Automated Malware Analysis IOC Report for

Details

Name:	00000001.00000002.1889137660.0000000003600000.00000040.10000000.00040000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unclassified section
Protect:	page execute and read and write
Base address:	3600000
Size:	2924544

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected FormBook	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
Yara signature match	System Summary

Details

Name:	00000002.00000002.3514458968.00000000027A0000.00000040.00000001.00040000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	27A0000
Size:	2924544

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected FormBook	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
Yara signature match	System Summary

Details

Name:	00000001.00000002.1888596212.00000000005B0000.00000040.10000000.00040000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unclassified section
Protect:	page execute and read and write
Base address:	5B0000
Size:	274432

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected FormBook	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
Yara signature match	System Summary

Details

Name:	00000007.00000002.3515959197.0000000004E10000.00000040.80000000.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	system
Protect:	page execute and read and write
Base address:	4E10000
Size:	303104

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected FormBook	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
Yara signature match	System Summary

Details

Name:	00000004.00000002.3513291317.0000000000400000.00000040.80000000.00040000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	system
Protect:	page execute and read and write
Base address:	400000
Size:	274432

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected FormBook	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
Yara signature match	System Summary

Details

Name:	00000004.00000002.3514584308.0000000000800000.00000004.00000800.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	800000
Size:	274432

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected FormBook	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
Yara signature match	System Summary

Details

Name:	00000001.00000002.1888521898.0000000000400000.00000040.80000000.00040000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	system
Protect:	page execute and read and write
Base address:	400000
Size:	286720

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected FormBook	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
Yara signature match	System Summary

Details

Name:	00000004.00000002.3514539139.00000000007B0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7B0000
Size:	274432

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected FormBook	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
Yara signature match	System Summary

Details

Name:	00000002.00000002.3513935130.0000000000DA7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	DA7000
Size:	229376

Signature Hits	Behavior Group	Mitre Attack
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000002.00000000.1811498735.00000000007EE000.00000002.00000001.01000000.00000004.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7EE000
Size:	28672

Signature Hits	Behavior Group	Mitre Attack
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000008.00000002.2177904539.00000253A08C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	253A08C0000
Size:	20480

Details

Name:	00000004.00000003.2063508932.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000002.00000002.3513641469.0000000000750000.00000002.00000001.00040000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	750000
Size:	16384

Details

Name:	00000001.00000003.1795913637.0000000000613000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	613000
Size:	200704

Details

Name:	00000007.00000002.3513467889.00000000006A0000.00000002.00000001.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	6A0000
Size:	4096

Details

Name:	00000004.00000002.3513571976.000000000063C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	63C000
Size:	8192

Details

Name:	00000000.00000003.1667074309.00000000044E0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44E0000
Size:	630784

Details

Name:	00000000.00000003.1662390638.00000000044EF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44EF000
Size:	630784

Details

Name:	00000001.00000002.1888552775.000000000055E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	55E000
Size:	8192

Details

Name:	00000004.00000003.2063672070.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000007.00000000.1955017012.00000000008B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	heap
Protect:	page read and write
Base address:	8B0000
Size:	8192

Details

Name:	00000004.00000002.3513467120.00000000004FE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4FE000
Size:	8192

Details

Name:	00000000.00000003.1663343975.0000000004430000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4430000
Size:	630784

Details

Name:	00000007.00000002.3514610443.0000000002DC4000.00000004.00000001.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2DC4000
Size:	4096

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000004.00000002.3513571976.000000000062B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	62B000
Size:	12288

Details

Name:	00000004.00000003.1888834921.000000000057F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	57F000
Size:	20480

Details

Name:	00000000.00000003.1696962946.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000007.00000002.3514044792.00000000008D0000.00000004.00000001.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	8D0000
Size:	12288

Details

Name:	00000000.00000000.1658845550.0000000000400000.00000002.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	400000
Size:	4096

Details

Name:	00000007.00000000.1954832861.00000000007A0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	heap
Protect:	page read and write
Base address:	7A0000
Size:	20480

Details

Name:	00000000.00000003.1665669413.00000000044D1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44D1000
Size:	630784

Details

Name:	00000000.00000003.1695066004.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000004.00000003.2074181242.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000002.00000000.1811305534.000000000055A000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	stack
Protect:	page read and write
Base address:	55A000
Size:	24576

Details

Name:	00000008.00000002.2178041913.00000253A2203000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	253A2203000
Size:	16384

Details

Name:	00000004.00000003.1957405978.0000000000850000.00000004.00000800.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	850000
Size:	176128

Details

Name:	00000000.00000003.1695624232.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000008.00000003.2127376776.00000253A20A0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	253A20A0000
Size:	4096

Details

Name:	00000004.00000002.3514938661.0000000003042000.00000040.00001000.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	3042000
Size:	40960

Details

Name:	00000002.00000002.3513361302.000000000065C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	65C000
Size:	16384

Details

Name:	00000008.00000002.2177729717.0000008E5C5FE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	8E5C5FE000
Size:	8192

Details

Name:	00000004.00000003.2063622137.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000000.00000003.1660228572.0000000002E0D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2E0D000
Size:	757760

Details

Name:	00000007.00000000.1954877266.00000000007E0000.00000002.00000001.01000000.00000004.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7E0000
Size:	4096

Details

Name:	00000004.00000003.1888989446.000000000057F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	57F000
Size:	20480

Details

Name:	00000004.00000003.2064883648.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000000.00000003.1694753199.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000000.00000003.1663604802.00000000044D7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44D7000
Size:	630784

Details

Name:	00000004.00000002.3513571976.0000000000620000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	620000
Size:	40960

Details

Name:	00000007.00000002.3513360049.000000000064C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	64C000
Size:	16384

Details

Name:	00000004.00000003.2059524900.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000001.00000002.1888480369.0000000000190000.00000004.00000020.00040000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	190000
Size:	4096

Details

Name:	00000008.00000002.2177760541.00000253A0690000.00000040.80000000.00040000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	system
Protect:	page execute and read and write
Base address:	253A0690000
Size:	241664

Details

Name:	00000004.00000003.2063558415.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000000.00000003.1666568569.0000000004438000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4438000
Size:	630784

Details

Name:	00000001.00000002.1888759141.0000000003242000.00000040.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	3242000
Size:	40960

Details

Name:	00000000.00000003.1693365260.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000001.00000003.1793997709.0000000002E2D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2E2D000
Size:	458752

Details

Name:	00000002.00000000.1811577966.0000000000EA0000.00000002.00000001.00040000.00000000.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	EA0000
Size:	36864

Details

Name:	00000008.00000002.2178041913.00000253A2212000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	253A2212000
Size:	8192

Details

Name:	00000000.00000003.1665009943.00000000044EB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44EB000
Size:	630784

Details

Name:	00000000.00000000.1658950941.0000000000482000.00000002.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	482000
Size:	57344

Details

Name:	00000000.00000003.1661564730.0000000004189000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4189000
Size:	942080

Details

Name:	00000000.00000003.1695109756.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000000.00000003.1697156091.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000002.00000002.3513468565.00000000006B0000.00000002.00000001.00040000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	6B0000
Size:	4096

Details

Name:	00000004.00000003.2060532990.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000003.2059337213.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000008.00000002.2177874410.00000253A0890000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	253A0890000
Size:	12288

Details

Name:	00000002.00000000.1811511265.00000000007F5000.00000004.00000001.01000000.00000004.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	7F5000
Size:	8192

Details

Name:	00000000.00000003.1693732490.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000002.00000000.1811694225.00000000025A0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	heap
Protect:	page read and write
Base address:	25A0000
Size:	8192

Details

Name:	00000008.00000003.2128504485.00000253A23A6000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	253A23A6000
Size:	4096

Details

Name:	00000000.00000003.1693318774.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000004.00000003.1956886906.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000003.2060026181.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000000.00000003.1665737602.0000000004578000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4578000
Size:	630784

Details

Name:	00000004.00000003.2061375393.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000000.00000003.1665076230.0000000004436000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4436000
Size:	630784

Details

Name:	00000002.00000000.1811364839.00000000006C0000.00000004.00000020.00040000.00000000.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	heap
Protect:	page read and write
Base address:	6C0000
Size:	4096

Details

Name:	00000004.00000003.2061462428.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000007.00000002.3514610443.000000000281C000.00000004.00000001.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	281C000
Size:	4096

Details

Name:	00000004.00000002.3517346598.00000000075B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	75B1000
Size:	4096

Details

Name:	00000004.00000002.3517346598.00000000075ED000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	75ED000
Size:	20480

Details

Name:	00000001.00000002.1888759141.000000000309E000.00000040.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	309E000
Size:	1220608

Signature Hits	Behavior Group	Mitre Attack
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000004.00000003.2060739459.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000000.00000003.1661706325.0000000004199000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4199000
Size:	286720

