
|
| Size: |
8192
|
|
|
22DDF172000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.506306169.0000022DDF172000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF172000
|
| Size: |
65536
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.639585099.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
252DDAD2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.606578025.00000252DDAD2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD2000
|
| Size: |
4096
|
|
|
3268000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.607458860.0000000003268000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3268000
|
| Size: |
12288
|
|
|
17B0C1FB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.699335385.0000017B0C1FB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FB000
|
| Size: |
16384
|
|
|
252DDAD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.670403626.00000252DDAD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD4000
|
| Size: |
8192
|
|
|
22DDF165000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.506297429.0000022DDF165000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF165000
|
| Size: |
40960
|
|
|
17B0C1FB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.560419500.0000017B0C1FB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FB000
|
| Size: |
16384
|
|
|
252DDABF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.767147936.00000252DDABF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDABF000
|
| Size: |
4096
|
|
|
17B0C1FB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.853507473.0000017B0C1FB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FB000
|
| Size: |
16384
|
|
|
25CB5267000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.493585612.0000025CB5267000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
25CB5267000
|
| Size: |
32768
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.545087568.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
3253000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.671549850.0000000003253000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3253000
|
| Size: |
4096
|
|
|
24696C5D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.458610034.0000024696C5D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C5D000
|
| Size: |
8192
|
|
|
22DDF1AA000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.487152925.0000022DDF1AA000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF1AA000
|
| Size: |
147456
|
|
|
252DBDBE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.860110892.00000252DBDBE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DBDBE000
|
| Size: |
135168
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.536496558.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
4096
|
|
|
252DDAC9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.519961557.00000252DDAC9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC9000
|
| Size: |
4096
|
|
|
3276000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.746911282.0000000003276000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3276000
|
| Size: |
4096
|
|
|
17B0C1FC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.539157485.0000017B0C1FC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FC000
|
| Size: |
12288
|
|
|
3257000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.785109303.0000000003257000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3257000
|
| Size: |
12288
|
|
|
252DDAC2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.565913413.00000252DDAC2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC2000
|
| Size: |
4096
|
|
|
24696C5F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.565485224.0000024696C5F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C5F000
|
| Size: |
4096
|
|
|
17B0C1FB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.793260499.0000017B0C1FB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FB000
|
| Size: |
16384
|
|
|
3278000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.860546407.0000000003278000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3278000
|
| Size: |
4096
|
|
|
24694CE6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.859898469.0000024694CE6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694CE6000
|
| Size: |
221184
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
1C88AA50000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.518753693.000001C88AA50000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C88AA50000
|
| Size: |
4096
|
|
|
481CAFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.859679285.000000481CAFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
481CAFF000
|
| Size: |
4096
|
|
|
17B0E108000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.635380181.0000017B0E108000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0E108000
|
| Size: |
4096
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.828726914.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
17B0C1FE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.378123766.0000017B0C1FE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FE000
|
| Size: |
4096
|
|
|
10E5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.410938088.00000000010E5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E5000
|
| Size: |
24576
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
1C885D59000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.529342185.000001C885D59000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C885D59000
|
| Size: |
4096
|
|
|
252DDABF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.606536245.00000252DDABF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDABF000
|
| Size: |
4096
|
|
|
252DDABF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.833190772.00000252DDABF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDABF000
|
| Size: |
4096
|
|
|
10E5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.413069380.00000000010E5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E5000
|
| Size: |
20480
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
252DDAB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.410527693.00000252DDAB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB4000
|
| Size: |
8192
|
|
|
19BBDA10000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.408201313.0000019BBDA10000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
19BBDA10000
|
| Size: |
4096
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.797214522.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
252DBBE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.859669880.00000252DBBE0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DBBE0000
|
| Size: |
12288
|
|
|
4A06D6B000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.408147841.0000004A06D6B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4A06D6B000
|
| Size: |
20480
|
|
|
E7478FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.859601351.000000E7478FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E7478FF000
|
| Size: |
4096
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.726388862.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
3276000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.828932942.0000000003276000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3276000
|
| Size: |
4096
|
|
|
252DD8D0000
|
remote allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.355594677.00000252DD8D0000.00000004.00000400.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
