2187E430000
|
heap
|
page read and write
|
 |
|
|
Name: |
00000001.00000003.22394147727.000002187E430000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E430000
|
Size: |
53248
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Yara detected STRRAT |
Stealing of Sensitive Information, Remote Access Functionality |
|
|
A5A0000
|
trusted library allocation
|
page read and write
|
 |
|
|
Name: |
00000003.00000002.27426510250.000000000A5A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
A5A0000
|
Size: |
196608
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Malicious sample detected (through community Yara rule) |
System Summary |
|
Yara detected AllatoriJARObfuscator |
Data Obfuscation |
|
Yara signature match |
System Summary |
|
URLs found in memory or binary data |
Networking |
|
|
2187E430000
|
heap
|
page read and write
|
 |
|
|
Name: |
00000001.00000003.22390846776.000002187E430000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E430000
|
Size: |
53248
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Yara detected STRRAT |
Stealing of Sensitive Information, Remote Access Functionality |
|
|
2187E4F0000
|
heap
|
page read and write
|
 |
|
|
Name: |
00000001.00000003.22385934130.000002187E4F0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E4F0000
|
Size: |
131072
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Yara detected STRRAT |
Stealing of Sensitive Information, Remote Access Functionality |
|
|
2187E371000
|
heap
|
page read and write
|
 |
|
|
Name: |
00000001.00000003.22386226077.000002187E371000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E371000
|
Size: |
352256
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Yara detected STRRAT |
Stealing of Sensitive Information, Remote Access Functionality |
|
|
2187E430000
|
heap
|
page read and write
|
 |
|
|
Name: |
00000001.00000003.22384533706.000002187E430000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E430000
|
Size: |
53248
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Yara detected STRRAT |
Stealing of Sensitive Information, Remote Access Functionality |
|
|
A560000
|
trusted library allocation
|
page read and write
|
 |
|
|
Name: |
00000003.00000002.27425966118.000000000A560000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
A560000
|
Size: |
12288
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Malicious sample detected (through community Yara rule) |
System Summary |
|
Yara detected AllatoriJARObfuscator |
Data Obfuscation |
|
Yara signature match |
System Summary |
|
URLs found in memory or binary data |
Networking |
|
|
2187E430000
|
heap
|
page read and write
|
 |
|
|
Name: |
00000001.00000003.22394646082.000002187E430000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E430000
|
Size: |
53248
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Yara detected STRRAT |
Stealing of Sensitive Information, Remote Access Functionality |
|
|
2187E430000
|
heap
|
page read and write
|
 |
|
|
Name: |
00000001.00000002.22402249146.000002187E430000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E430000
|
Size: |
53248
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Yara detected STRRAT |
Stealing of Sensitive Information, Remote Access Functionality |
|
|
2187E4E0000
|
heap
|
page read and write
|
 |
|
|
Name: |
00000001.00000003.22385648189.000002187E4E0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E4E0000
|
Size: |
196608
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Yara detected STRRAT |
Stealing of Sensitive Information, Remote Access Functionality |
|
Yara signature match |
System Summary |
|
|
2187DAC0000
|
heap
|
page read and write
|
 |
|
|
Name: |
00000001.00000002.22400188270.000002187DAC0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187DAC0000
|
Size: |
724992
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Yara detected STRRAT |
Stealing of Sensitive Information, Remote Access Functionality |
|
|
161CC4D5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.22389160347.00000161CC4D5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC4D5000
|
Size: |
16384
|
|
347E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.22392145731.000000000347E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
347E000
|
Size: |
8192
|
|
161CC309000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22386421119.00000161CC309000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC309000
|
Size: |
8192
|
|
19847FE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22397336000.00000019847FE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
19847FE000
|
Size: |
8192
|
|
161CC305000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.22389034578.00000161CC305000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC305000
|
Size: |
4096
|
|
2187D400000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22376192459.000002187D400000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D400000
|
Size: |
4096
|
|
15DC3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.26446586922.0000000015DC3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15DC3000
|
Size: |
8192
|
|
54F9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27424826943.00000000054F9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
54F9000
|
Size: |
12288
|
|
165B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27451799916.00000000165B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
165B0000
|
Size: |
110592
|
|
161CE0BF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22384650288.00000161CE0BF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0BF000
|
Size: |
8192
|
|
5477000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27423605505.0000000005477000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5477000
|
Size: |
4096
|
|
161CE0C4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.22389292235.00000161CE0C4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0C4000
|
Size: |
20480
|
|
2187E4D6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22402805260.000002187E4D6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E4D6000
|
Size: |
24576
|
|
161CE0DD000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22383830270.00000161CE0DD000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0DD000
|
Size: |
16384
|
|
1984AFF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22397467085.0000001984AFF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1984AFF000
|
Size: |
4096
|
|
1353000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27411615102.0000000001353000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1353000
|
Size: |
311296
|
|
2187E445000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22384662763.000002187E445000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E445000
|
Size: |
57344
|
|
160FD000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27449286687.00000000160FD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
160FD000
|
Size: |
12288
|
|
15DC9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.22497408900.0000000015DC9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15DC9000
|
Size: |
24576
|
|
1566E000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27442735975.000000001566E000.00000004.00000001.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
1566E000
|
Size: |
8192
|
|
548C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27423918653.000000000548C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
548C000
|
Size: |
12288
|
|
161CE106000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22383714868.00000161CE106000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE106000
|
Size: |
4096
|
|
161CE0B6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.22389247065.00000161CE0B6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0B6000
|
Size: |
20480
|
|
2187B58F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22389932106.000002187B58F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187B58F000
|
Size: |
421888
|
|
2187D400000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22376032831.000002187D400000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D400000
|
Size: |
4096
|
|
15816000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.25434829158.0000000015816000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15816000
|
Size: |
126976
|
|
161CC2B5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22385025910.00000161CC2B5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC2B5000
|
Size: |
12288
|
|
161CC4D9000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22385829611.00000161CC4D9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC4D9000
|
Size: |
8192
|
|
161CE0C9000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22384037080.00000161CE0C9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0C9000
|
Size: |
24576
|
|
16149000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27449332516.0000000016149000.00000004.00000001.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
16149000
|
Size: |
28672
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
1561E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27442661551.000000001561E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1561E000
|
Size: |
8192
|
|
2F8E000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000003.00000002.27412853199.0000000002F8E000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
2F8E000
|
Size: |
8192
|
|
15DC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.24270762676.0000000015DC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15DC0000
|
Size: |
8192
|
|
2187D4B0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22374900841.000002187D4B0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D4B0000
|
Size: |
8192
|
|
16603000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.26447254292.0000000016603000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
16603000
|
Size: |
163840
|
|
161CE6A2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22386253042.00000161CE6A2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
161CE6A2000
|
Size: |
4096
|
|
161CE4E0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22386687350.00000161CE4E0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE4E0000
|
Size: |
4096
|
|
15D3A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.26445698988.0000000015D3A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15D3A000
|
Size: |
524288
|
|
2187D400000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22373193230.000002187D400000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D400000
|
Size: |
4096
|
|
161CC2E7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22387082211.00000161CC2E7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC2E7000
|
Size: |
12288
|
|
2187D426000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22396732345.000002187D426000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D426000
|
Size: |
32768
|
|
161CC281000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.22388359844.00000161CC281000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC281000
|
Size: |
16384
|
|
14DF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27412181849.00000000014DF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
14DF000
|
Size: |
4096
|
|
15839000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.22441627123.0000000015839000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15839000
|
Size: |
24576
|
|
161CE0BF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22385883551.00000161CE0BF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0BF000
|
Size: |
8192
|
|
2187B360000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22397833539.000002187B360000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187B360000
|
Size: |
4096
|
|
15839000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.22497978047.0000000015839000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15839000
|
Size: |
24576
|
|
2187B57B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22393198298.000002187B57B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187B57B000
|
Size: |
16384
|
|
2187D3FD000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22373214078.000002187D3FD000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D3FD000
|
Size: |
8192
|
|
2187D4C2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22388237467.000002187D4C2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D4C2000
|
Size: |
4096
|
|
2187D6E3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22388719562.000002187D6E3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D6E3000
|
Size: |
12288
|
|
525E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27419753160.000000000525E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
525E000
|
Size: |
1695744
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
2187E412000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22390636189.000002187E412000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E412000
|
Size: |
118784
|
|
15DBD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.25432945164.0000000015DBD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15DBD000
|
Size: |
20480
|
|
161CC4B0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22386524798.00000161CC4B0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC4B0000
|
Size: |
32768
|
|
1555E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.22385045551.000000001555E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1555E000
|
Size: |
1916928
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
2187E445000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22394278528.000002187E445000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E445000
|
Size: |
57344
|
|
161CE107000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22383583640.00000161CE107000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE107000
|
Size: |
4096
|
|
2187B5FE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22390432189.000002187B5FE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187B5FE000
|
Size: |
12288
|
|
F30000
|
unclassified section
|
page readonly
|
|
|
|
Name: |
00000003.00000002.27410327618.0000000000F30000.00000002.10000000.00040000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
unclassified section
|
Protect: |
page readonly
|
Base address: |
F30000
|
Size: |
4096
|
|
157F6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.23360068662.00000000157F6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
157F6000
|
Size: |
131072
|
|
161CC309000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22386362408.00000161CC309000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC309000
|
Size: |
8192
|
|
15DBC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.22443754013.0000000015DBC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15DBC000
|
Size: |
8192
|
|
547F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27423778473.000000000547F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