Details

Name:	00000004.00000003.2059491589.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000008.00000002.2177904539.00000253A08DE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	253A08DE000
Size:	49152

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000007.00000002.3513539561.0000000000790000.00000004.00000001.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	790000
Size:	4096

Details

Name:	00000000.00000003.1662456375.0000000004432000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4432000
Size:	630784

Details

Name:	00000000.00000003.1695802687.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000000.00000003.1697295708.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000007.00000000.1955157401.000000000259F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	stack
Protect:	page read and write
Base address:	259F000
Size:	4096

Details

Name:	00000004.00000003.2060708247.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000007.00000002.3514399177.0000000002604000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2604000
Size:	4096

Details

Name:	00000000.00000003.1693911677.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000004.00000003.1957140496.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000003.1957076915.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000000.00000003.1666006174.00000000044E1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44E1000
Size:	630784

Details

Name:	00000000.00000003.1665529172.000000000457E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	457E000
Size:	630784

Details

Name:	00000004.00000003.2062684519.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000000.00000003.1661963300.00000000044DF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44DF000
Size:	630784

Details

Name:	00000000.00000003.1696831851.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000004.00000003.1895367413.00000000004B4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B4000
Size:	4096

Details

Name:	00000002.00000000.1811462245.00000000007CE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	stack
Protect:	page read and write
Base address:	7CE000
Size:	8192

Details

Name:	00000000.00000003.1663950298.0000000004433000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4433000
Size:	630784

Details

Name:	00000002.00000000.1811485686.00000000007E1000.00000020.00000001.01000000.00000004.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	unkown
Protect:	page execute read
Base address:	7E1000
Size:	53248

Details

Name:	00000004.00000003.2059022779.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000004.00000002.3514770794.0000000000A60000.00000040.00000800.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	A60000
Size:	94208

Details

Name:	00000000.00000003.1696201863.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000002.00000002.3513751614.00000000007E0000.00000002.00000001.01000000.00000004.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7E0000
Size:	4096

Details

Name:	00000000.00000003.1667763268.0000000004433000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4433000
Size:	630784

Details

Name:	00000004.00000003.1904112964.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	241664

Details

Name:	00000008.00000002.2177904539.00000253A08ED000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	253A08ED000
Size:	8192

Details

Name:	00000004.00000003.2059257013.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000004.00000003.2061194034.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000003.2065695531.00000000005CD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	5CD000
Size:	8192

Details

Name:	00000008.00000002.2178041913.00000253A2210000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	253A2210000
Size:	4096

Details

Name:	00000002.00000002.3513678129.0000000000770000.00000004.00000001.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	770000
Size:	4096

Details

Name:	00000000.00000003.1693688125.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000000.00000003.1713864417.0000000004430000.00000004.00001000.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	4430000
Size:	1187840

Signature Hits	Behavior Group	Mitre Attack
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000004.00000003.2057833810.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000003.2063391656.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000008.00000002.2177713742.0000008E5BDFE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	8E5BDFE000
Size:	8192

Details

Name:	00000000.00000003.1663675098.0000000004435000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4435000
Size:	630784

Details

Name:	00000000.00000003.1695153460.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000004.00000002.3513571976.00000000005CD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5CD000
Size:	8192

Details

Name:	00000001.00000003.1857355776.0000000000878000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	878000
Size:	12288

Details

Name:	00000004.00000002.3517593655.0000000007690000.00000004.00000800.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7690000
Size:	4096

Details

Name:	00000001.00000003.1793997709.0000000002E9E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2E9E000
Size:	24576

Details

Name:	00000004.00000002.3517346598.00000000075E0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	75E0000
Size:	16384

Details

Name:	00000002.00000002.3513935130.0000000000E13000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	E13000
Size:	12288

Details

Name:	00000001.00000003.1802524959.0000000000613000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	613000
Size:	69632

Details

Name:	00000004.00000003.2059712084.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000000.00000003.1666322831.0000000004437000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4437000
Size:	630784

Details

Name:	00000002.00000002.3514140223.0000000000EA0000.00000002.00000001.00040000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	EA0000
Size:	36864

Details

Name:	00000004.00000003.2062343868.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000000.00000003.1697060458.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000000.00000003.1695539032.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000008.00000003.2128468787.00000253A23BE000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	253A23BE000
Size:	12288

Details

Name:	00000002.00000000.1811401091.0000000000721000.00000002.00000001.00040000.00000000.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	721000
Size:	12288

Details

Name:	00000001.00000002.1888722204.0000000000AFF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	AFF000
Size:	4096

Details

Name:	00000000.00000003.1666866854.0000000004438000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4438000
Size:	630784

Details

Name:	00000001.00000002.1888759141.000000000302D000.00000040.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	302D000
Size:	458752

Details

Name:	00000004.00000003.1957049882.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000000.00000003.1664269352.0000000004589000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4589000
Size:	630784

Details

Name:	00000000.00000003.1694708851.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000000.00000003.1694178735.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000002.00000002.3514249419.00000000024B0000.00000002.00000001.00040000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	24B0000
Size:	925696

Details

Name:	00000000.00000003.1696114074.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000004.00000003.2059139068.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000008.00000002.2177760541.00000253A06D8000.00000040.80000000.00040000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	system
Protect:	page execute and read and write
Base address:	253A06D8000
Size:	4096

Details

Name:	00000000.00000003.1695581624.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000002.00000000.1811592874.00000000010A0000.00000002.00000001.00040000.00000000.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	10A0000
Size:	380928

Signature Hits	Behavior Group	Mitre Attack
May try to detect the Windows Explorer process (often used for injection)	HIPS / PFW / Operating System Protection Evasion	Process Injection Process Discovery

Details

Name:	00000004.00000002.3513571976.000000000060D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	60D000
Size:	16384

Details

Name:	00000000.00000003.1664739321.00000000044E0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44E0000
Size:	630784

Details

Name:	00000004.00000003.2059434543.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000004.00000003.2059945298.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000007.00000000.1954894377.00000000007E1000.00000020.00000001.01000000.00000004.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown
Protect:	page execute read
Base address:	7E1000
Size:	53248

Details

Name:	00000008.00000002.2177889911.00000253A08A0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	253A08A0000
Size:	4096

Details

Name:	00000007.00000000.1955032845.00000000008C0000.00000004.00000001.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	8C0000
Size:	4096

Details

Name:	00000000.00000003.1714978264.0000000004553000.00000004.00001000.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	4553000
Size:	507904

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	00000007.00000002.3513823806.00000000007F5000.00000004.00000001.01000000.00000004.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7F5000
Size:	8192

Details

Name:	00000000.00000003.1696877264.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000000.00000003.1667891912.000000000458F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	458F000
Size:	630784

Details

Name:	00000004.00000003.1889008201.000000000056E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	56E000
Size:	28672

Details

Name:	00000000.00000003.1698023631.000000000420B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420B000
Size:	516096

Details

Name:	00000001.00000002.1888706582.0000000000901000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	901000
Size:	4096

Details

Name:	00000004.00000003.2064307202.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000000.00000003.1694223933.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000000.00000003.1668354500.00000000044EF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44EF000
Size:	630784

Details

Name:	00000004.00000003.1888966472.000000000057E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	57E000
Size:	4096

Details

Name:	00000007.00000000.1955085159.0000000000CFF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	stack
Protect:	page read and write
Base address:	CFF000
Size:	4096

Details

Name:	00000004.00000003.2063590932.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000000.00000003.1714229190.0000000004553000.00000004.00001000.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	4553000
Size:	507904

Details

Name:	00000000.00000003.1668169560.000000000443D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	443D000
Size:	630784

Details

Name:	00000004.00000003.2059171108.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000002.00000000.1811390108.0000000000710000.00000004.00000001.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	710000
Size:	4096

Details

Name:	00000007.00000000.1954999216.0000000000890000.00000002.00000001.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	890000
Size:	16384

Details

Name:	00000000.00000003.1668636426.00000000044E5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44E5000
Size:	630784

Details

Name:	00000004.00000002.3516006037.000000000316C000.00000004.10000000.00040000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unclassified section
Protect:	page read and write
Base address:	316C000
Size:	4096

Details

Name:	00000001.00000003.1791914003.0000000000B23000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	B23000
Size:	507904

Details

Name:	00000000.00000000.1658984132.00000000004AB000.00000002.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4AB000
Size:	40960

Details

Name:	00000004.00000003.2060559825.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000003.2058519899.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000000.00000003.1693407853.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000004.00000003.1956555865.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000000.00000003.1665411765.0000000004434000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4434000
Size:	630784

Details

Name:	00000004.00000003.1956615672.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000003.2063060133.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000004.00000003.2063093045.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000000.00000003.1664384200.00000000044E5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44E5000
Size:	630784