remote allocation
|
| Protect: |
page read and write
|
| Base address: |
252DD8D0000
|
| Size: |
4096
|
|
|
24696C5D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.394986096.0000024696C5D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C5D000
|
| Size: |
8192
|
|
|
24696C6D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.803730232.0000024696C6D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C6D000
|
| Size: |
4096
|
|
|
17B0C191000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.859805653.0000017B0C191000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C191000
|
| Size: |
385024
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3253000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.597179561.0000000003253000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3253000
|
| Size: |
4096
|
|
|
3263000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.627773864.0000000003263000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3263000
|
| Size: |
4096
|
|
|
17B0C1F9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.363253060.0000017B0C1F9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1F9000
|
| Size: |
12288
|
|
|
10E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.533038579.00000000010E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E3000
|
| Size: |
49152
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
17B0C1FC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.758009389.0000017B0C1FC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FC000
|
| Size: |
12288
|
|
|
252DDAC9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.574121097.00000252DDAC9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC9000
|
| Size: |
8192
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.726403626.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
3FCC3F9000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.859429434.0000003FCC3F9000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3FCC3F9000
|
| Size: |
28672
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.773363680.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
3253000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.797067499.0000000003253000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3253000
|
| Size: |
4096
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.850049076.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
24696C5D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.394921179.0000024696C5D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C5D000
|
| Size: |
8192
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.805525383.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
3269000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.828615748.0000000003269000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3269000
|
| Size: |
8192
|
|
|
3276000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.756493588.0000000003276000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3276000
|
| Size: |
4096
|
|
|
22DDF15E000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.484861892.0000022DDF15E000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF15E000
|
| Size: |
131072
|
|
|
1C8854FB000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.860439036.000001C8854FB000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C8854FB000
|
| Size: |
24576
|
|
|
244E6F30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000017.00000002.859824023.00000244E6F30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
244E6F30000
|
| Size: |
4096
|
|
|
F92B6FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.493787620.000000F92B6FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F92B6FE000
|
| Size: |
8192
|
|
|
326A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.805437601.000000000326A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326A000
|
| Size: |
4096
|
|
|
252DDAC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.487034653.00000252DDAC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC0000
|
| Size: |
8192
|
|
|
22DDF16C000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.492371403.0000022DDF16C000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF16C000
|
| Size: |
12288
|
|
|
17B0C200000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.859953184.0000017B0C200000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C200000
|
| Size: |
8192
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.693435093.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
252DBCFC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.859848469.00000252DBCFC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DBCFC000
|
| Size: |
348160
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
| URLs found in memory or binary data |
Networking |
|
|
|
27A93070000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.389638644.0000027A93070000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
27A93070000
|
| Size: |
24576
|
|
|
22DDE8C2000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.506151804.0000022DDE8C2000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE8C2000
|
| Size: |
45056
|
|
|
7FFD77900000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000005.00000002.860756356.00007FFD77900000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FFD77900000
|
| Size: |
4096
|
|
|
17B0C1F4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.723148129.0000017B0C1F4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1F4000
|
| Size: |
8192
|
|
|
4A0727B000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.408176899.0000004A0727B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4A0727B000
|
| Size: |
20480
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.693284313.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
22DDF165000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.505102285.0000022DDF165000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF165000
|
| Size: |
40960
|
|
|
1C88ACF1000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.861556512.000001C88ACF1000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C88ACF1000
|
| Size: |
4096
|
|
|
22DDE8EA000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.506181633.0000022DDE8EA000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE8EA000
|
| Size: |
57344
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.574197583.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
4096
|
|
|
1088000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.839720791.0000000001088000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1088000
|
| Size: |
208896
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
22DDF19C000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.491234314.0000022DDF19C000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF19C000
|
| Size: |
4096
|
|
|
24696C56000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.634892217.0000024696C56000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C56000
|
| Size: |
45056
|
|
|
24694D4A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.827969514.0000024694D4A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4A000
|
| Size: |
4096
|
|
|
3269000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.703843589.0000000003269000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3269000
|
| Size: |
8192
|
|
|
24696EBB000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.860719124.0000024696EBB000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