547F000
|
Size: |
8192
|
|
2187B5FE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22398715873.000002187B5FE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187B5FE000
|
Size: |
12288
|
|
2187D5D0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22393745029.000002187D5D0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D5D0000
|
Size: |
24576
|
|
161CE0E5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22383864494.00000161CE0E5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0E5000
|
Size: |
4096
|
|
2187B562000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22398133712.000002187B562000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187B562000
|
Size: |
77824
|
|
5484000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27423830126.0000000005484000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5484000
|
Size: |
4096
|
|
2187D6DF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22399943009.000002187D6DF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D6DF000
|
Size: |
4096
|
|
2187B642000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22390522369.000002187B642000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187B642000
|
Size: |
53248
|
|
15DC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.23359884573.0000000015DC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15DC0000
|
Size: |
8192
|
|
2187D6E3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22396569083.000002187D6E3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D6E3000
|
Size: |
12288
|
|
2187E4D5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22391652779.000002187E4D5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E4D5000
|
Size: |
28672
|
|
2187D6FF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22396902230.000002187D6FF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D6FF000
|
Size: |
4096
|
|
12A4DFF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.22388012321.00000012A4DFF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
12A4DFF000
|
Size: |
4096
|
|
3241000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.22392038085.0000000003241000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3241000
|
Size: |
4096
|
|
2187D3E0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22399300527.000002187D3E0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D3E0000
|
Size: |
4096
|
|
161CE0D5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22383885653.00000161CE0D5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0D5000
|
Size: |
32768
|
|
548A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27423874785.000000000548A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
548A000
|
Size: |
4096
|
|
2187D401000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22372690001.000002187D401000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D401000
|
Size: |
184320
|
|
8349F7A000
|
stack
|
page read and write
|
|
|
|
Name: |
00000011.00000002.25844095782.0000008349F7A000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
17
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
8349F7A000
|
Size: |
24576
|
|
165CB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.26447444661.00000000165CB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
165CB000
|
Size: |
45056
|
|
2187D40E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22389344423.000002187D40E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D40E000
|
Size: |
131072
|
|
19850FB000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22397754657.00000019850FB000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
19850FB000
|
Size: |
20480
|
|
2187D40E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22399429079.000002187D40E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D40E000
|
Size: |
8192
|
|
2187D3E6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22399322055.000002187D3E6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D3E6000
|
Size: |
4096
|
|
2187D4C7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22388268746.000002187D4C7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D4C7000
|
Size: |
20480
|
|
2187D820000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22400058358.000002187D820000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D820000
|
Size: |
4096
|
|
2187E371000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22376381869.000002187E371000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E371000
|
Size: |
749568
|
|
15804000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.25433366165.0000000015804000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15804000
|
Size: |
8192
|
|
1984EFD000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22397691060.0000001984EFD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1984EFD000
|
Size: |
12288
|
|
1558E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27442510060.000000001558E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1558E000
|
Size: |
8192
|
|
2187B64E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22395146069.000002187B64E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187B64E000
|
Size: |
4096
|
|
15DC9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.22498790236.0000000015DC9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15DC9000
|
Size: |
24576
|
|
2187DAB0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22400165152.000002187DAB0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187DAB0000
|
Size: |
4096
|
|
15DC9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.23360956408.0000000015DC9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15DC9000
|
Size: |
24576
|
|
2187B770000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22399096233.000002187B770000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187B770000
|
Size: |
32768
|
|
2187D4CD000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22371567816.000002187D4CD000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D4CD000
|
Size: |
4096
|
|
15839000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.25435082837.0000000015839000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15839000
|
Size: |
24576
|
|
2187D69E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22396811286.000002187D69E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D69E000
|
Size: |
4096
|
|
2187D6DF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22396843029.000002187D6DF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D6DF000
|
Size: |
4096
|
|
197E5CE0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000011.00000002.25845660095.00000197E5CE0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
17
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
197E5CE0000
|
Size: |
4096
|
|
1661B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.24270154602.000000001661B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1661B000
|
Size: |
40960
|
|
34C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000004.00000002.22392216405.00000000034C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
34C0000
|
Size: |
4096
|
|
2187B7A0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22399165891.000002187B7A0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187B7A0000
|
Size: |
16384
|
|
2187D4E0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22399788810.000002187D4E0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D4E0000
|
Size: |
4096
|
|
16150000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27449398739.0000000016150000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
16150000
|
Size: |
1048576
|
|
2187B750000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22399025867.000002187B750000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187B750000
|
Size: |
4096
|
|
2187B57F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22393043365.000002187B57F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187B57F000
|
Size: |
65536
|
|
161CE6A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22386207329.00000161CE6A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
161CE6A4000
|
Size: |
4096
|
|
15D5B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.24270222939.0000000015D5B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15D5B000
|
Size: |
389120
|
|
161CE0CF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22383993454.00000161CE0CF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0CF000
|
Size: |
24576
|
|
2187E3CB000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22393897738.000002187E3CB000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E3CB000
|
Size: |
16384
|
|
5253000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27419613183.0000000005253000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5253000
|
Size: |
8192
|
|
197E5960000
|
heap
|
page read and write
|
|
|
|
Name: |
00000011.00000002.25844183374.00000197E5960000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
17
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
197E5960000
|
Size: |
4096
|
|
161CE0E6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22383541522.00000161CE0E6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0E6000
|
Size: |
24576
|
|
161CE3A0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22386933623.00000161CE3A0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE3A0000
|
Size: |
4096
|
|
2187E47B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22394532037.000002187E47B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E47B000
|
Size: |
4096
|
|
161CC2C2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22387056127.00000161CC2C2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC2C2000
|
Size: |
4096
|
|
165A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27451718870.00000000165A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
165A0000
|
Size: |
12288
|
|
2187D5D7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22393787099.000002187D5D7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D5D7000
|
Size: |
20480
|
|
A5ED000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27427004712.000000000A5ED000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
A5ED000
|
Size: |
212992
|
|
1580D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27444489672.000000001580D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1580D000
|
Size: |
163840
|
|
2187D4CB000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22389573307.000002187D4CB000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D4CB000
|
Size: |
4096
|
|
161CC2C2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22385711707.00000161CC2C2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC2C2000
|
Size: |
12288
|
|
15F4D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27448823062.0000000015F4D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
15F4D000
|
Size: |
12288
|
|
2187D42E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22372076731.000002187D42E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D42E000
|
Size: |
372736
|
|
2187B57C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22398380221.000002187B57C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187B57C000
|
Size: |
12288
|
|
2187D4B0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22399676232.000002187D4B0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D4B0000
|
Size: |
8192
|
|
161CE6A5000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22386185515.00000161CE6A5000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
161CE6A5000
|
Size: |
4096
|
|
2187D4CD000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22371606376.000002187D4CD000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D4CD000
|
Size: |
4096
|
|
161CC2AC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22385565051.00000161CC2AC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC2AC000
|
Size: |
20480
|
|
15CE6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.22444863564.0000000015CE6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15CE6000
|
Size: |
4096
|
|
2187E48D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22386780019.000002187E48D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E48D000
|
Size: |
335872
|
|
15C6A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.23359964271.0000000015C6A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15C6A000
|
Size: |
65536
|
|
197E5A21000
|
heap
|
page read and write
|
|
|
|
Name: |
00000011.00000002.25844682107.00000197E5A21000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
17
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
197E5A21000
|
Size: |
8192
|
|
2187D3FD000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22389631601.000002187D3FD000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D3FD000
|
Size: |
8192
|
|
2187DF10000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22401501033.000002187DF10000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187DF10000
|
Size: |
4096
|
|
197E5A40000
|
heap
|
page read and write
|
|
|
|
Name: |
00000011.00000002.25844999385.00000197E5A40000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
17
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
197E5A40000
|
Size: |
16384
|
|
161CE0EC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22383358964.00000161CE0EC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0EC000
|
Size: |
102400
|
|
2FED000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000003.00000002.27413169444.0000000002FED000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
2FED000
|
Size: |
16384
|
|
5515000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27425199131.0000000005515000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5515000
|
Size: |
12288
|
|
15DC9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.22443065966.0000000015DC9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15DC9000
|
Size: |
24576
|
|
2187D6FF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22399997761.000002187D6FF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D6FF000
|
Size: |
4096
|
|
15D1B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.22442023376.0000000015D1B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15D1B000
|
Size: |
651264
|
|
127E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27410489802.000000000127E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
127E000
|
Size: |
8192
|
|
165EB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.22441876729.00000000165EB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
165EB000
|
Size: |
90112
|
|
161CE0D8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22383938418.00000161CE0D8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0D8000
|
Size: |
20480
|
|
15D3A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.24270853682.0000000015D3A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15D3A000