Details

Name:	00000004.00000003.2062928988.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000000.00000003.1694619179.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000000.00000003.1714350173.00000000046FD000.00000004.00001000.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	46FD000
Size:	458752

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	00000002.00000000.1811536326.00000000009DF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	stack
Protect:	page read and write
Base address:	9DF000
Size:	4096

Details

Name:	00000004.00000003.2063189388.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000004.00000003.2062512664.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000004.00000002.3514938661.0000000002E9E000.00000040.00001000.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	2E9E000
Size:	1220608

Signature Hits	Behavior Group	Mitre Attack
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000000.00000003.1697249900.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000000.00000003.1705421805.00000000041DB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	41DB000
Size:	270336

Details

Name:	00000007.00000002.3513782803.00000000007EE000.00000002.00000001.01000000.00000004.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7EE000
Size:	28672

Signature Hits	Behavior Group	Mitre Attack
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000004.00000002.3513571976.0000000000640000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	640000
Size:	16384

Details

Name:	00000001.00000002.1888759141.0000000003029000.00000040.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	3029000
Size:	4096

Details

Name:	00000000.00000003.1662803960.0000000004579000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4579000
Size:	630784

Details

Name:	00000000.00000003.1660718582.0000000004189000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4189000
Size:	684032

Details

Name:	00000004.00000002.3513394955.0000000000490000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	490000
Size:	4096

Details

Name:	00000004.00000003.2061570506.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000001.00000003.1808736489.0000000000613000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	613000
Size:	196608

Details

Name:	00000002.00000002.3513935130.0000000000E17000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	E17000
Size:	20480

Details

Name:	00000007.00000002.3513946592.0000000000890000.00000002.00000001.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	890000
Size:	16384

Details

Name:	00000004.00000003.2058809614.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000004.00000003.2064727641.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000000.00000003.1664938668.000000000443F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	443F000
Size:	630784

Details

Name:	00000004.00000003.1889046616.0000000000579000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	579000
Size:	24576

Details

Name:	00000002.00000000.1811293840.00000000004F0000.00000002.00000001.00040000.00000000.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4F0000
Size:	4096

Details

Name:	00000001.00000003.1794962839.0000000000613000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	613000
Size:	69632

Details

Name:	00000000.00000003.1667143993.000000000443B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	443B000
Size:	630784

Details

Name:	00000004.00000003.2061428543.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000000.00000003.1693209846.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000001.00000003.1792125489.0000000000805000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	805000
Size:	49152

Details

Name:	00000007.00000002.3514610443.000000000359E000.00000004.00000001.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	359E000
Size:	4096

Details

Name:	00000004.00000003.2062993204.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000007.00000002.3516152517.0000000004FDC000.00000004.00000001.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4FDC000
Size:	16384

Details

Name:	00000001.00000002.1888508227.00000000001EE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	1EE000
Size:	8192

Details

Name:	00000000.00000003.1697531054.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000002.00000002.3514390774.0000000002790000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2790000
Size:	8192

Details

Name:	00000004.00000003.2063696912.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000007.00000000.1954983646.000000000088E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	stack
Protect:	page read and write
Base address:	88E000
Size:	8192

Details

Name:	00000007.00000000.1955117684.0000000001090000.00000002.00000001.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	1090000
Size:	380928

Signature Hits	Behavior Group	Mitre Attack
May try to detect the Windows Explorer process (often used for injection)	HIPS / PFW / Operating System Protection Evasion	Process Injection Process Discovery

Details

Name:	00000000.00000003.1695021942.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000004.00000003.2057727157.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000003.1890831614.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	65536

Details

Name:	00000004.00000003.2059410870.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000002.00000002.3513329385.000000000055A000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	55A000
Size:	24576

Details

Name:	00000000.00000003.1694043675.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000004.00000002.3517673076.0000000007CAF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7CAF000
Size:	4096

Details

Name:	00000000.00000003.1713982901.00000000046FD000.00000004.00001000.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	46FD000
Size:	458752

Details

Name:	00000004.00000003.1957191940.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000007.00000002.3514363828.00000000025DC000.00000004.00000001.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	25DC000
Size:	16384

Details

Name:	00000000.00000003.1667272963.000000000443B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	443B000
Size:	630784

Details

Name:	00000007.00000002.3513395769.0000000000680000.00000002.00000001.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	680000
Size:	4096

Details

Name:	00000004.00000002.3513571976.000000000060A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	60A000
Size:	4096

Details

Name:	00000007.00000002.3513861711.00000000007F7000.00000002.00000001.01000000.00000004.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7F7000
Size:	61440

Details

Name:	00000004.00000002.3513571976.00000000005B3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5B3000
Size:	57344

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000000.00000003.1707177300.0000000003B1C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3B1C000
Size:	630784

Details

Name:	00000002.00000000.1811282336.00000000004E0000.00000002.00000001.00040000.00000000.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4E0000
Size:	4096

Details

Name:	00000000.00000003.1694663932.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000000.00000003.1696289400.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000000.00000003.1665597324.0000000004430000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4430000
Size:	630784

Details

Name:	00000004.00000002.3513571976.00000000005D2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5D2000
Size:	8192

Signature Hits	Behavior Group	Mitre Attack
SQL strings found in memory and binary data	System Summary

Details

Name:	00000004.00000002.3516006037.0000000003112000.00000004.10000000.00040000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unclassified section
Protect:	page read and write
Base address:	3112000
Size:	12288

Details

Name:	00000004.00000003.2058685750.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000002.00000000.1811718743.0000000002794000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	heap
Protect:	page read and write
Base address:	2794000
Size:	4096

Details

Name:	00000000.00000003.1668985705.000000000443D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	443D000
Size:	630784

Details

Name:	00000004.00000003.2060882356.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000008.00000002.2178041913.00000253A2215000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	253A2215000
Size:	16384

Details

Name:	00000007.00000002.3514399177.0000000002600000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2600000
Size:	8192

Details

Name:	00000007.00000002.3514610443.0000000003A54000.00000004.00000001.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3A54000
Size:	4096

Details

Name:	00000004.00000003.2058960730.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000000.00000003.1661461706.0000000003B10000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3B10000
Size:	778240

Details

Name:	00000004.00000003.1956816616.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000000.00000003.1705452640.00000000041AE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	41AE000
Size:	184320

Details

Name:	00000008.00000002.2177904539.00000253A08D1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	253A08D1000
Size:	40960

Details

Name:	00000004.00000003.1899349119.0000000000850000.00000004.00000800.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	850000
Size:	172032

Details

Name:	00000000.00000003.1695756906.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000000.00000003.1667820830.00000000044DC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44DC000
Size:	630784

Details

Name:	00000004.00000002.3516006037.0000000004080000.00000004.10000000.00040000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unclassified section
Protect:	page read and write
Base address:	4080000
Size:	4096

Details

Name:	00000004.00000002.3513571976.00000000005DF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5DF000
Size:	4096

Details

Name:	00000000.00000003.1714978264.0000000004430000.00000004.00001000.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	4430000
Size:	1187840

Details

Name:	00000001.00000002.1888759141.0000000002F00000.00000040.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	2F00000
Size:	1208320

Signature Hits	Behavior Group	Mitre Attack
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000007.00000002.3513639331.00000000007B1000.00000002.00000001.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7B1000
Size:	12288

Details

Name:	00000004.00000003.2062473978.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000007.00000000.1954846732.00000000007B1000.00000002.00000001.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7B1000
Size:	12288

Details

Name:	00000002.00000002.3513714579.0000000000780000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	780000
Size:	20480

Details

Name:	00000004.00000003.2059106325.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000004.00000003.1888853789.000000000056E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	56E000
Size:	28672

Details

Name:	00000004.00000003.2059648634.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000001.00000003.1856978950.000000000081A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	81A000
Size:	151552

Signature Hits	Behavior Group	Mitre Attack
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000002.00000002.3514458968.0000000002AE9000.00000040.00000001.00040000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2AE9000
Size:	524288

Details

Name:	00000004.00000003.2058989185.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000000.00000003.1662737105.00000000044D4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44D4000
Size:	630784

Details

Name:	00000000.00000003.1695937752.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000004.00000002.3513571976.0000000000573000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	573000
Size:	73728

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000004.00000003.2068096181.00000000005FF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	5FF000
Size:	4096

Details

Name:	00000000.00000003.1663276861.00000000044EE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44EE000
Size:	630784

Details

Name:	00000000.00000003.1696469279.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000001.00000003.1796610630.0000000000613000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	613000
Size:	241664

Details

Name:	00000004.00000003.1895382297.00000000004B4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B4000
Size:	4096

Details

Name:	00000004.00000003.1956720950.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000008.00000002.2176596569.00000000208FC000.00000004.80000000.00040000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	system
Protect:	page read and write
Base address:	208FC000
Size:	53248