24696EBB000
|
| Size: |
4096
|
|
|
252DDAC8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.429658880.00000252DDAC8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC8000
|
| Size: |
8192
|
|
|
19BBDC4C000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.408258948.0000019BBDC4C000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
19BBDC4C000
|
| Size: |
4096
|
|
|
1087000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.805661206.0000000001087000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1087000
|
| Size: |
212992
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.607491520.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
252DDACA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.843136014.00000252DDACA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACA000
|
| Size: |
8192
|
|
|
1C8864F0000
|
trusted library section
|
page readonly
|
|
|
|
| Name: |
00000014.00000002.860826240.000001C8864F0000.00000002.08000000.00040000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page readonly
|
| Base address: |
1C8864F0000
|
| Size: |
65536
|
|
|
24694D42000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.403286731.0000024694D42000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D42000
|
| Size: |
12288
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.681478085.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
7FFD77930000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000001.00000002.860739344.00007FFD77930000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FFD77930000
|
| Size: |
4096
|
|
|
3FCC57D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.859475764.0000003FCC57D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3FCC57D000
|
| Size: |
12288
|
|
|
252DDAC8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.420353409.00000252DDAC8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC8000
|
| Size: |
8192
|
|
|
252DDACF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.597881186.00000252DDACF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACF000
|
| Size: |
4096
|
|
|
252DDAB8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.734888155.00000252DDAB8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB8000
|
| Size: |
28672
|
|
|
252DDAC4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.401366847.00000252DDAC4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC4000
|
| Size: |
4096
|
|
|
17B0C1FA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.395578234.0000017B0C1FA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FA000
|
| Size: |
12288
|
|
|
252DDABF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.660238698.00000252DDABF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDABF000
|
| Size: |
4096
|
|
|
1C885D18000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.527417540.000001C885D18000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C885D18000
|
| Size: |
4096
|
|
|
17B0C1F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.450780227.0000017B0C1F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1F0000
|
| Size: |
8192
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.565931872.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
4096
|
|
|
326A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.773272765.000000000326A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326A000
|
| Size: |
4096
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.703852378.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
10EE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.449965856.00000000010EE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10EE000
|
| Size: |
4096
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.693441656.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.597219661.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
252DBC70000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.859737476.00000252DBC70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DBC70000
|
| Size: |
12288
|
|
|
3269000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.681744687.0000000003269000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3269000
|
| Size: |
8192
|
|
|
3241000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.520811121.0000000003241000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3241000
|
| Size: |
12288
|
|
|
24694D4B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.730328620.0000024694D4B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4B000
|
| Size: |
4096
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.588788708.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.616506054.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
22DDF186000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.506318601.0000022DDF186000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF186000
|
| Size: |
16384
|
|
|
3278000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.764666849.0000000003278000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3278000
|
| Size: |
4096
|
|
|
1ECE9713000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.441921750.000001ECE9713000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1ECE9713000
|
| Size: |
12288
|
|
|
3253000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.588724557.0000000003253000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3253000
|
| Size: |
4096
|
|
|
17B0C1F8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.495995200.0000017B0C1F8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1F8000
|
| Size: |
20480
|
|
|
19BBDC3C000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.408249280.0000019BBDC3C000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
19BBDC3C000
|
| Size: |
49152
|
|
|
349B000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.860749575.000000000349B000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
349B000
|
| Size: |
4096
|
|
|
326A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.805241354.000000000326A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326A000
|
| Size: |
4096
|
|
|
1C88AC8A000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.861398979.000001C88AC8A000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C88AC8A000
|
| Size: |
110592
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.860559319.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
252DDAB8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.633614220.00000252DDAB8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB8000
|
| Size: |
28672
|
|
|
17B0C1F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.474848352.0000017B0C1F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1F0000
|
| Size: |
16384
|
|
|
10E9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.706371010.00000000010E9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E9000
|
| Size: |
24576
|
|
|
3233000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.520786647.0000000003233000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3233000
|
| Size: |
4096
|
|
|
481C4FD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.859495144.000000481C4FD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
481C4FD000
|
| Size: |
12288
|
|
|
3268000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.627980394.0000000003268000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3268000
|
| Size: |
12288