|
Size: |
135168
|
|
5000000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27415410402.0000000005000000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5000000
|
Size: |
2433024
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
A8E5000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27433180849.000000000A8E5000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
A8E5000
|
Size: |
4096
|
|
161CE0BF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22384482319.00000161CE0BF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0BF000
|
Size: |
8192
|
|
15C7A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.23358392931.0000000015C7A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15C7A000
|
Size: |
118784
|
|
2187D5DE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22393822870.000002187D5DE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D5DE000
|
Size: |
4096
|
|
FAE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.22391845085.0000000000FAE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
FAE000
|
Size: |
8192
|
|
2187D427000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22399617486.000002187D427000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D427000
|
Size: |
28672
|
|
2187D423000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22396663073.000002187D423000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D423000
|
Size: |
45056
|
|
16603000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.25431919658.0000000016603000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
16603000
|
Size: |
163840
|
|
2187E4D2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22374441650.000002187E4D2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E4D2000
|
Size: |
122880
|
|
54A1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27424117032.00000000054A1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
54A1000
|
Size: |
12288
|
|
15DC9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.26446642112.0000000015DC9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15DC9000
|
Size: |
24576
|
|
2187D6E3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22375273995.000002187D6E3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D6E3000
|
Size: |
12288
|
|
161CE0BF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22384585223.00000161CE0BF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0BF000
|
Size: |
8192
|
|
2187D6DF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22388690894.000002187D6DF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D6DF000
|
Size: |
4096
|
|
15F98000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27448885112.0000000015F98000.00000004.00000001.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
15F98000
|
Size: |
32768
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
161CC2AA000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.22388723145.00000161CC2AA000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC2AA000
|
Size: |
8192
|
|
161CC272000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.22388281353.00000161CC272000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC272000
|
Size: |
40960
|
|
15816000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.23357812532.0000000015816000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15816000
|
Size: |
126976
|
|
161CC2E7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22387154428.00000161CC2E7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC2E7000
|
Size: |
12288
|
|
34BF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.22392185270.00000000034BF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
34BF000
|
Size: |
4096
|
|
A597000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27426401335.000000000A597000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
A597000
|
Size: |
24576
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
2187D5E1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22395318755.000002187D5E1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D5E1000
|
Size: |
778240
|
|
2187D53F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22393273631.000002187D53F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D53F000
|
Size: |
393216
|
|
15BD0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27445076810.0000000015BD0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15BD0000
|
Size: |
815104
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
2187B576000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22398303802.000002187B576000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187B576000
|
Size: |
20480
|
|
15C98000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.22444344330.0000000015C98000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15C98000
|
Size: |
315392
|
|
13B5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27412137634.00000000013B5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
13B5000
|
Size: |
16384
|
|
2187D4C3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22372615858.000002187D4C3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D4C3000
|
Size: |
49152
|
|
A70E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27429538113.000000000A70E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
A70E000
|
Size: |
16384
|
|
15DC4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.25433026893.0000000015DC4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15DC4000
|
Size: |
4096
|
|
161CE6A6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22386159790.00000161CE6A6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
161CE6A6000
|
Size: |
4096
|
|
8349D7F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000011.00000002.25843981019.0000008349D7F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
17
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
8349D7F000
|
Size: |
4096
|
|
2187D410000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22376209120.000002187D410000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D410000
|
Size: |
122880
|
|
165E3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.22496495482.00000000165E3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
165E3000
|
Size: |
110592
|
|
161CC2A9000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22387354912.00000161CC2A9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC2A9000
|
Size: |
12288
|
|
2187E4D1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22393852306.000002187E4D1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E4D1000
|
Size: |
16384
|
|
A623000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27427400218.000000000A623000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
A623000
|
Size: |
16384
|
|
2187DF70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22401618985.000002187DF70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2187DF70000
|
Size: |
36864
|
|
15DBC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.22498734759.0000000015DBC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15DBC000
|
Size: |
8192
|
|
2FE6000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000003.00000002.27413126497.0000000002FE6000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
2FE6000
|
Size: |
4096
|
|
197E5A89000
|
heap
|
page read and write
|
|
|
|
Name: |
00000011.00000003.25843245773.00000197E5A89000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
17
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
197E5A89000
|
Size: |
36864
|
|
2187B760000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22399061058.000002187B760000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187B760000
|
Size: |
4096
|
|
A88C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27432606576.000000000A88C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
A88C000
|
Size: |
28672
|
|
161CE0D2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22384081539.00000161CE0D2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0D2000
|
Size: |
12288
|
|
2187D6FF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22396599281.000002187D6FF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D6FF000
|
Size: |
4096
|
|
15C6A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.25435166546.0000000015C6A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15C6A000
|
Size: |
65536
|
|
15839000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.23358018624.0000000015839000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15839000
|
Size: |
24576
|
|
2187B650000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22398975110.000002187B650000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187B650000
|
Size: |
8192
|
|
15B3F000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27444991691.0000000015B3F000.00000004.00000001.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
15B3F000
|
Size: |
4096
|
|
2187E427000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22394591532.000002187E427000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E427000
|
Size: |
32768
|
|
2187E445000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22402401115.000002187E445000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E445000
|
Size: |
57344
|
|
155DE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27442585193.00000000155DE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
155DE000
|
Size: |
8192
|
|
2187E447000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22377261760.000002187E447000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E447000
|
Size: |
4096
|
|
15804000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.26447621396.0000000015804000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15804000
|
Size: |
8192
|
|
2187D4CA000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22396619752.000002187D4CA000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D4CA000
|
Size: |
4096
|
|
161CE0FB000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22383668266.00000161CE0FB000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0FB000
|
Size: |
12288
|
|
2187D3E1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22376099391.000002187D3E1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D3E1000
|
Size: |
36864
|
|
161CE0B3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22384194604.00000161CE0B3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0B3000
|
Size: |
57344
|
|
F60000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.22391795922.0000000000F60000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
F60000
|
Size: |
20480
|
|
157F6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.22497462492.00000000157F6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
157F6000
|
Size: |
258048
|
|
15DBD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.24270732158.0000000015DBD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15DBD000
|
Size: |
8192
|
|
15D32000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.22496676334.0000000015D32000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15D32000
|
Size: |
557056
|
|
15C3A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.25435556138.0000000015C3A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15C3A000
|
Size: |
196608
|
|
2187D3FB000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22388923435.000002187D3FB000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D3FB000
|
Size: |
16384
|
|
547C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27423726723.000000000547C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
547C000
|
Size: |
8192
|
|
157F6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.25433235594.00000000157F6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
157F6000
|
Size: |
32768
|
|
5256000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27419678747.0000000005256000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5256000
|
Size: |
12288
|
|
2187D6DF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22396548659.000002187D6DF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D6DF000
|
Size: |
4096
|
|
15D22000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.22498833371.0000000015D22000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15D22000
|
Size: |
36864
|
|
161CC2B5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.22388942657.00000161CC2B5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC2B5000
|
Size: |
12288
|
|
12A0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27410521560.00000000012A0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
12A0000
|
Size: |
24576
|
|
12A49FE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.22387870422.00000012A49FE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
12A49FE000
|
Size: |
8192
|
|
A8D6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27433115062.000000000A8D6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
A8D6000
|
Size: |
4096
|
|
2187D42E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22387853962.000002187D42E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D42E000
|
Size: |
249856
|
|
15839000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.22497806812.0000000015839000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15839000
|
Size: |
24576
|
|
15DBC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.22443006172.0000000015DBC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15DBC000
|
Size: |
8192
|
|
197E5B02000
|
heap
|
page read and write
|
|
|
|
Name: |
00000011.00000002.25845553826.00000197E5B02000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
17
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
197E5B02000
|
Size: |
16384
|
|
2187E48B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22395066198.000002187E48B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E48B000
|
Size: |
8192
|
|
15D1D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.23359316550.0000000015D1D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15D1D000
|
Size: |
57344
|
|
161CC305000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22385798628.00000161CC305000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC305000
|
Size: |
8192
|
|
197E5A3C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000011.00000002.25844943363.00000197E5A3C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
17
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
197E5A3C000
|
Size: |
12288
|
|
2187D3E1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22389508747.000002187D3E1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D3E1000
|
Size: |
36864
|
|
2ED0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27412408704.0000000002ED0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2ED0000
|
Size: |
4096
|
|
2187E43E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22384610924.000002187E43E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E43E000
|
Size: |
24576
|
|