Signature Hits	Behavior Group	Mitre Attack
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000000.00000003.1696606227.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000004.00000003.2063289259.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000000.00000003.1664855983.00000000044E6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44E6000
Size:	630784

Details

Name:	00000004.00000002.3513571976.0000000000655000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	655000
Size:	40960

Details

Name:	00000000.00000003.1693595091.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000007.00000000.1954859914.00000000007C0000.00000004.00000001.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	7C0000
Size:	4096

Details

Name:	00000004.00000003.2060809941.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000002.3514938661.0000000002FD1000.00000040.00001000.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	2FD1000
Size:	458752

Details

Name:	00000000.00000003.1662671068.0000000004434000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4434000
Size:	630784

Details

Name:	00000004.00000003.2058610784.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000000.00000003.1695981092.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000004.00000002.3514725507.00000000009B0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	9B0000
Size:	94208

Details

Name:	00000002.00000000.1811449609.0000000000780000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	heap
Protect:	page read and write
Base address:	780000
Size:	20480

Details

Name:	00000000.00000003.1699217046.0000000004200000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4200000
Size:	520192

Details

Name:	00000002.00000000.1811341991.00000000006A0000.00000002.00000001.00040000.00000000.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	6A0000
Size:	4096

Details

Name:	00000004.00000003.2058067838.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000000.00000003.1667571365.00000000044E0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44E0000
Size:	630784

Details

Name:	00000007.00000002.3514284568.0000000000D00000.00000002.00000001.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	D00000
Size:	36864

Details

Name:	00000000.00000003.1668569280.000000000443E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	443E000
Size:	630784

Details

Name:	00000008.00000003.2127317608.00000253A20A0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	253A20A0000
Size:	4096

Details

Name:	00000004.00000002.3516006037.0000000003EEE000.00000004.10000000.00040000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unclassified section
Protect:	page read and write
Base address:	3EEE000
Size:	4096

Details

Name:	00000000.00000003.1714725972.000000000476E000.00000004.00001000.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	476E000
Size:	24576

Details

Name:	00000000.00000003.1667705346.00000000044DD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44DD000
Size:	630784

Details

Name:	00000004.00000003.2061245267.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000000.00000003.1665339807.0000000004579000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4579000
Size:	630784

Details

Name:	00000007.00000002.3514204465.00000000009E0000.00000004.00000001.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	9E0000
Size:	4096

Details

Name:	00000004.00000003.2064375016.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000004.00000002.3516006037.0000000003714000.00000004.10000000.00040000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unclassified section
Protect:	page read and write
Base address:	3714000
Size:	4096

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000001.00000002.1888568108.0000000000560000.00000004.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page read and write
Base address:	560000
Size:	274432

Details

Name:	00000000.00000003.1663762361.00000000044D3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44D3000
Size:	630784

Details

Name:	00000000.00000003.1703331762.00000000041DB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	41DB000
Size:	626688

Details

Name:	00000007.00000000.1954665568.00000000004C0000.00000002.00000001.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4C0000
Size:	4096

Details

Name:	00000007.00000002.3514069598.00000000008FF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	8FF000
Size:	45056

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000004.00000003.1890606069.0000000002C7D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2C7D000
Size:	458752

Details

Name:	00000000.00000003.1693269961.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000000.00000003.1693642505.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000007.00000000.1954793915.00000000006A0000.00000002.00000001.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	6A0000
Size:	4096

Details

Name:	00000001.00000003.1856978950.0000000000878000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	878000
Size:	12288

Details

Name:	00000002.00000002.3513502524.00000000006C0000.00000004.00000020.00040000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6C0000
Size:	4096

Details

Name:	00000004.00000003.1957260219.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000002.3517346598.00000000075D6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	75D6000
Size:	16384

Details

Name:	00000001.00000002.1888686247.0000000000812000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	812000
Size:	24576

Details

Name:	00000000.00000003.1696245351.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000004.00000003.2061965450.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000003.2060500966.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000000.00000003.1666693964.0000000004431000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4431000
Size:	630784

Details

Name:	00000000.00000003.1663409918.00000000044DE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44DE000
Size:	630784

Details

Name:	00000004.00000003.2058709425.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000004.00000003.2061026143.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000000.00000003.1668425082.0000000004436000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4436000
Size:	630784

Details

Name:	00000000.00000003.1664015754.00000000044DB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44DB000
Size:	630784

Details

Name:	00000000.00000003.1697621775.000000000420D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420D000
Size:	516096

Details

Name:	00000004.00000003.2058488376.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000001.00000002.1888453771.0000000000140000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	140000
Size:	4096

Details

Name:	00000001.00000002.1888739335.0000000000BFF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	BFF000
Size:	4096

Details

Name:	00000007.00000002.3514610443.00000000030E8000.00000004.00000001.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	30E8000
Size:	4096

Details

Name:	00000004.00000003.2058895714.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000003.2062588669.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000004.00000003.1888896129.0000000000579000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	579000
Size:	24576

Details

Name:	00000008.00000002.2178041913.00000253A2221000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	253A2221000
Size:	4096

Details

Name:	00000000.00000003.1713982901.000000000476E000.00000004.00001000.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	476E000
Size:	24576

Details

Name:	00000007.00000002.3513676051.00000000007C0000.00000004.00000001.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7C0000
Size:	4096

Details

Name:	00000007.00000000.1954706637.00000000004E0000.00000002.00000001.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4E0000
Size:	4096

Details

Name:	00000000.00000003.1662322056.0000000004439000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4439000
Size:	630784

Details

Name:	00000000.00000003.1666959868.00000000044E0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44E0000
Size:	630784

Details

Name:	00000001.00000003.1856978950.0000000000849000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	849000
Size:	155648

Signature Hits	Behavior Group	Mitre Attack
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000000.00000003.1667012853.000000000443A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	443A000
Size:	630784

Details

Name:	00000004.00000003.2063154971.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000004.00000002.3517631781.0000000007890000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7890000
Size:	4096

Details

Name:	00000000.00000003.1668496704.00000000044ED000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44ED000
Size:	630784

Details

Name:	00000008.00000002.2178015516.00000253A2100000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	253A2100000
Size:	4096

Details

Name:	00000000.00000003.1694355299.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000002.00000000.1811474598.00000000007E0000.00000002.00000001.01000000.00000004.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7E0000
Size:	4096

Details

Name:	00000000.00000003.1667509248.000000000443D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	443D000
Size:	630784

Details

Name:	00000007.00000000.1955046985.00000000008E7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	heap
Protect:	page read and write
Base address:	8E7000
Size:	81920

Details

Name:	00000002.00000000.1811548383.0000000000DA7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	heap
Protect:	page read and write
Base address:	DA7000
Size:	81920

Details

Name:	00000007.00000002.3514069598.000000000090B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	90B000
Size:	24576

Details

Name:	00000001.00000003.1857355776.0000000000849000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	849000
Size:	155648

Details

Name:	00000008.00000002.2177904539.00000253A08C7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	253A08C7000
Size:	36864

Details

Name:	00000004.00000003.2063256017.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000000.00000003.1666816680.0000000004586000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4586000
Size:	630784

Details

Name:	00000000.00000003.1695893761.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000000.00000003.1694088191.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000007.00000000.1955271825.0000000002702000.00000004.00000001.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2702000
Size:	4096

Details

Name:	00000002.00000002.3513859554.00000000007F5000.00000004.00000001.01000000.00000004.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7F5000
Size:	8192

Details

Name:	00000004.00000003.1889099236.0000000000579000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	579000
Size:	24576

Details

Name:	00000004.00000002.3513250479.00000000001C8000.00000004.00000010.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	1C8000
Size:	32768

Details

Name:	00000004.00000002.3516006037.00000000043A4000.00000004.10000000.00040000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unclassified section
Protect:	page read and write
Base address:	43A4000
Size:	4096

Details

Name:	00000004.00000003.2062894453.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000007.00000000.1954767832.0000000000680000.00000002.00000001.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	680000
Size:	4096

Details

Name:	00000000.00000003.1695197878.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000004.00000002.3513534906.0000000000540000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	540000
Size:	4096

Details

Name:	00000008.00000002.2177904539.00000253A08F2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	253A08F2000
Size:	4096

Details

Name:	00000002.00000002.3513252149.00000000004E0000.00000002.00000001.00040000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	4E0000
Size:	4096

Details

Name:	00000000.00000003.1695242125.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000000.00000003.1666630016.00000000044E3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44E3000
Size:	630784

Details

Name:	00000000.00000003.1697769260.000000000420C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420C000
Size:	520192

Details

Name:	00000004.00000003.2074137551.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000003.2058759012.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000007.00000000.1954780913.0000000000690000.00000002.00000001.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	690000
Size:	4096