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.764625575.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
22DDE885000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.506091960.0000022DDE885000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDE885000
|
| Size: |
12288
|
|
|
3276000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.850265895.0000000003276000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3276000
|
| Size: |
4096
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.816982159.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
252DBC50000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.859726770.00000252DBC50000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DBC50000
|
| Size: |
4096
|
|
|
27A93802000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.389682380.0000027A93802000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
27A93802000
|
| Size: |
4096
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.575713481.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.693428584.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
10E5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.817054799.00000000010E5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E5000
|
| Size: |
40960
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
17B0C1FC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.769146799.0000017B0C1FC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FC000
|
| Size: |
12288
|
|
|
F92B879000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.493811091.000000F92B879000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F92B879000
|
| Size: |
28672
|
|
|
252DDABF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.614650181.00000252DDABF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDABF000
|
| Size: |
4096
|
|
|
7FFD7793B000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000001.00000002.860765161.00007FFD7793B000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FFD7793B000
|
| Size: |
4096
|
|
|
22DDF186000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.493728652.0000022DDF186000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF186000
|
| Size: |
397312
|
|
|
252DDABF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.642360021.00000252DDABF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDABF000
|
| Size: |
4096
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.710499376.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
417792
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
10E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.693370165.00000000010E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E3000
|
| Size: |
49152
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.671797078.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
24696C56000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.433944474.0000024696C56000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C56000
|
| Size: |
16384
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3269000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.849947660.0000000003269000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3269000
|
| Size: |
8192
|
|
|
10ED000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.418702729.00000000010ED000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10ED000
|
| Size: |
8192
|
|
|
252DDABF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.712041438.00000252DDABF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDABF000
|
| Size: |
4096
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.767166597.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
36864
|
|
|
3253000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.575572395.0000000003253000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3253000
|
| Size: |
4096
|
|
|
C3EEBFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.389544138.000000C3EEBFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C3EEBFE000
|
| Size: |
8192
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.631492940.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
17B0C138000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.635507260.0000017B0C138000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C138000
|
| Size: |
188416
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
17B0C1FB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.593121209.0000017B0C1FB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FB000
|
| Size: |
4096
|
|
|
244E6D71000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000017.00000003.564644606.00000244E6D71000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
244E6D71000
|
| Size: |
12288
|
|
|
10E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.664001132.00000000010E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E3000
|
| Size: |
49152
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
10EC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.747069170.00000000010EC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10EC000
|
| Size: |
12288
|
|
|
7FFD77930000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000005.00000002.860904309.00007FFD77930000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FFD77930000
|
| Size: |
4096
|
|
|
3276000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.681806118.0000000003276000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3276000
|
| Size: |
4096
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.586103837.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
4096
|
|
|
3269000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.671763572.0000000003269000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3269000
|
| Size: |
8192
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.566160635.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
252DDAC8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.429572685.00000252DDAC8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC8000
|
| Size: |
8192
|
|
|
19BBDC57000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.408266122.0000019BBDC57000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
19BBDC57000
|
| Size: |
98304
|
|
|
3276000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.817171146.0000000003276000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3276000
|
| Size: |
4096
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.755942023.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
36864
|
|
|
17B0C1F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.699326178.0000017B0C1F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1F0000
|
| Size: |
24576
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.589011706.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
1C886530000
|
trusted library section
|
page readonly
|
|
|
|
| Name: |
00000014.00000002.860978653.000001C886530000.00000002.08000000.00040000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page readonly
|
| Base address: |
1C886530000
|
| Size: |
65536
|
|
|
17B0C1FB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.610603884.0000017B0C1FB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FB000
|
| Size: |
4096
|
|
|
10EE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.860097772.00000000010EE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10EE000
|
| Size: |
4096
|
|
|
252DDAB8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.785433225.00000252DDAB8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB8000
|
| Size: |
28672