161CE0E5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22384114466.00000161CE0E5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0E5000
|
Size: |
4096
|
|
161CE3E0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22386813371.00000161CE3E0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE3E0000
|
Size: |
4096
|
|
343F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.22392109690.000000000343F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
343F000
|
Size: |
4096
|
|
2187D090000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22399277572.000002187D090000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D090000
|
Size: |
4096
|
|
161CC260000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.22388143495.00000161CC260000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC260000
|
Size: |
28672
|
|
15D2B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.23356824018.0000000015D2B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15D2B000
|
Size: |
106496
|
|
15FDD000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27448989820.0000000015FDD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
15FDD000
|
Size: |
12288
|
|
2187D3E7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22389899755.000002187D3E7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D3E7000
|
Size: |
12288
|
|
5529000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27425390754.0000000005529000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5529000
|
Size: |
4096
|
|
2187E47B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22395038692.000002187E47B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E47B000
|
Size: |
4096
|
|
12A4CFE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.22387973271.00000012A4CFE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
12A4CFE000
|
Size: |
8192
|
|
A637000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27427626766.000000000A637000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
A637000
|
Size: |
57344
|
|
54DC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27424585504.00000000054DC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
54DC000
|
Size: |
28672
|
|
2187B580000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22398445001.000002187B580000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187B580000
|
Size: |
61440
|
|
161CE0FA000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22386044645.00000161CE0FA000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0FA000
|
Size: |
4096
|
|
2187E43E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22394216409.000002187E43E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E43E000
|
Size: |
24576
|
|
2187E4E0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22391561895.000002187E4E0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E4E0000
|
Size: |
65536
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Yara signature match |
System Summary |
|
|
2187B7A5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22399208182.000002187B7A5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187B7A5000
|
Size: |
16384
|
|
2187D69F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22388415671.000002187D69F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D69F000
|
Size: |
192512
|
|
2187B642000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22395102040.000002187B642000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187B642000
|
Size: |
16384
|
|
15C98000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.25433675321.0000000015C98000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15C98000
|
Size: |
540672
|
|
2187D5DE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22399901508.000002187D5DE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D5DE000
|
Size: |
4096
|
|
134F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27411588271.000000000134F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
134F000
|
Size: |
4096
|
|
15DC3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27448603593.0000000015DC3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15DC3000
|
Size: |
8192
|
|
5538000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27425612485.0000000005538000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5538000
|
Size: |
4096
|
|
2187D42E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22374602551.000002187D42E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D42E000
|
Size: |
262144
|
|
150F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27433933686.00000000150F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
150F0000
|
Size: |
4521984
|
|
2187E48B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22394557269.000002187E48B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E48B000
|
Size: |
8192
|
|
2187E3C7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22386171826.000002187E3C7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E3C7000
|
Size: |
32768
|
|
15DC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.23357717671.0000000015DC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15DC0000
|
Size: |
8192
|
|
2187D401000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22389273234.000002187D401000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D401000
|
Size: |
49152
|
|
2F50000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000003.00000002.27412578291.0000000002F50000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
2F50000
|
Size: |
4096
|
|
2187D4C7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22389862840.000002187D4C7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D4C7000
|
Size: |
16384
|
|
2F8A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000003.00000002.27412798368.0000000002F8A000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
2F8A000
|
Size: |
12288
|
|
1598F000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27444791348.000000001598F000.00000004.00000001.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
1598F000
|
Size: |
4096
|
|
2187D3EA000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22373084102.000002187D3EA000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D3EA000
|
Size: |
86016
|
|
165CB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.24269283013.00000000165CB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
165CB000
|
Size: |
368640
|
|
E50000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.22391665506.0000000000E50000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
E50000
|
Size: |
4096
|
|
2187D5D0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22399811333.000002187D5D0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D5D0000
|
Size: |
24576
|
|
197E5A8F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000011.00000002.25845474595.00000197E5A8F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
17
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
197E5A8F000
|
Size: |
12288
|
|
16603000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.24269974926.0000000016603000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
16603000
|
Size: |
139264
|
|
12A4AFF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.22387903889.00000012A4AFF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
12A4AFF000
|
Size: |
4096
|
|
545C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27423360552.000000000545C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
545C000
|
Size: |
28672
|
|
F30000
|
unclassified section
|
page readonly
|
|
|
|
Name: |
00000004.00000002.22391769117.0000000000F30000.00000002.10000000.00040000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
unclassified section
|
Protect: |
page readonly
|
Base address: |
F30000
|
Size: |
4096
|
|
161CE0E1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22383793075.00000161CE0E1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0E1000
|
Size: |
20480
|
|
15C3A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.22443847680.0000000015C3A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15C3A000
|
Size: |
380928
|
|
2187D4C2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22399705928.000002187D4C2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D4C2000
|
Size: |
4096
|
|
161CC2C2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22385093462.00000161CC2C2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC2C2000
|
Size: |
12288
|
|
2187D788000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22400020245.000002187D788000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D788000
|
Size: |
12288
|
|
161CC286000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.22388429337.00000161CC286000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC286000
|
Size: |
20480
|
|
2187B646000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22391434595.000002187B646000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187B646000
|
Size: |
36864
|
|
12A47FE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.22387837574.00000012A47FE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
12A47FE000
|
Size: |
8192
|
|
2187D6DF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22396455101.000002187D6DF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D6DF000
|
Size: |
4096
|
|
161CC29F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22387273822.00000161CC29F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC29F000
|
Size: |
53248
|
|
5505000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27424989143.0000000005505000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5505000
|
Size: |
12288
|
|
161CE0B2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22384335052.00000161CE0B2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0B2000
|
Size: |
4096
|
|
12A45FE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.22387767596.00000012A45FE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
12A45FE000
|
Size: |
8192
|
|
2187E445000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22391072905.000002187E445000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E445000
|
Size: |
57344
|
|
A8EC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27433213239.000000000A8EC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
A8EC000
|
Size: |
53248
|
|
54F7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27424783929.00000000054F7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
54F7000
|
Size: |
4096
|
|
2187E48B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22402744462.000002187E48B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E48B000
|
Size: |
8192
|
|
15DC9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.25433083100.0000000015DC9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15DC9000
|
Size: |
24576
|
|
2187E3FA000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22401967481.000002187E3FA000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E3FA000
|
Size: |
98304
|
|
A64C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27427856677.000000000A64C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
A64C000
|
Size: |
475136
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
2187E43E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22402342694.000002187E43E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E43E000
|
Size: |
24576
|
|
12A46FE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.22387799058.00000012A46FE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
12A46FE000
|
Size: |
8192
|
|
83497CB000
|
stack
|
page read and write
|
|
|
|
Name: |
00000011.00000002.25843895234.00000083497CB000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
17
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
83497CB000
|
Size: |
20480
|
|
15D5B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.25432209864.0000000015D5B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15D5B000
|
Size: |
389120
|
|
12A44F9000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.22387710194.00000012A44F9000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
12A44F9000
|
Size: |
28672
|
|
2F92000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000003.00000002.27412902014.0000000002F92000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
2F92000
|
Size: |
24576
|
|
2187DC00000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22401353648.000002187DC00000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187DC00000
|
Size: |
4096
|
|
15DBB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.26446512337.0000000015DBB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15DBB000
|
Size: |
4096
|
|
A62A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27427478576.000000000A62A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
A62A000
|
Size: |
12288
|
|
2187E4E0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22386689857.000002187E4E0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E4E0000
|
Size: |
65536
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Yara signature match |
System Summary |
|
|
197E5A84000
|
heap
|
page read and write
|
|
|
|
Name: |
00000011.00000003.25843394814.00000197E5A84000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
17
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
197E5A84000
|
Size: |
20480
|
|
2187D4B0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22388201819.000002187D4B0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D4B0000
|
Size: |
8192
|
|
15DBC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.22497354140.0000000015DBC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15DBC000
|
Size: |
8192
|
|
2187E445000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22394776751.000002187E445000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E445000
|
Size: |
57344
|
|
15090000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27433859364.0000000015090000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15090000
|
Size: |
8192
|
|
161CE106000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22383515504.00000161CE106000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE106000
|
Size: |
8192
|
|
2187D40E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22389088110.000002187D40E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D40E000
|
Size: |
131072
|
|
8349E7E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000011.00000002.25844034413.0000008349E7E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
17
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
8349E7E000
|
Size: |
8192
|
|
2187D4CE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22396640616.000002187D4CE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D4CE000
|
Size: |
4096
|
|
2187E507000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22403011690.000002187E507000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E507000
|
Size: |
36864
|
|
16029000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27449059755.0000000016029000.00000004.00000001.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