Details

Name:	00000002.00000000.1811706922.00000000026AF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	stack
Protect:	page read and write
Base address:	26AF000
Size:	4096

Details

Name:	00000000.00000003.1661336268.00000000041DB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	41DB000
Size:	520192

Details

Name:	00000000.00000003.1697108900.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000002.00000000.1811157379.00000000004D0000.00000002.00000001.00040000.00000000.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4D0000
Size:	4096

Details

Name:	00000008.00000002.2177843448.00000253A0770000.00000004.00000020.00040000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	253A0770000
Size:	4096

Details

Name:	00000004.00000003.2058408231.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000000.00000003.1696158059.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000004.00000003.2068096181.00000000005FD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	5FD000
Size:	4096

Details

Name:	00000004.00000003.1895440142.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000003.1956952018.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000003.1888639333.00000000008B7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B7000
Size:	1187840

Signature Hits	Behavior Group	Mitre Attack
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000004.00000002.3517346598.00000000075E9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	75E9000
Size:	12288

Details

Name:	00000007.00000002.3513502993.00000000006B0000.00000004.00000020.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6B0000
Size:	4096

Details

Name:	00000000.00000003.1694843718.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000007.00000002.3514610443.0000000002F56000.00000004.00000001.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2F56000
Size:	8192

Details

Name:	00000000.00000003.1664441927.0000000004436000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4436000
Size:	630784

Details

Name:	00000008.00000003.2127913698.00000253A2300000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	253A2300000
Size:	4096

Details

Name:	00000007.00000000.1955100763.0000000000D00000.00000002.00000001.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	D00000
Size:	36864

Details

Name:	00000004.00000003.2059810683.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000003.2063647568.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000007.00000002.3515959197.0000000004E7F000.00000040.80000000.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	system
Protect:	page execute and read and write
Base address:	4E7F000
Size:	8192

Details

Name:	00000004.00000003.2063222871.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000004.00000003.2063424209.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000002.3513571976.0000000000613000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	613000
Size:	12288

Details

Name:	00000004.00000003.2059557797.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000004.00000003.2064423133.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000002.3517346598.00000000075AB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	75AB000
Size:	8192

Details

Name:	00000007.00000002.3514610443.0000000003730000.00000004.00000001.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3730000
Size:	4096

Details

Name:	00000004.00000002.3514938661.0000000002E2D000.00000040.00001000.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	2E2D000
Size:	458752

Details

Name:	00000004.00000002.3517612525.00000000076A0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	76A0000
Size:	4096

Details

Name:	00000004.00000002.3513571976.00000000005C2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5C2000
Size:	4096

Details

Name:	00000004.00000003.2061653577.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000000.00000003.1713982901.00000000046F9000.00000004.00001000.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	46F9000
Size:	4096

Details

Name:	00000001.00000002.1888665957.0000000000800000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	800000
Size:	45056

Details

Name:	00000000.00000003.1660473948.0000000003B1A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3B1A000
Size:	2183168

Details

Name:	00000007.00000002.3514069598.00000000008E7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	8E7000
Size:	81920

Details

Name:	00000004.00000003.2062860937.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000003.1956668736.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000003.1890606069.0000000002CEE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2CEE000
Size:	24576

Details

Name:	00000004.00000003.2063533763.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000001.00000003.1805951417.00000000005B0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	5B0000
Size:	176128

Details

Name:	00000004.00000003.2059073033.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000004.00000003.2058546763.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000002.00000002.3513820738.00000000007EE000.00000002.00000001.01000000.00000004.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7EE000
Size:	28672

Details

Name:	00000000.00000003.1664327479.000000000443D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	443D000
Size:	630784

Details

Name:	00000000.00000003.1693779269.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000000.00000003.1694975968.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000007.00000002.3513749988.00000000007E1000.00000020.00000001.01000000.00000004.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute read
Base address:	7E1000
Size:	53248

Details

Name:	00000008.00000002.2177744962.0000008E5CDFE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	8E5CDFE000
Size:	8192

Details

Name:	00000004.00000002.3513571976.0000000000590000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	590000
Size:	139264

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000000.00000003.1695331804.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000004.00000003.2061624206.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000000.00000003.1661890261.0000000004431000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4431000
Size:	630784

Details

Name:	00000004.00000002.3514875887.0000000002BCE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2BCE000
Size:	8192

Details

Name:	00000001.00000003.1806019649.0000000000613000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	613000
Size:	69632

Details

Name:	00000000.00000003.1696068720.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000000.00000003.1666270463.00000000044E7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44E7000
Size:	630784

Details

Name:	00000000.00000003.1694797391.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000004.00000003.2060614151.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000000.00000003.1697576585.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	512000

Details

Name:	00000004.00000002.3516006037.0000000003052000.00000004.10000000.00040000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unclassified section
Protect:	page read and write
Base address:	3052000
Size:	4096

Details

Name:	00000001.00000003.1792142564.0000000000817000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	817000
Size:	20480

Details

Name:	00000000.00000003.1693867893.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000007.00000002.3515959197.0000000004ED6000.00000040.80000000.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	system
Protect:	page execute and read and write
Base address:	4ED6000
Size:	4096

Details

Name:	00000004.00000003.2062118139.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000002.3517346598.00000000075B6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	75B6000
Size:	12288

Details

Name:	00000007.00000002.3514234511.0000000000AB3000.00000004.00000001.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	AB3000
Size:	4096

Details

Name:	00000002.00000000.1811330486.0000000000690000.00000002.00000001.00040000.00000000.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	690000
Size:	4096

Details

Name:	00000004.00000003.2058579175.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000000.00000003.1694531142.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000004.00000003.2063457680.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000000.00000003.1665876889.00000000044EA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44EA000
Size:	630784

Details

Name:	00000007.00000002.3514610443.000000000327A000.00000004.00000001.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	327A000
Size:	4096

Details

Name:	00000004.00000003.1957010913.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000001.00000002.1888467503.0000000000160000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	160000
Size:	4096

Details

Name:	00000000.00000000.1658967515.0000000000490000.00000008.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown
Protect:	page write copy
Base address:	490000
Size:	12288

Details

Name:	00000004.00000003.2060774117.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000003.2059387473.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000007.00000002.3514458626.0000000002610000.00000002.00000001.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2610000
Size:	925696

Details

Name:	00000004.00000003.2061287330.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000000.00000003.1714350173.00000000046F9000.00000004.00001000.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	46F9000
Size:	4096

Details

Name:	00000004.00000002.3517346598.00000000075BB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	75BB000
Size:	8192

Details

Name:	00000004.00000002.3513571976.00000000005E6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5E6000
Size:	12288

Details

Name:	00000000.00000003.1714725972.00000000045D0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	45D0000
Size:	1196032

Signature Hits	Behavior Group	Mitre Attack
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000004.00000003.2065695531.00000000005DC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	5DC000
Size:	4096

Details

Name:	00000004.00000002.3516006037.0000000003D5C000.00000004.10000000.00040000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unclassified section
Protect:	page read and write
Base address:	3D5C000
Size:	4096

Details

Name:	00000007.00000000.1955046985.00000000008E0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	heap
Protect:	page read and write
Base address:	8E0000
Size:	20480

Details

Name:	00000001.00000003.1856978950.0000000000875000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	875000
Size:	8192

Details

Name:	00000007.00000002.3514610443.00000000029DC000.00000004.00000001.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	29DC000
Size:	53248

Signature Hits	Behavior Group	Mitre Attack
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000004.00000002.3513357736.0000000000480000.00000004.00000020.00040000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	480000
Size:	4096

Details

Name:	00000007.00000000.1954820418.0000000000790000.00000004.00000001.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	790000
Size:	4096

Details

Name:	00000001.00000003.1857355776.0000000000875000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	875000
Size:	8192

Details

Name:	00000007.00000002.3513431825.0000000000690000.00000002.00000001.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	690000
Size:	4096

Details

Name:	00000008.00000002.2176596569.00000000206E2000.00000004.80000000.00040000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	system
Protect:	page read and write
Base address:	206E2000
Size:	12288

Details

Name:	00000000.00000003.1694886395.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000004.00000002.3513571976.00000000005E1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5E1000
Size:	12288

Details

Name:	00000000.00000003.1714725972.00000000046FD000.00000004.00001000.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	46FD000
Size:	458752

Details

Name:	00000000.00000003.1697438485.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000002.00000000.1811424599.0000000000750000.00000002.00000001.00040000.00000000.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	750000
Size:	16384

Details

Name:	00000004.00000003.2061494426.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000003.2065695531.00000000005E6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	5E6000
Size:	12288

Details

Name:	00000002.00000002.3513935130.0000000000DA0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	DA0000
Size:	20480

Details

Name:	00000000.00000003.1713982901.00000000045D0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	45D0000
Size:	1196032

Details

Name:	00000001.00000003.1808607314.0000000000613000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	613000
Size:	69632