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.737724316.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
252DDAB8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.795335615.00000252DDAB8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB8000
|
| Size: |
28672
|
|
|
17B0C1F7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.474861750.0000017B0C1F7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1F7000
|
| Size: |
32768
|
|
|
252DDAC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.520123049.00000252DDAC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC0000
|
| Size: |
8192
|
|
|
252DDAC9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.565923200.00000252DDAC9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC9000
|
| Size: |
8192
|
|
|
3267000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.533119829.0000000003267000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3267000
|
| Size: |
16384
|
|
|
1C88AA34000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.518558255.000001C88AA34000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C88AA34000
|
| Size: |
4096
|
|
|
252DDAC8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.420414031.00000252DDAC8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC8000
|
| Size: |
8192
|
|
|
3278000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.850276071.0000000003278000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3278000
|
| Size: |
4096
|
|
|
10E5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.860068281.00000000010E5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E5000
|
| Size: |
16384
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.575876648.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
252DDAC2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.536478504.00000252DDAC2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC2000
|
| Size: |
4096
|
|
|
24694D4B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.782614947.0000024694D4B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4B000
|
| Size: |
4096
|
|
|
252DDAC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.546552085.00000252DDAC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC0000
|
| Size: |
8192
|
|
|
252DDABF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.795262302.00000252DDABF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDABF000
|
| Size: |
4096
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.746931524.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
10BC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.639803325.00000000010BC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10BC000
|
| Size: |
135168
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3263000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.557299688.0000000003263000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3263000
|
| Size: |
12288
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.663936149.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
24696A78000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.860302421.0000024696A78000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696A78000
|
| Size: |
4096
|
|
|
3FCC2FB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.859389789.0000003FCC2FB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3FCC2FB000
|
| Size: |
20480
|
|
|
9ACFC7F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.441740272.0000009ACFC7F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9ACFC7F000
|
| Size: |
4096
|
|
|
252DDAB8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.853644738.00000252DDAB8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB8000
|
| Size: |
28672
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.756586298.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
252DDACA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.748156847.00000252DDACA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACA000
|
| Size: |
8192
|
|
|
73307FB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.859429745.00000073307FB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
73307FB000
|
| Size: |
20480
|
|
|
24694D4B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.737865953.0000024694D4B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4B000
|
| Size: |
4096
|
|
|
22DDF164000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.489890978.0000022DDF164000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF164000
|
| Size: |
36864
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.616716397.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
1C88AA10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.518515270.000001C88AA10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C88AA10000
|
| Size: |
28672
|
|
|
22DDF18D000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.491811581.0000022DDF18D000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF18D000
|
| Size: |
32768
|
|
|
24696C5F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.614613845.0000024696C5F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C5F000
|
| Size: |
4096
|
|
|
1ECE9627000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.441808721.000001ECE9627000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1ECE9627000
|
| Size: |
4096
|
|
|
17B0C1F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.462521792.0000017B0C1F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1F0000
|
| Size: |
16384
|
|
|
10EA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.361260863.00000000010EA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10EA000
|
| Size: |
20480
|
|
|
252DDAC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.499537575.00000252DDAC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC0000
|
| Size: |
8192
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.575858323.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
252DDAD1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.429666530.00000252DDAD1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAD1000
|
| Size: |
4096
|
|
|
10E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.764731884.00000000010E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E3000
|
| Size: |
32768
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3253000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.726355003.0000000003253000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3253000
|
| Size: |
4096
|
|
|
252DDABF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.410549712.00000252DDABF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDABF000
|
| Size: |
12288
|
|
|
252DDABF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.692138585.00000252DDABF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDABF000
|
| Size: |
4096
|
|
|
24694D4A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.840651064.0000024694D4A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4A000
|
| Size: |
4096
|
|
|
24696C63000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.597682438.0000024696C63000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C63000
|
| Size: |
4096
|
|
|
27A93050000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000008.00000003.389253902.0000027A93050000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
27A93050000
|
| Size: |
126976
|
|
|
17B0C190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.407890201.0000017B0C190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C190000