16029000
|
Size: |
28672
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
2187D410000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22389821521.000002187D410000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D410000
|
Size: |
24576
|
|
161CC2A0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.22388651740.00000161CC2A0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC2A0000
|
Size: |
36864
|
|
197E59F0000
|
unclassified section
|
page readonly
|
|
|
|
Name: |
00000011.00000002.25844301272.00000197E59F0000.00000002.10000000.00040000.00000000.sdmp
|
TargetID: |
17
|
Dumpstage: |
process exit
|
Regiontype: |
unclassified section
|
Protect: |
page readonly
|
Base address: |
197E59F0000
|
Size: |
4096
|
|
36E0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.22392248841.00000000036E0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
36E0000
|
Size: |
16384
|
|
197E5A45000
|
heap
|
page read and write
|
|
|
|
Name: |
00000011.00000002.25845061473.00000197E5A45000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
17
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
197E5A45000
|
Size: |
12288
|
|
165DA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.26447527696.00000000165DA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
165DA000
|
Size: |
4096
|
|
161CC305000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22386330469.00000161CC305000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC305000
|
Size: |
8192
|
|
2187D6FF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22388787343.000002187D6FF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D6FF000
|
Size: |
4096
|
|
5500000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27424938579.0000000005500000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5500000
|
Size: |
8192
|
|
5510000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27425147785.0000000005510000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5510000
|
Size: |
8192
|
|
A550000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27425842523.000000000A550000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
A550000
|
Size: |
53248
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
15D2B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.22443115522.0000000015D2B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15D2B000
|
Size: |
585728
|
|
2187D5DE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22392996376.000002187D5DE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D5DE000
|
Size: |
4096
|
|
5496000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27424041961.0000000005496000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5496000
|
Size: |
20480
|
|
16A60000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27454281871.0000000016A60000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
16A60000
|
Size: |
8192
|
|
2187DF60000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22401585637.000002187DF60000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187DF60000
|
Size: |
4096
|
|
15C98000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27446481933.0000000015C98000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15C98000
|
Size: |
540672
|
|
EFD000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.22391734742.0000000000EFD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
EFD000
|
Size: |
12288
|
|
2187DD80000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22401452600.000002187DD80000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187DD80000
|
Size: |
4096
|
|
157C7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.22445190587.00000000157C7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
157C7000
|
Size: |
258048
|
|
161CC2AD000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.22388786684.00000161CC2AD000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC2AD000
|
Size: |
16384
|
|
A8DD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27433148825.000000000A8DD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
A8DD000
|
Size: |
4096
|
|
161CE0FF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22383758692.00000161CE0FF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0FF000
|
Size: |
16384
|
|
2187E48B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22391402429.000002187E48B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E48B000
|
Size: |
8192
|
|
3237000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.22391965068.0000000003237000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3237000
|
Size: |
36864
|
|
161CE290000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22386955132.00000161CE290000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE290000
|
Size: |
4096
|
|
161CC306000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22386448272.00000161CC306000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC306000
|
Size: |
4096
|
|
2187B642000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22391491186.000002187B642000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187B642000
|
Size: |
16384
|
|
161CC4D0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.22389119255.00000161CC4D0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC4D0000
|
Size: |
16384
|
|
161CC28C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.22388480208.00000161CC28C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC28C000
|
Size: |
16384
|
|
161CE0BF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22384419314.00000161CE0BF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0BF000
|
Size: |
8192
|
|
A631000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27427549909.000000000A631000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
A631000
|
Size: |
12288
|
|
161CC4DE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22385859699.00000161CC4DE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC4DE000
|
Size: |
4096
|
|
15D46000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.23357048961.0000000015D46000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15D46000
|
Size: |
475136
|
|
A5D4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27426854309.000000000A5D4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
A5D4000
|
Size: |
86016
|
|
5405000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27422639228.0000000005405000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5405000
|
Size: |
319488
|
|
15DC7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.26446620304.0000000015DC7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15DC7000
|
Size: |
4096
|
|
197E5A24000
|
heap
|
page read and write
|
|
|
|
Name: |
00000011.00000002.25844728768.00000197E5A24000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
17
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
197E5A24000
|
Size: |
53248
|
|
5509000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27425047273.0000000005509000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5509000
|
Size: |
8192
|
|
197E5A13000
|
heap
|
page read and write
|
|
|
|
Name: |
00000011.00000002.25844546280.00000197E5A13000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
17
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
197E5A13000
|
Size: |
53248
|
|
2187E454000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22394359567.000002187E454000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E454000
|
Size: |
147456
|
|
161CE630000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22386914283.00000161CE630000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE630000
|
Size: |
4096
|
|
550C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27425097035.000000000550C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
550C000
|
Size: |
8192
|
|
2187D3E3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22371644244.000002187D3E3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D3E3000
|
Size: |
16384
|
|
15806000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.23360266066.0000000015806000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15806000
|
Size: |
65536
|
|
2187B642000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22386094802.000002187B642000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187B642000
|
Size: |
53248
|
|
165DB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.26446695049.00000000165DB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
165DB000
|
Size: |
53248
|
|
5470000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27423539810.0000000005470000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5470000
|
Size: |
8192
|
|
161CC291000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22385323205.00000161CC291000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC291000
|
Size: |
20480
|
|
15CE6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.23359030891.0000000015CE6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15CE6000
|
Size: |
221184
|
|
161CC2B5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22385664724.00000161CC2B5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC2B5000
|
Size: |
12288
|
|
161CC28B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22385261984.00000161CC28B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC28B000
|
Size: |
20480
|
|
15C7A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.25433431898.0000000015C7A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15C7A000
|
Size: |
118784
|
|
156AE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27442810473.00000000156AE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
156AE000
|
Size: |
8192
|
|
161CE103000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22383690334.00000161CE103000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE103000
|
Size: |
8192
|
|
15D1D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27447296314.0000000015D1D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15D1D000
|
Size: |
57344
|
|
2187D400000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22388979868.000002187D400000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D400000
|
Size: |
53248
|
|
16622000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27452350597.0000000016622000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
16622000
|
Size: |
36864
|
|
54B9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27424269357.00000000054B9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
54B9000
|
Size: |
57344
|
|
A566000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27426016691.000000000A566000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
A566000
|
Size: |
196608
|
|
15A1F000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27444850220.0000000015A1F000.00000004.00000001.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
15A1F000
|
Size: |
4096
|
|
15DC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.22498763542.0000000015DC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15DC0000
|
Size: |
8192
|
|
2187DF50000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22401546594.000002187DF50000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187DF50000
|
Size: |
4096
|
|
2187E370000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22401701021.000002187E370000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E370000
|
Size: |
4096
|
|
15DBD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.23360895218.0000000015DBD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15DBD000
|
Size: |
8192
|
|
A884000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27432559936.000000000A884000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
A884000
|
Size: |
4096
|
|
15D1D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.25434609856.0000000015D1D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15D1D000
|
Size: |
57344
|
|
A6D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27428970498.000000000A6D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
A6D0000
|
Size: |
143360
|
|
2187D413000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22399455881.000002187D413000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D413000
|
Size: |
12288
|
|
161CC4DE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.22389198402.00000161CC4DE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC4DE000
|
Size: |
4096
|
|
2187D4C7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22399727969.000002187D4C7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D4C7000
|
Size: |
12288
|
|
161CE0FF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.22389448822.00000161CE0FF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0FF000
|
Size: |
16384
|
|
161CE6A3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22386231942.00000161CE6A3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
161CE6A3000
|
Size: |
4096
|
|
A71E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27429776257.000000000A71E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
A71E000
|
Size: |
12288
|
|
161CE0BF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22385971046.00000161CE0BF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0BF000
|
Size: |
8192
|
|
161CE0B1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22384509966.00000161CE0B1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0B1000
|
Size: |
4096
|
|
1600000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27412206655.0000000001600000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1600000
|
Size: |
12288
|
|
2187E3EE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22393935378.000002187E3EE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E3EE000
|
Size: |
36864
|
|
161CC2B3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.22388887150.00000161CC2B3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC2B3000
|
Size: |
4096
|
|
12B6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000003.22384316168.00000000012B6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
12B6000
|
Size: |
4096
|
|
161CC305000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22386395170.00000161CC305000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC305000
|
Size: |
8192
|
|
2187D3F8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22373262805.000002187D3F8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D3F8000
|
Size: |
20480
|
|
15AAD000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27444918676.0000000015AAD000.00000004.00000001.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
15AAD000
|
Size: |
12288
|
|
161CC2E7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22385153255.00000161CC2E7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC2E7000
|
Size: |
12288
|
|
161CC4DB000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22384449133.00000161CC4DB000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC4DB000
|
Size: |
16384
|
|
A717000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27429694508.000000000A717000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