Details

Name:	00000008.00000003.2128449445.00000253A23CE000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	253A23CE000
Size:	4096

Details

Name:	00000001.00000002.1888759141.00000000031CD000.00000040.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	31CD000
Size:	4096

Details

Name:	00000000.00000000.1658859394.0000000000401000.00000020.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown
Protect:	page execute read
Base address:	401000
Size:	524288

Details

Name:	00000004.00000002.3517346598.00000000075BE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	75BE000
Size:	16384

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000000.00000003.1696561893.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000001.00000003.1856978950.0000000000843000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	843000
Size:	20480

Details

Name:	00000004.00000003.2059048594.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000001.00000003.1857355776.0000000000873000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	873000
Size:	4096

Details

Name:	00000000.00000003.1665476784.00000000044D3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44D3000
Size:	630784

Details

Name:	00000000.00000003.1694930713.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000000.00000003.1694487747.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000004.00000003.2059458500.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000008.00000003.2128468787.00000253A23C4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	253A23C4000
Size:	24576

Details

Name:	00000004.00000003.2065695531.00000000005D2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	5D2000
Size:	8192

Details

Name:	00000007.00000002.3514251023.0000000000CFF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	CFF000
Size:	4096

Details

Name:	00000000.00000003.1696742337.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000004.00000003.2057806248.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000001.00000003.1793997709.0000000002E29000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2E29000
Size:	4096

Details

Name:	00000004.00000003.2058283448.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000002.3517346598.00000000075CA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	75CA000
Size:	32768

Details

Name:	00000004.00000003.2065695531.00000000005DF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	5DF000
Size:	4096

Details

Name:	00000008.00000002.2176596569.000000002073C000.00000004.80000000.00040000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	system
Protect:	page read and write
Base address:	2073C000
Size:	4096

Details

Name:	00000004.00000003.2063125499.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000000.00000003.1662880702.000000000443F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	443F000
Size:	630784

Details

Name:	00000000.00000003.1666139633.00000000044EF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44EF000
Size:	630784

Details

Name:	00000000.00000003.1694267876.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000008.00000002.2178028871.00000253A2200000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	253A2200000
Size:	4096

Details

Name:	00000000.00000003.1698364969.0000000004207000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4207000
Size:	516096

Details

Name:	00000004.00000002.3517346598.00000000075A1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	75A1000
Size:	28672

Details

Name:	00000000.00000003.1662252206.00000000044E0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44E0000
Size:	630784

Details

Name:	00000000.00000003.1668295505.0000000004438000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4438000
Size:	630784

Details

Name:	00000000.00000003.1695667614.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000004.00000003.2057888330.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000002.00000000.1811438203.0000000000770000.00000004.00000001.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	770000
Size:	4096

Details

Name:	00000004.00000003.2058861523.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000002.3513571976.00000000005F3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5F3000
Size:	28672

Signature Hits	Behavior Group	Mitre Attack
SQL strings found in memory and binary data	System Summary

Details

Name:	00000007.00000002.3513248869.00000000004D0000.00000002.00000001.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	4D0000
Size:	4096

Details

Name:	00000004.00000002.3514831295.0000000002B8D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2B8D000
Size:	12288

Details

Name:	00000002.00000002.3513935130.0000000000DE4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	DE4000
Size:	172032

Signature Hits	Behavior Group	Mitre Attack
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000004.00000003.2064047167.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000000.00000003.1697343484.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000004.00000003.2058635805.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000000.00000003.1714600495.0000000004553000.00000004.00001000.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	4553000
Size:	507904

Details

Name:	00000000.00000003.1713864417.0000000004553000.00000004.00001000.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	4553000
Size:	507904

Details

Name:	00000000.00000003.1662184149.000000000443D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	443D000
Size:	630784

Details

Name:	00000007.00000002.3514610443.0000000002702000.00000004.00000001.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2702000
Size:	4096

Details

Name:	00000004.00000002.3517346598.00000000075E5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	75E5000
Size:	8192

Details

Name:	00000004.00000003.2058352120.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000000.00000003.1668702128.000000000443D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	443D000
Size:	630784

Details

Name:	00000004.00000002.3517652403.0000000007C6E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7C6E000
Size:	8192

Details

Name:	00000004.00000003.2061061945.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000008.00000002.2177760541.00000253A06DA000.00000040.80000000.00040000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	system
Protect:	page execute and read and write
Base address:	253A06DA000
Size:	4096

Details

Name:	00000004.00000003.1957287363.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000003.2061908237.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000002.3513571976.0000000000636000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	636000
Size:	8192

Details

Name:	00000004.00000002.3513170388.000000000018B000.00000004.00000010.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	18B000
Size:	20480

Details

Name:	00000000.00000003.1693453876.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000008.00000002.2177904539.00000253A08F5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	253A08F5000
Size:	20480

Details

Name:	00000004.00000003.1888639333.00000000009DA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	9DA000
Size:	512000

Details

Name:	00000000.00000003.1697390402.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000001.00000003.1795221059.0000000000613000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	613000
Size:	135168

Details

Name:	00000004.00000003.1957231193.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000007.00000002.3513571227.00000000007A0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7A0000
Size:	16384

Details

Name:	00000007.00000000.1955172020.0000000002604000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	heap
Protect:	page read and write
Base address:	2604000
Size:	4096

Details

Name:	00000004.00000003.1957342038.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000003.2059305907.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000007.00000000.1954806463.00000000006B0000.00000004.00000020.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	heap
Protect:	page read and write
Base address:	6B0000
Size:	4096

Details

Name:	00000004.00000003.1956642666.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000001.00000003.1802237740.00000000001B0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	1B0000
Size:	176128

Details

Name:	00000001.00000002.1889137660.0000000003949000.00000040.10000000.00040000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unclassified section
Protect:	page execute and read and write
Base address:	3949000
Size:	524288

Details

Name:	00000007.00000002.3513571227.00000000007A5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7A5000
Size:	12288

Details

Name:	00000002.00000000.1811353009.00000000006B0000.00000002.00000001.00040000.00000000.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	6B0000
Size:	4096

Details

Name:	00000004.00000003.2058732983.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000000.00000003.1668235243.00000000044EA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44EA000
Size:	630784

Details

Name:	00000004.00000003.1957314609.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000000.00000003.1715101401.00000000046F9000.00000004.00001000.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	46F9000
Size:	4096

Details

Name:	00000000.00000003.1663154447.000000000458E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	458E000
Size:	630784

Details

Name:	00000007.00000002.3515959197.0000000004E73000.00000040.80000000.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	system
Protect:	page execute and read and write
Base address:	4E73000
Size:	4096

Details

Name:	00000004.00000003.2059206227.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000004.00000002.3516006037.0000000003BCA000.00000004.10000000.00040000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unclassified section
Protect:	page read and write
Base address:	3BCA000
Size:	4096

Details

Name:	00000004.00000003.2063357754.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000001.00000002.1888438864.000000000010B000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	10B000
Size:	20480

Details

Name:	00000004.00000002.3516006037.00000000038A6000.00000004.10000000.00040000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unclassified section
Protect:	page read and write
Base address:	38A6000
Size:	8192

Details

Name:	00000000.00000003.1696514916.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000004.00000003.2074060932.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000004.00000002.3513571976.000000000056A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	56A000
Size:	28672

Details

Name:	00000004.00000002.3516006037.0000000003A38000.00000004.10000000.00040000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unclassified section
Protect:	page read and write
Base address:	3A38000
Size:	4096

Details

Name:	00000007.00000002.3513991696.00000000008B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	8B0000
Size:	12288

Details

Name:	00000004.00000003.2062215749.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000001.00000003.1806302370.0000000000613000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	613000
Size:	241664

Details

Name:	00000004.00000002.3514938661.0000000002FCD000.00000040.00001000.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	2FCD000
Size:	4096

Details

Name:	00000002.00000000.1811412825.0000000000730000.00000004.00000001.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	730000
Size:	4096

Details

Name:	00000007.00000002.3513165896.00000000004C0000.00000002.00000001.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	4C0000
Size:	4096

Details

Name:	00000000.00000003.1714350173.000000000476E000.00000004.00001000.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	476E000
Size:	24576

Details

Name:	00000002.00000002.3513290634.00000000004F0000.00000002.00000001.00040000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	4F0000
Size:	4096

Details

Name:	00000000.00000003.1715101401.00000000046FD000.00000004.00001000.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	46FD000
Size:	167936

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	00000004.00000003.1904184885.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000000.00000003.1696422386.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000004.00000003.1890606069.0000000002C79000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2C79000
Size:	4096

Details

Name:	00000004.00000003.1956695184.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000003.1888853789.0000000000579000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	579000
Size:	24576

Details

Name:	00000002.00000000.1811627272.00000000024B0000.00000002.00000001.00040000.00000000.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	24B0000
Size:	925696