|
| Size: |
389120
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
17B0E107000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.620989053.0000017B0E107000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0E107000
|
| Size: |
8192
|
|
|
3256000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.828602570.0000000003256000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3256000
|
| Size: |
24576
|
|
|
252DDABF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.401462130.00000252DDABF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDABF000
|
| Size: |
16384
|
|
|
3276000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.860534139.0000000003276000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3276000
|
| Size: |
4096
|
|
|
1C8854A3000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.860371630.000001C8854A3000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1C8854A3000
|
| Size: |
24576
|
|
|
24696C6D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.576856910.0000024696C6D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C6D000
|
| Size: |
4096
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.797108856.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
1C88A900000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.861076310.000001C88A900000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C88A900000
|
| Size: |
4096
|
|
|
1C88AB70000
|
remote allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.521532548.000001C88AB70000.00000004.00000400.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
remote allocation
|
| Protect: |
page read and write
|
| Base address: |
1C88AB70000
|
| Size: |
4096
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.607507039.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
24694D4D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.646540092.0000024694D4D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4D000
|
| Size: |
8192
|
|
|
3272000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.703737759.0000000003272000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
F129CF8000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.505972509.000000F129CF8000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F129CF8000
|
| Size: |
32768
|
|
|
7FFD77920000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000005.00000002.860848347.00007FFD77920000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FFD77920000
|
| Size: |
24576
|
|
|
17B0C1FD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.419820076.0000017B0C1FD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17B0C1FD000
|
| Size: |
8192
|
|
|
22DDF15E000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.484442118.0000022DDF15E000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF15E000
|
| Size: |
53248
|
|
|
252DDAC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.536558118.00000252DDAC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAC0000
|
| Size: |
8192
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.703712767.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
|
24696C56000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.403093918.0000024696C56000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C56000
|
| Size: |
12288
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
1C88AB70000
|
remote allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.521579004.000001C88AB70000.00000004.00000400.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
remote allocation
|
| Protect: |
page read and write
|
| Base address: |
1C88AB70000
|
| Size: |
4096
|
|
|
24696C56000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.519844715.0000024696C56000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24696C56000
|
| Size: |
32768
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
24694D4B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.541886027.0000024694D4B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24694D4B000
|
| Size: |
8192
|
|
|
3278000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.805303714.0000000003278000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3278000
|
| Size: |
4096
|
|
|
326A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.746810272.000000000326A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326A000
|
| Size: |
4096
|
|
|
22DDF1BB000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.489239343.0000022DDF1BB000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF1BB000
|
| Size: |
61440
|
|
|
10BC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.805691501.00000000010BC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10BC000
|
| Size: |
135168
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
22DDF199000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.488216437.0000022DDF199000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
22DDF199000
|
| Size: |
32768
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.628021808.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
8192
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.764472126.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.627991403.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
252DDAB8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.703274150.00000252DDAB8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB8000
|
| Size: |
28672
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.797207478.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.712068082.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
36864
|
|
|
10E4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.479029855.00000000010E4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E4000
|
| Size: |
45056
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3274000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.588794501.0000000003274000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
4096
|
|
|
3276000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.839411852.0000000003276000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3276000
|
| Size: |
4096
|
|
|
326C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.746656795.000000000326C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326C000
|
| Size: |
4096
|
|
|
4A0707D000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.408164064.0000004A0707D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4A0707D000
|
| Size: |
12288
|
|
|
10E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.520718160.00000000010E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E3000
|
| Size: |
49152
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
252DDACD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.682591930.00000252DDACD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDACD000
|
| Size: |
24576
|
|
|
252DDABF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.597848713.00000252DDABF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDABF000
|
| Size: |
12288
|
|
|
1C8853B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.859768214.000001C8853B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C8853B0000
|
| Size: |
12288
|
|
|
252DDAB8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.682649620.00000252DDAB8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
252DDAB8000
|
| Size: |
28672
|
|
|
326E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.805257928.000000000326E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
4096
|
|