A717000
|
Size: |
16384
|
|
15A5D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27444876978.0000000015A5D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
15A5D000
|
Size: |
12288
|
|
15DC7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27448669202.0000000015DC7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15DC7000
|
Size: |
4096
|
|
161CE0E5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22383972507.00000161CE0E5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0E5000
|
Size: |
4096
|
|
165FA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.23356687747.00000000165FA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
165FA000
|
Size: |
36864
|
|
16678000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.26445634397.0000000016678000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
16678000
|
Size: |
8192
|
|
165D2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27452085583.00000000165D2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
165D2000
|
Size: |
36864
|
|
161CC269000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.22388203812.00000161CC269000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC269000
|
Size: |
32768
|
|
197E5CD0000
|
unclassified section
|
page readonly
|
|
|
|
Name: |
00000011.00000002.25845618188.00000197E5CD0000.00000002.10000000.00040000.00000000.sdmp
|
TargetID: |
17
|
Dumpstage: |
process exit
|
Regiontype: |
unclassified section
|
Protect: |
page readonly
|
Base address: |
197E5CD0000
|
Size: |
4096
|
|
15AEE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27444959327.0000000015AEE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
15AEE000
|
Size: |
8192
|
|
161CC297000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.22388582182.00000161CC297000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC297000
|
Size: |
32768
|
|
2187E427000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22402156709.000002187E427000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E427000
|
Size: |
32768
|
|
2F52000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000003.00000002.27412617577.0000000002F52000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
2F52000
|
Size: |
86016
|
|
16990000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27452479062.0000000016990000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
16990000
|
Size: |
835584
|
|
2187E454000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22384760975.000002187E454000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E454000
|
Size: |
147456
|
|
161CE2D0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22386763734.00000161CE2D0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE2D0000
|
Size: |
4096
|
|
15DBD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.26446539564.0000000015DBD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15DBD000
|
Size: |
20480
|
|
161CC470000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22386635898.00000161CC470000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC470000
|
Size: |
4096
|
|
15D2C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.25434767386.0000000015D2C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15D2C000
|
Size: |
4096
|
|
165C3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.23358104585.00000000165C3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
165C3000
|
Size: |
131072
|
|
2187E4D1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22402769974.000002187E4D1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E4D1000
|
Size: |
16384
|
|
2FF4000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000003.00000002.27413232857.0000000002FF4000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
2FF4000
|
Size: |
1159168
|
|
165FD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.22445588180.00000000165FD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
165FD000
|
Size: |
16384
|
|
161CE0E9000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.22389328115.00000161CE0E9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0E9000
|
Size: |
12288
|
|
15DBB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.25432891373.0000000015DBB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15DBB000
|
Size: |
4096
|
|
15D2F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27447457886.0000000015D2F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15D2F000
|
Size: |
8192
|
|
A775000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27430484261.000000000A775000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
A775000
|
Size: |
1024000
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
161CE690000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22386836018.00000161CE690000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE690000
|
Size: |
4096
|
|
5459000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27423294136.0000000005459000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5459000
|
Size: |
8192
|
|
161CC27C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22385422138.00000161CC27C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC27C000
|
Size: |
36864
|
|
1984BFE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22397517925.0000001984BFE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1984BFE000
|
Size: |
8192
|
|
2187E47B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22402721459.000002187E47B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E47B000
|
Size: |
4096
|
|
15DC9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.23359912067.0000000015DC9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15DC9000
|
Size: |
24576
|
|
15C98000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.23358603310.0000000015C98000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15C98000
|
Size: |
315392
|
|
161CE0B6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22384532252.00000161CE0B6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0B6000
|
Size: |
32768
|
|
2187E3FA000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22393989977.000002187E3FA000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E3FA000
|
Size: |
98304
|
|
15D1D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.23360649597.0000000015D1D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15D1D000
|
Size: |
57344
|
|
157C7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.22498044356.00000000157C7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
157C7000
|
Size: |
192512
|
|
2187E3C4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22401729421.000002187E3C4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E3C4000
|
Size: |
12288
|
|
15806000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.22441692429.0000000015806000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15806000
|
Size: |
98304
|
|
15D2C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27447404079.0000000015D2C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15D2C000
|
Size: |
4096
|
|
2187D3F7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22388855464.000002187D3F7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D3F7000
|
Size: |
4096
|
|
165FA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.25431515011.00000000165FA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
165FA000
|
Size: |
200704
|
|
161CE0FF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22386067781.00000161CE0FF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0FF000
|
Size: |
16384
|
|
2187E454000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22394861397.000002187E454000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E454000
|
Size: |
147456
|
|
2187E47B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22391376291.000002187E47B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E47B000
|
Size: |
4096
|
|
2187D960000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22400143642.000002187D960000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D960000
|
Size: |
4096
|
|
FAC000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27410384915.0000000000FAC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
FAC000
|
Size: |
16384
|
|
15DC9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27448724887.0000000015DC9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15DC9000
|
Size: |
24576
|
|
552B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27425447326.000000000552B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
552B000
|
Size: |
32768
|
|
2187E3EE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22401864270.000002187E3EE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E3EE000
|
Size: |
36864
|
|
E40000
|
unclassified section
|
page readonly
|
|
|
|
Name: |
00000004.00000002.22391636437.0000000000E40000.00000002.10000000.00040000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
unclassified section
|
Protect: |
page readonly
|
Base address: |
E40000
|
Size: |
4096
|
|
161CC3E0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.22389092982.00000161CC3E0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC3E0000
|
Size: |
4096
|
|
2187D4C7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22376051026.000002187D4C7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D4C7000
|
Size: |
32768
|
|
5468000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27423463770.0000000005468000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5468000
|
Size: |
12288
|
|
161CE0FE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22383604494.00000161CE0FE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0FE000
|
Size: |
28672
|
|
2187D69F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22374972968.000002187D69F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D69F000
|
Size: |
266240
|
|
5490000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27423979347.0000000005490000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5490000
|
Size: |
12288
|
|
A87D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27432512448.000000000A87D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
A87D000
|
Size: |
4096
|
|
161CE0FC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22383734984.00000161CE0FC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0FC000
|
Size: |
8192
|
|
16C0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27412283634.00000000016C0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
16C0000
|
Size: |
20480
|
|
161CE0BE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22384299448.00000161CE0BE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0BE000
|
Size: |
12288
|
|
3249000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.22392074126.0000000003249000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3249000
|
Size: |
4096
|
|
2187D6E3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22396481721.000002187D6E3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D6E3000
|
Size: |
12288
|
|
161CE0B0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.22389222521.00000161CE0B0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0B0000
|
Size: |
4096
|
|
15740000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27443034168.0000000015740000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15740000
|
Size: |
409600
|
|
15805000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27444466740.0000000015805000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15805000
|
Size: |
4096
|
|
12A44F3000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.22387677220.00000012A44F3000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
12A44F3000
|
Size: |
8192
|
|
19848FD000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22397393628.00000019848FD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
19848FD000
|
Size: |
12288
|
|
15CE8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.22444886619.0000000015CE8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15CE8000
|
Size: |
208896
|
|
2187E427000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22394104078.000002187E427000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E427000
|
Size: |
32768
|
|
2187E454000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22402505033.000002187E454000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E454000
|
Size: |
147456
|
|
161CC309000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22384742743.00000161CC309000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC309000
|
Size: |
12288
|
|
197E5A65000
|
heap
|
page read and write
|
|
|
|
Name: |
00000011.00000002.25845283336.00000197E5A65000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
17
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
197E5A65000
|
Size: |
57344
|
|
197E5A00000
|
heap
|
page read and write
|
|
|
|
Name: |
00000011.00000002.25844355596.00000197E5A00000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
17
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
197E5A00000
|
Size: |
73728
|
|
197E59C0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000011.00000002.25844238196.00000197E59C0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
17
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
197E59C0000
|
Size: |
8192
|
|
2187B64E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22398925309.000002187B64E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187B64E000
|
Size: |
4096
|
|
161CC2C3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22386978519.00000161CC2C3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC2C3000
|
Size: |
8192
|
|
54DA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27424541242.00000000054DA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
54DA000
|
Size: |
4096
|
|
15CE6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.23360386820.0000000015CE6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15CE6000
|
Size: |
221184
|
|
2187D5E0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22399921651.000002187D5E0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D5E0000
|
Size: |
4096
|
|
161CE0E9000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22385936688.00000161CE0E9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0E9000
|
Size: |
12288
|
|
A6F4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27429291637.000000000A6F4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
A6F4000
|
Size: |
102400
|
|
16590000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27451561542.0000000016590000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
16590000
|
Size: |
49152
|
|
161CE2B0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22386862325.00000161CE2B0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE2B0000
|
Size: |
4096
|
|
161CE6A1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22386277254.00000161CE6A1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
161CE6A1000
|
Size: |
4096
|
|