Details

Name:	00000000.00000003.1668773858.00000000044EC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44EC000
Size:	630784

Details

Name:	00000002.00000000.1811522562.00000000007F7000.00000002.00000001.01000000.00000004.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7F7000
Size:	61440

Details

Name:	00000000.00000003.1663823790.0000000004432000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4432000
Size:	630784

Details

Name:	00000004.00000003.2058309751.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000007.00000002.3514069598.00000000008E0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	8E0000
Size:	20480

Details

Name:	00000002.00000002.3513573352.0000000000721000.00000002.00000001.00040000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	721000
Size:	12288

Details

Name:	00000000.00000003.1696786750.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000004.00000003.2061692832.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000003.2063484037.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000001.00000003.1802643802.0000000000613000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	613000
Size:	200704

Details

Name:	00000007.00000000.1955202920.0000000002610000.00000002.00000001.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2610000
Size:	925696

Details

Name:	00000007.00000000.1955172020.0000000002600000.00000004.00000020.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	heap
Protect:	page read and write
Base address:	2600000
Size:	8192

Details

Name:	00000004.00000003.1894820667.00000000007B0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7B0000
Size:	172032

Details

Name:	00000000.00000003.1715101401.00000000045D0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	45D0000
Size:	1196032

Details

Name:	00000004.00000003.1888896129.0000000000574000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	574000
Size:	4096

Details

Name:	00000002.00000002.3513166180.00000000004D0000.00000002.00000001.00040000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	4D0000
Size:	4096

Details

Name:	00000000.00000003.1665810665.0000000004439000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4439000
Size:	630784

Details

Name:	00000001.00000003.1802719736.0000000000613000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	613000
Size:	241664

Details

Name:	00000000.00000003.1697011341.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000004.00000003.2062818873.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000000.00000003.1693999613.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000004.00000003.1957165968.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000003.2058931103.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000002.3514938661.0000000002D00000.00000040.00001000.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	2D00000
Size:	1208320

Signature Hits	Behavior Group	Mitre Attack
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000002.00000000.1811548383.0000000000DA0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	heap
Protect:	page read and write
Base address:	DA0000
Size:	20480

Details

Name:	00000007.00000000.1955271825.00000000029DC000.00000004.00000001.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	29DC000
Size:	53248

Details

Name:	00000000.00000003.1663880985.00000000044DB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44DB000
Size:	630784

Details

Name:	00000000.00000003.1664082060.0000000004589000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4589000
Size:	630784

Details

Name:	00000002.00000002.3513896634.00000000007F7000.00000002.00000001.01000000.00000004.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7F7000
Size:	61440

Details

Name:	00000004.00000003.2063744677.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000004.00000003.2063027396.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000000.00000003.1694399099.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000000.00000003.1663222528.0000000004437000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4437000
Size:	630784

Details

Name:	00000000.00000003.1694133270.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000002.00000002.3514390774.0000000002794000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2794000
Size:	4096

Details

Name:	00000004.00000002.3514684452.00000000008B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	8B0000
Size:	4096

Details

Name:	00000002.00000002.3513537139.0000000000710000.00000004.00000001.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	710000
Size:	4096

Details

Name:	00000001.00000003.1806205382.0000000000613000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	613000
Size:	200704

Details

Name:	00000004.00000002.3517346598.00000000075DD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	75DD000
Size:	4096

Details

Name:	00000004.00000002.3513571976.00000000005DC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5DC000
Size:	4096

Details

Name:	00000000.00000003.1667458034.00000000044E0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44E0000
Size:	630784

Details

Name:	00000007.00000000.1954914111.00000000007EE000.00000002.00000001.01000000.00000004.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7EE000
Size:	28672

Details

Name:	00000000.00000003.1662523935.00000000044D7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44D7000
Size:	630784

Details

Name:	00000002.00000002.3514367926.00000000025A0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	25A0000
Size:	8192

Details

Name:	00000001.00000003.1791914003.0000000000A00000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	A00000
Size:	1187840

Signature Hits	Behavior Group	Mitre Attack
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000000.00000003.1667212559.00000000044E7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44E7000
Size:	630784

Details

Name:	00000004.00000003.1956859602.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000000.00000003.1663539194.0000000004431000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4431000
Size:	630784

Details

Name:	00000004.00000003.1956776774.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000001.00000002.1888625466.0000000000600000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	600000
Size:	4096

Details

Name:	00000002.00000000.1811718743.0000000002790000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	heap
Protect:	page read and write
Base address:	2790000
Size:	8192

Details

Name:	00000000.00000003.1694311423.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000004.00000002.3513571976.0000000000560000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	560000
Size:	36864

Details

Name:	00000000.00000003.1663023447.0000000004431000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4431000
Size:	630784

Details

Name:	00000004.00000003.2059745882.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000001.00000003.1806077051.0000000000613000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	613000
Size:	135168

Details

Name:	00000007.00000000.1954685824.00000000004D0000.00000002.00000001.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4D0000
Size:	4096

Details

Name:	00000004.00000003.2058446941.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000003.2061750683.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000000.00000003.1662128669.0000000004588000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4588000
Size:	630784

Details

Name:	00000008.00000002.2177690699.0000008E5B5FB000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	8E5B5FB000
Size:	20480

Details

Name:	00000000.00000003.1666204582.000000000443F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	443F000
Size:	630784

Details

Name:	00000004.00000003.1890916743.00000000004B4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B4000
Size:	4096

Details

Name:	00000002.00000002.3513396581.0000000000690000.00000002.00000001.00040000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	690000
Size:	4096

Details

Name:	00000004.00000002.3517237189.0000000005B70000.00000004.00000800.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5B70000
Size:	4096

Details

Name:	00000004.00000002.3513571976.0000000000617000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	617000
Size:	4096

Details

Name:	00000000.00000003.1693550751.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000000.00000003.1666505093.00000000044E0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44E0000
Size:	630784

Details

Name:	00000000.00000003.1666388896.00000000044E0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44E0000
Size:	630784

Details

Name:	00000004.00000003.2062027895.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000001.00000002.1888494762.00000000001A0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1A0000
Size:	4096

Details

Name:	00000004.00000003.1901693245.0000000000850000.00000004.00000800.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	850000
Size:	172032

Details

Name:	00000001.00000003.1857325941.00000000005B0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	5B0000
Size:	176128

Details

Name:	00000004.00000002.3513430914.00000000004B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4B0000
Size:	16384

Details

Name:	00000007.00000000.1954726906.000000000054A000.00000004.00000010.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	stack
Protect:	page read and write
Base address:	54A000
Size:	24576

Details

Name:	00000000.00000003.1665204812.0000000004433000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4433000
Size:	630784

Details

Name:	00000004.00000003.1895330823.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	237568

Details

Name:	00000000.00000003.1665941229.0000000004436000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4436000
Size:	630784

Details

Name:	00000002.00000000.1811377986.000000000070E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	stack
Protect:	page read and write
Base address:	70E000
Size:	8192

Details

Name:	00000004.00000002.3514649103.00000000008A0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	8A0000
Size:	16384

Details

Name:	00000000.00000003.1695284820.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000001.00000003.1792189204.0000000000817000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	817000
Size:	20480

Details

Name:	00000001.00000002.1888759141.00000000031D1000.00000040.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	31D1000
Size:	458752

Details

Name:	00000004.00000003.2059231701.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000004.00000003.2059281924.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000004.00000003.2062711408.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000000.00000003.1666073603.000000000443F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	443F000
Size:	630784

Details

Name:	00000000.00000003.1695710972.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000004.00000003.2060960147.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000007.00000002.3515959197.0000000004E63000.00000040.80000000.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	system
Protect:	page execute and read and write
Base address:	4E63000
Size:	4096

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000008.00000002.2177859860.00000253A0850000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	253A0850000
Size:	8192

Details

Name:	00000001.00000003.1808670452.0000000000613000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	613000
Size:	135168

Details

Name:	00000004.00000003.2061121721.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000000.00000003.1664139696.0000000004435000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4435000
Size:	630784

Details

Name:	00000000.00000003.1696333832.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000004.00000003.2057773207.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000002.00000000.1811318276.000000000065C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	stack
Protect:	page read and write
Base address:	65C000
Size:	16384

Details

Name:	00000004.00000003.2065695531.00000000005F3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	5F3000
Size:	12288

Signature Hits	Behavior Group	Mitre Attack
SQL strings found in memory and binary data	System Summary

Details

Name:	00000004.00000003.2061796166.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000008.00000002.2178041913.00000253A220E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	253A220E000
Size:	4096

Details

Name:	00000000.00000003.1693505155.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000004.00000003.2074256996.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000000.00000003.1665139317.00000000044E4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44E4000
Size:	630784