2187D6E3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22399962498.000002187D6E3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D6E3000
|
Size: |
12288
|
|
15BCF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27445051507.0000000015BCF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
15BCF000
|
Size: |
4096
|
|
19843B9000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22397204044.00000019843B9000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
19843B9000
|
Size: |
28672
|
|
2187D400000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22399405338.000002187D400000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D400000
|
Size: |
4096
|
|
2187E4DC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22391526829.000002187E4DC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E4DC000
|
Size: |
12288
|
|
2187D3E8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22399344021.000002187D3E8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D3E8000
|
Size: |
8192
|
|
15DC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.22443035978.0000000015DC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15DC0000
|
Size: |
8192
|
|
2187D8B0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22400123399.000002187D8B0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D8B0000
|
Size: |
4096
|
|
A724000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27429853157.000000000A724000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
A724000
|
Size: |
319488
|
|
159CE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27444817181.00000000159CE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
159CE000
|
Size: |
8192
|
|
2187E454000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22391185158.000002187E454000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E454000
|
Size: |
147456
|
|
4F50000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27415323210.0000000004F50000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F50000
|
Size: |
28672
|
|
2187D700000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22387160935.000002187D700000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D700000
|
Size: |
569344
|
|
1581E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.22441451285.000000001581E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1581E000
|
Size: |
94208
|
|
2187D6FF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22396513719.000002187D6FF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D6FF000
|
Size: |
4096
|
|
161CC450000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22386733651.00000161CC450000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC450000
|
Size: |
4096
|
|
197E5A32000
|
heap
|
page read and write
|
|
|
|
Name: |
00000011.00000002.25844854073.00000197E5A32000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
17
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
197E5A32000
|
Size: |
32768
|
|
1984CFE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22397578766.0000001984CFE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1984CFE000
|
Size: |
8192
|
|
15802000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27444441891.0000000015802000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15802000
|
Size: |
4096
|
|
197E5A54000
|
heap
|
page read and write
|
|
|
|
Name: |
00000011.00000002.25845222478.00000197E5A54000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
17
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
197E5A54000
|
Size: |
16384
|
|
54E9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27424677875.00000000054E9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
54E9000
|
Size: |
8192
|
|
2187D3EA000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22375937318.000002187D3EA000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D3EA000
|
Size: |
32768
|
|
2187DD50000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22401402448.000002187DD50000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187DD50000
|
Size: |
4096
|
|
12A4BFE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.22387937701.00000012A4BFE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
12A4BFE000
|
Size: |
8192
|
|
2187B550000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22397944698.000002187B550000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187B550000
|
Size: |
32768
|
|
2187E4E1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22402882944.000002187E4E1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E4E1000
|
Size: |
61440
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Yara signature match |
System Summary |
|
|
197E5A49000
|
heap
|
page read and write
|
|
|
|
Name: |
00000011.00000002.25845117297.00000197E5A49000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
17
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
197E5A49000
|
Size: |
40960
|
|
15B7E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27445017995.0000000015B7E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
15B7E000
|
Size: |
8192
|
|
197E5A7D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000011.00000002.25845421183.00000197E5A7D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
17
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
197E5A7D000
|
Size: |
8192
|
|
2187E4DD000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22402855207.000002187E4DD000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E4DD000
|
Size: |
8192
|
|
161CE210000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22386789091.00000161CE210000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE210000
|
Size: |
4096
|
|
A896000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27432682388.000000000A896000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
A896000
|
Size: |
237568
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
A875000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27432445065.000000000A875000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
A875000
|
Size: |
8192
|
|
161CE0C4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22385999666.00000161CE0C4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0C4000
|
Size: |
20480
|
|
553A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27425656438.000000000553A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
553A000
|
Size: |
90112
|
|
161CC30B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22386300780.00000161CC30B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC30B000
|
Size: |
4096
|
|
54C8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27424408698.00000000054C8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
54C8000
|
Size: |
49152
|
|
15DC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.22497381188.0000000015DC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15DC0000
|
Size: |
8192
|
|
13B0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27412094616.00000000013B0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
13B0000
|
Size: |
16384
|
|
1984DFE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22397634708.0000001984DFE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1984DFE000
|
Size: |
8192
|
|
3230000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.22391884594.0000000003230000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3230000
|
Size: |
20480
|
|
A6C1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27428819093.000000000A6C1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
A6C1000
|
Size: |
53248
|
|
2187D5D0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22392855945.000002187D5D0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D5D0000
|
Size: |
24576
|
|
2187E3C8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22401799244.000002187E3C8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E3C8000
|
Size: |
12288
|
|
161CE0EF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.22389365177.00000161CE0EF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0EF000
|
Size: |
45056
|
|
161CC296000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22384793079.00000161CC296000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC296000
|
Size: |
110592
|
|
157FF000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27444417869.00000000157FF000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
157FF000
|
Size: |
4096
|
|
2187D5D7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22392930076.000002187D5D7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D5D7000
|
Size: |
20480
|
|
2187D419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22399491017.000002187D419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D419000
|
Size: |
40960
|
|
165EA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.26446790391.00000000165EA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
165EA000
|
Size: |
266240
|
|
2187E47B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22384999715.000002187E47B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E47B000
|
Size: |
4096
|
|
161CC4DE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22384689525.00000161CC4DE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC4DE000
|
Size: |
4096
|
|
54AB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27424179744.00000000054AB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
54AB000
|
Size: |
28672
|
|
2187D400000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22389660153.000002187D400000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D400000
|
Size: |
4096
|
|
1581E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.22497853303.000000001581E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1581E000
|
Size: |
94208
|
|
197E62D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000011.00000002.25845701158.00000197E62D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
17
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
197E62D0000
|
Size: |
4096
|
|
2187D890000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22400102210.000002187D890000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D890000
|
Size: |
4096
|
|
161CC309000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22386471685.00000161CC309000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC309000
|
Size: |
8192
|
|
2187D416000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22389684353.000002187D416000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D416000
|
Size: |
98304
|
|
551D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27425302290.000000000551D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
551D000
|
Size: |
28672
|
|
161CC281000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22387190162.00000161CC281000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC281000
|
Size: |
16384
|
|
2187D410000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22372916134.000002187D410000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D410000
|
Size: |
122880
|
|
A900000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27433327214.000000000A900000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
A900000
|
Size: |
159744
|
|
2187E3FA000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22384279451.000002187E3FA000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E3FA000
|
Size: |
217088
|
|
161CE6A8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22386117489.00000161CE6A8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
161CE6A8000
|
Size: |
4096
|
|
161CE670000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22386887063.00000161CE670000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE670000
|
Size: |
4096
|
|
15DC9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.23357751733.0000000015DC9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15DC9000
|
Size: |
24576
|
|
161CC010000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.22388039336.00000161CC010000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC010000
|
Size: |
4096
|
|
2187E43E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22391001695.000002187E43E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E43E000
|
Size: |
24576
|
|
2187D4CD000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22389601854.000002187D4CD000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D4CD000
|
Size: |
8192
|
|
2187D4CC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22376349422.000002187D4CC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D4CC000
|
Size: |
12288
|
|
A713000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27429620285.000000000A713000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
A713000
|
Size: |
12288
|
|
2187D3E7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22370261095.000002187D3E7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D3E7000
|
Size: |
929792
|
|
2EB8000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27412336032.0000000002EB8000.00000004.00000001.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
2EB8000
|
Size: |
32768
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
1230000
|
unclassified section
|
page readonly
|
|
|
|
Name: |
00000003.00000002.27410465972.0000000001230000.00000002.10000000.00040000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
unclassified section
|
Protect: |
page readonly
|
Base address: |
1230000
|
Size: |
4096
|
|
2187B559000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22398040989.000002187B559000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187B559000
|
Size: |
32768
|
|
A646000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27427789641.000000000A646000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
A646000
|
Size: |
8192
|
|
2187D6E3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22396866894.000002187D6E3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D6E3000
|
Size: |
12288
|
|
157A9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27443913570.00000000157A9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
157A9000
|
Size: |
315392
|
|
156FE000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27442886369.00000000156FE000.00000004.00000001.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
156FE000
|
Size: |
8192
|
|
15D5B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.22498337626.0000000015D5B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15D5B000
|
Size: |
389120
|
|
2187D6FF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22375311560.000002187D6FF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D6FF000
|
Size: |
565248
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
157F6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.26447553473.00000000157F6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
157F6000
|
Size: |
32768
|
|
5479000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27423661616.0000000005479000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5479000
|
Size: |
8192
|
|
2187D4E1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22391721003.000002187D4E1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D4E1000
|
Size: |
778240
|
|
15DBD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27448523736.0000000015DBD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15DBD000
|
Size: |
20480
|
|
161CC305000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22385211449.00000161CC305000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC305000
|
Size: |
8192
|
|
2187D3FF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22373058101.000002187D3FF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D3FF000
|
Size: |
8192
|
|
2187D3F8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22376150010.000002187D3F8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D3F8000
|
Size: |
28672
|
|
2187E48B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22385047430.000002187E48B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E48B000
|
Size: |
344064
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
15D43000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.25435324694.0000000015D43000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15D43000
|
Size: |
98304
|
|
161CE0C1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22384137989.00000161CE0C1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0C1000
|
Size: |
32768
|
|
2187D5D7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22399858047.000002187D5D7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D5D7000
|
Size: |
20480
|
|
161CC286000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22385504216.00000161CC286000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC286000
|
Size: |
20480
|
|
15D32000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27447527125.0000000015D32000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15D32000
|
Size: |
28672
|
|
2F9B000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000003.00000002.27412979769.0000000002F9B000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
2F9B000
|
Size: |
8192
|
|
12A7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27410569662.00000000012A7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
12A7000
|
Size: |
684032
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
15839000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27444741542.0000000015839000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15839000
|
Size: |
24576
|
|
161CE0B6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22384361548.00000161CE0B6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0B6000
|
Size: |
32768
|
|
165FA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27452219376.00000000165FA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
165FA000
|
Size: |
36864
|
|
15DC9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.22443804303.0000000015DC9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15DC9000
|
Size: |
24576
|
|
161CE6A7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22386138250.00000161CE6A7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
161CE6A7000
|
Size: |
4096
|
|
160BA000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27449223468.00000000160BA000.00000004.00000001.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
160BA000
|
Size: |
24576
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
2187D424000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22399568082.000002187D424000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D424000
|
Size: |
8192
|
|
19843B3000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22397153896.00000019843B3000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
19843B3000
|
Size: |
16384
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
1573E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27442960600.000000001573E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1573E000
|
Size: |
8192
|
|
2187D830000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22400081328.000002187D830000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D830000
|
Size: |
4096
|
|
2187B5ED000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22398608380.000002187B5ED000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187B5ED000
|
Size: |
36864
|
|
2187D4CE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22399767193.000002187D4CE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D4CE000
|
Size: |
4096
|
|
2187B623000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22398780096.000002187B623000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187B623000
|
Size: |
12288
|
|
2F40000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27412522192.0000000002F40000.00000004.00000001.00040000.00000007.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
2F40000
|
Size: |
16384
|
|
2187E42D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22377232939.000002187E42D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E42D000
|
Size: |
8192
|
|
2187D400000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22373239184.000002187D400000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D400000
|
Size: |
4096
|
|
161CC2B3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22384976253.00000161CC2B3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC2B3000
|
Size: |
4096
|
|
15DC9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.24270794162.0000000015DC9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15DC9000
|
Size: |
24576
|
|
1662B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.26445020894.000000001662B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1662B000
|
Size: |
311296
|
|
2187E3CF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22384062189.000002187E3CF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E3CF000
|
Size: |
163840
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
161CC2B3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22385623905.00000161CC2B3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC2B3000
|
Size: |
4096
|
|
15DBD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.23359855868.0000000015DBD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15DBD000
|
Size: |
8192
|
|
161CE4C0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22386710271.00000161CE4C0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE4C0000
|
Size: |
4096
|
|
54F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27424730640.00000000054F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
54F0000
|
Size: |
8192
|
|
161CC480000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22386610361.00000161CC480000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC480000
|
Size: |
4096
|
|
161CE106000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22383647772.00000161CE106000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE106000
|
Size: |
4096
|
|
2187D3F7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22375985941.000002187D3F7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D3F7000
|
Size: |
32768
|
|
2187B623000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22390477377.000002187B623000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187B623000
|
Size: |
12288
|
|
551B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27425258189.000000000551B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
551B000
|
Size: |
4096
|
|
19846FE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22397281788.00000019846FE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
19846FE000
|
Size: |
8192
|
|
161CE2F0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22386662623.00000161CE2F0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE2F0000
|
Size: |
4096
|
|
54FD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27424886593.00000000054FD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
54FD000
|
Size: |
8192
|
|
1606D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27449158037.000000001606D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1606D000
|
Size: |
12288
|
|
16AD000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27412246284.00000000016AD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
16AD000
|
Size: |
12288
|
|
2187E43E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22394728247.000002187E43E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E43E000
|
Size: |
24576
|
|
161CC1E0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.22388108673.00000161CC1E0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC1E0000
|
Size: |
8192
|
|
15D96000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.23360727932.0000000015D96000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15D96000
|
Size: |
147456
|
|
FFC000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27410428020.0000000000FFC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
FFC000
|
Size: |
16384
|
|
2187D3FB000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22399375938.000002187D3FB000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D3FB000
|
Size: |
8192
|
|
2FA3000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000003.00000002.27413028669.0000000002FA3000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
2FA3000
|
Size: |
32768
|
|
161CC150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.22388072502.00000161CC150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC150000
|
Size: |
8192
|
|
15CE3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.23360357520.0000000015CE3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15CE3000
|
Size: |
8192
|
|
157FD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27444393790.00000000157FD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
157FD000
|
Size: |
4096
|
|
161CE0BB000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22384614376.00000161CE0BB000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0BB000
|
Size: |
12288
|
|
5534000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27425555863.0000000005534000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5534000
|
Size: |
4096
|
|
197E5A7F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000011.00000003.25843477249.00000197E5A7F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
17
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
197E5A7F000
|
Size: |
20480
|
|
197E6402000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000011.00000002.25845741400.00000197E6402000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
17
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
197E6402000
|
Size: |
4096
|
|
15545000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27442352096.0000000015545000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15545000
|
Size: |
45056
|
|
15D5B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.23359402931.0000000015D5B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15D5B000
|
Size: |
389120
|
|
2187E4E0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22395175235.000002187E4E0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E4E0000
|
Size: |
65536
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Yara signature match |
System Summary |
|
|
15DC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.22443778328.0000000015DC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15DC0000
|
Size: |
8192
|
|
53FE000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27422585536.00000000053FE000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
53FE000
|
Size: |
8192
|
|
2187E448000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22373643871.000002187E448000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187E448000
|
Size: |
688128
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
2187D4CD000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22388321698.000002187D4CD000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D4CD000
|
Size: |
8192
|
|
161CC2E7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22387012793.00000161CC2E7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC2E7000
|
Size: |
12288
|
|
15D3A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27447641931.0000000015D3A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15D3A000
|
Size: |
532480
|
|
165D2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.22496111634.00000000165D2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
165D2000
|
Size: |
180224
|
|
15DC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.23360930555.0000000015DC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15DC0000
|
Size: |
8192
|
|
161CC286000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22387228759.00000161CC286000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC286000
|
Size: |
20480
|
|
2187D080000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22399254106.000002187D080000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D080000
|
Size: |
4096
|
|
161CC2E7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22385756925.00000161CC2E7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC2E7000
|
Size: |
12288
|
|
2187D4C7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.22374925909.000002187D4C7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187D4C7000
|
Size: |
32768
|
|
161CE0E5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22385913890.00000161CE0E5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CE0E5000
|
Size: |
4096
|
|
161CC309000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.22389062027.00000161CC309000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC309000
|
Size: |
8192
|
|
161CE6A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000003.22386500888.00000161CE6A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
161CE6A0000
|
Size: |
4096
|
|
161CC2E7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.22388989897.00000161CC2E7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC2E7000
|
Size: |
12288
|
|
F40000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.27410361158.0000000000F40000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
F40000
|
Size: |
4096
|
|
165C3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.22440964430.00000000165C3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
165C3000
|
Size: |
253952
|
|
2187B4A0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.22397882540.000002187B4A0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2187B4A0000
|
Size: |
12288
|
|
161CC291000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.22388526040.00000161CC291000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
161CC291000
|
Size: |
20480
|
|
15DBD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000003.23357684254.0000000015DBD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15DBD000
|
Size: |
8192
|
|
EBD000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.22391693822.0000000000EBD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
EBD000
|
Size: |
12288
|
|