Details

Name:	00000000.00000003.1694575134.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000004.00000003.2063721084.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000004.00000003.2062155682.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000003.2061835995.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000003.2060471264.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000003.1890606069.0000000002B50000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2B50000
Size:	1196032

Signature Hits	Behavior Group	Mitre Attack
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000007.00000002.3514019974.00000000008C0000.00000004.00000001.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	8C0000
Size:	4096

Details

Name:	00000008.00000002.2176596569.0000000020622000.00000004.80000000.00040000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	system
Protect:	page read and write
Base address:	20622000
Size:	4096

Details

Name:	00000002.00000002.3513605552.0000000000730000.00000004.00000001.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	730000
Size:	4096

Details

Name:	00000004.00000003.1956746777.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000003.2074346556.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000000.00000003.1663474098.0000000004588000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4588000
Size:	630784

Details

Name:	00000002.00000002.3513430976.00000000006A0000.00000002.00000001.00040000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	6A0000
Size:	4096

Details

Name:	00000000.00000003.1668914513.00000000044EE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44EE000
Size:	630784

Details

Name:	00000004.00000003.2060839451.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000002.3513571976.0000000000586000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	586000
Size:	8192

Details

Name:	00000001.00000003.1808535113.00000000005B0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	5B0000
Size:	176128

Details

Name:	00000001.00000003.1793997709.0000000002D00000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2D00000
Size:	1196032

Signature Hits	Behavior Group	Mitre Attack
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000007.00000002.3514610443.00000000027C2000.00000004.00000001.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	27C2000
Size:	12288

Details

Name:	00000000.00000003.1662954751.00000000044EA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44EA000
Size:	630784

Details

Name:	00000002.00000002.3514166321.00000000010A0000.00000002.00000001.00040000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	10A0000
Size:	380928

Signature Hits	Behavior Group	Mitre Attack
May try to detect the Windows Explorer process (often used for injection)	HIPS / PFW / Operating System Protection Evasion	Process Injection Process Discovery

Details

Name:	00000004.00000003.1956587396.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000003.2061340392.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000000.00000003.1695849791.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000000.00000003.1667398335.0000000004436000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4436000
Size:	630784

Details

Name:	00000004.00000003.2064240176.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000003.2058662330.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000007.00000000.1954967289.000000000084E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	stack
Protect:	page read and write
Base address:	84E000
Size:	8192

Details

Name:	00000007.00000002.3513289430.00000000004E0000.00000002.00000001.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	4E0000
Size:	4096

Details

Name:	00000000.00000003.1693823798.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000000.00000003.1696697494.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000000.00000003.1714600495.0000000004430000.00000004.00001000.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	4430000
Size:	1187840

Details

Name:	00000000.00000003.1714725972.00000000046F9000.00000004.00001000.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	46F9000
Size:	4096

Details

Name:	00000000.00000003.1665269848.00000000044D5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44D5000
Size:	630784

Details

Name:	00000004.00000003.1889008201.0000000000579000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	579000
Size:	24576

Details

Name:	00000004.00000003.2059363084.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000004.00000003.2060650536.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000004.00000003.2059777988.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000003.2064574437.0000000007598000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	7598000
Size:	4096

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000000.00000003.1663089759.00000000044D8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44D8000
Size:	630784

Details

Name:	00000007.00000000.1954946444.00000000007F7000.00000002.00000001.01000000.00000004.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7F7000
Size:	61440

Details

Name:	00000004.00000003.2060231848.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000003.2068096181.00000000005F8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	5F8000
Size:	4096

Details

Name:	00000000.00000003.1666443658.000000000443A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	443A000
Size:	630784

Details

Name:	00000001.00000003.1856978950.0000000000873000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	873000
Size:	4096

Details

Name:	00000007.00000000.1954751731.000000000064C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	stack
Protect:	page read and write
Base address:	64C000
Size:	16384

Details

Name:	00000001.00000003.1802581492.0000000000613000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	613000
Size:	135168

Details

Name:	00000004.00000003.2063936830.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000000.00000003.1667643151.0000000004434000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4434000
Size:	630784

Details

Name:	00000004.00000003.2059677773.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000000.00000003.1693955635.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000004.00000002.3513500879.000000000053F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	53F000
Size:	4096

Details

Name:	00000007.00000000.1954930592.00000000007F5000.00000004.00000001.01000000.00000004.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	7F5000
Size:	8192

Details

Name:	00000002.00000002.3513790689.00000000007E1000.00000020.00000001.01000000.00000004.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute read
Base address:	7E1000
Size:	53248

Details

Name:	00000000.00000003.1714350173.00000000045D0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	45D0000
Size:	1196032

Details

Name:	00000000.00000003.1694443442.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	520192

Details

Name:	00000008.00000002.2178135903.00000253A2301000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	253A2301000
Size:	4096

Details

Name:	00000004.00000003.2074100059.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000003.2060588087.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000001.00000003.1792175992.0000000000805000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	805000
Size:	49152

Details

Name:	00000004.00000002.3516006037.000000000332C000.00000004.10000000.00040000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unclassified section
Protect:	page read and write
Base address:	332C000
Size:	53248

Signature Hits	Behavior Group	Mitre Attack
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000000.00000003.1714229190.0000000004430000.00000004.00001000.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	4430000
Size:	1187840

Details

Name:	00000001.00000002.1888625466.0000000000602000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	602000
Size:	20480

Details

Name:	00000004.00000003.2060681308.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000007.00000002.3513713037.00000000007E0000.00000002.00000001.01000000.00000004.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7E0000
Size:	4096

Details

Name:	00000001.00000002.1888418389.00000000000CC000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	CC000
Size:	16384

Details

Name:	00000004.00000003.1956983131.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000000.00000003.1664797039.000000000443A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	443A000
Size:	630784

Details

Name:	00000004.00000003.2065695531.00000000005E1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	5E1000
Size:	12288

Details

Name:	00000004.00000003.2063962857.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000000.00000003.1699614921.0000000004206000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4206000
Size:	450560

Details

Name:	00000008.00000002.2176596569.0000000020CE4000.00000004.80000000.00040000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	system
Protect:	page read and write
Base address:	20CE4000
Size:	4096

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000000.00000003.1667343570.00000000044EF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44EF000
Size:	630784

Details

Name:	00000004.00000003.2064170429.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000000.00000003.1668841032.000000000443A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	443A000
Size:	630784

Details

Name:	00000004.00000003.2061156558.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000008.00000002.2177760541.00000253A06D6000.00000040.80000000.00040000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	system
Protect:	page execute and read and write
Base address:	253A06D6000
Size:	4096

Details

Name:	00000000.00000003.1696377884.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000004.00000003.2062254696.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000003.2062793816.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000004.00000003.1957102811.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000007.00000002.3514610443.000000000340C000.00000004.00000001.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	340C000
Size:	4096

Details

Name:	00000004.00000003.1889046616.0000000000574000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	574000
Size:	4096

Details

Name:	00000001.00000003.1808815520.0000000000613000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	613000
Size:	241664

Details

Name:	00000001.00000002.1889123444.0000000003401000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3401000
Size:	8192

Details

Name:	00000004.00000003.2059977858.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000000.00000003.1696652104.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000004.00000002.3513571976.0000000000646000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	646000
Size:	32768

Details

Name:	00000000.00000003.1666755981.00000000044D6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44D6000
Size:	630784

Details

Name:	00000000.00000003.1697202732.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000007.00000002.3513906272.000000000084E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	84E000
Size:	8192

Details

Name:	00000004.00000002.3514938661.0000000002E29000.00000040.00001000.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	2E29000
Size:	4096

Details

Name:	00000007.00000002.3513326412.000000000054A000.00000004.00000010.00020000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	54A000
Size:	24576

Details

Name:	00000004.00000003.2060393708.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000007.00000002.3515959197.0000000004E82000.00000040.80000000.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	system
Protect:	page execute and read and write
Base address:	4E82000
Size:	4096

Details

Name:	00000004.00000003.2064146025.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000003.2063770184.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000000.00000003.1696025192.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000000.00000003.1664203952.00000000044DA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	44DA000
Size:	630784

Details

Name:	00000004.00000003.2059842036.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000007.00000002.3514306150.0000000001090000.00000002.00000001.00040000.00000000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1090000
Size:	380928

Details

Name:	00000000.00000003.1697484547.000000000420E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	420E000
Size:	516096

Details

Name:	00000004.00000003.2058785754.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	8192

Details

Name:	00000004.00000003.2061528699.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Details

Name:	00000004.00000003.2060437293.00000000008B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8B1000
Size:	4096

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
shipping documents_pdf.exe

Files

Processes

URLs

Domains

IPs

Memdumps

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Reportshipping documents_pdf.exe

Files

Processes

URLs

Domains

IPs

Memdumps

IOC Report
shipping documents_pdf.exe