Automated Malware Analysis IOC Report for

Details

Name:	0000000B.00000002.1959789817.0000000003EDB000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3EDB000
Size:	294912

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected RedLine Stealer	Stealing of Sensitive Information, Remote Access Functionality
Yara detected Credential Stealer	Stealing of Sensitive Information
Yara signature match	System Summary
URLs found in memory or binary data	Networking

Details

Name:	00000000.00000002.1866595947.0000000003E2A000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3E2A000
Size:	1814528

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected RedLine Stealer	Stealing of Sensitive Information, Remote Access Functionality
Found many strings related to Crypto-Wallets (likely being stolen)	Stealing of Sensitive Information	Data from Local System
Sample file is different than original file name gathered from version info	System Summary
Yara detected Credential Stealer	Stealing of Sensitive Information
Yara signature match	System Summary

Details

Name:	00000009.00000002.1973035327.0000000000402000.00000040.00000400.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	remote allocation
Protect:	page execute and read and write
Base address:	402000
Size:	102400

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected RedLine Stealer	Stealing of Sensitive Information, Remote Access Functionality
Sample file is different than original file name gathered from version info	System Summary
Yara detected Credential Stealer	Stealing of Sensitive Information
Yara signature match	System Summary
URLs found in memory or binary data	Networking

Details

Name:	00000012.00000002.2100534414.0000000006B20000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6B20000
Size:	65536

Details

Name:	00000009.00000002.1992637700.0000000006EE0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6EE0000
Size:	65536

Details

Name:	00000009.00000002.1992993947.0000000006FD0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6FD0000
Size:	4096

Details

Name:	00000000.00000002.1864993603.00000000012DE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	12DE000
Size:	8192

Details

Name:	00000009.00000002.1985788190.000000000679E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	679E000
Size:	4096

Details

Name:	00000012.00000002.2101292233.00000000072E0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	72E0000
Size:	36864

Details

Name:	00000009.00000002.1982536550.000000000544E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	544E000
Size:	8192

Details

Name:	00000012.00000002.2098595953.00000000063D8000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	63D8000
Size:	4096

Details

Name:	00000000.00000002.1868209148.0000000005256000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5256000
Size:	16384

Details

Name:	0000000B.00000002.1959789817.000000000402B000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	402B000
Size:	4096

Details

Name:	00000000.00000002.1862079642.0000000001043000.00000040.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	1043000
Size:	4096

Details

Name:	00000012.00000002.2095690089.000000000526D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	526D000
Size:	12288

Details

Name:	00000009.00000002.1986731899.0000000006964000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6964000
Size:	36864

Details

Name:	0000000B.00000002.1956174497.000000000113F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	113F000
Size:	4096

Details

Name:	00000012.00000002.2093222170.0000000004D40000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4D40000
Size:	65536

Details

Name:	0000000F.00000002.1931149664.00000000007F0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7F0000
Size:	16384

Details

Name:	00000012.00000002.2099500704.000000000686D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	686D000
Size:	12288

Details

Name:	0000000B.00000002.1958287437.0000000002DEF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2DEF000
Size:	4096

Details

Name:	00000009.00000002.1994356375.0000000007A80000.00000040.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7A80000
Size:	4096

Details

Name:	0000000B.00000002.1967801568.0000000007050000.00000040.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7050000
Size:	4096

Details

Name:	00000009.00000002.1975298411.00000000030BC000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	30BC000
Size:	339968

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000006.00000002.1835832071.000000000318F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	318F000
Size:	4096

Details

Name:	00000000.00000002.1862161622.00000000010C3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	10C3000
Size:	159744

Details

Name:	00000009.00000002.1994475419.0000000007AC0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7AC0000
Size:	65536

Details

Name:	0000000B.00000002.1959789817.0000000003F58000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3F58000
Size:	4096

Details

Name:	00000012.00000002.2100250654.0000000006920000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6920000
Size:	12288

Details

Name:	00000009.00000002.1985260291.0000000006764000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6764000
Size:	36864

Details

Name:	0000000B.00000002.1955891752.0000000000EF7000.00000004.00000010.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	EF7000
Size:	36864

Details

Name:	00000012.00000002.2087050965.0000000003983000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3983000
Size:	266240

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000000.00000002.1870258350.0000000007887000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7887000
Size:	16384

Details

Name:	00000009.00000002.1975141421.0000000002F70000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2F70000
Size:	65536

Details

Name:	00000009.00000002.1975298411.000000000315A000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	315A000
Size:	2338816

Signature Hits	Behavior Group	Mitre Attack
SQL strings found in memory and binary data	System Summary
URLs found in memory or binary data	Networking

Details

Name:	00000009.00000002.1985788190.0000000006790000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6790000
Size:	20480

Details

Name:	0000000B.00000002.1965419107.00000000052E0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	52E0000
Size:	12288

Details

Name:	00000009.00000002.1974784382.000000000142E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	142E000
Size:	4096

Details

Name:	00000009.00000002.1974349915.0000000001390000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1390000
Size:	8192

Details

Name:	00000009.00000002.1983802310.0000000005840000.00000040.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	5840000
Size:	65536

Details

Name:	0000000B.00000002.1968264045.0000000007390000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7390000
Size:	20480

Details

Name:	00000009.00000002.1975298411.0000000003126000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3126000
Size:	12288

Details

Name:	00000009.00000002.1973658227.000000000112E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	112E000
Size:	8192

Details

Name:	0000000B.00000002.1965419107.00000000052E4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	52E4000
Size:	16384

Details

Name:	0000000F.00000002.1931075799.0000000000580000.00000004.00000020.00020000.00000000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	580000
Size:	24576

Details

Name:	0000000B.00000002.1958380307.0000000002FD2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2FD2000
Size:	20480

Details

Name:	00000000.00000002.1871274677.000000000A3EE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	A3EE000
Size:	8192

Details

Name:	00000012.00000002.2098595953.00000000063E5000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	63E5000
Size:	36864

Details

Name:	00000009.00000002.1986256755.0000000006939000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6939000
Size:	8192

Details

Name:	00000012.00000002.2079495296.0000000000B80000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	B80000
Size:	16384

Details

Name:	00000012.00000002.2081500546.0000000002841000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2841000
Size:	319488

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000009.00000002.1975298411.0000000003007000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3007000
Size:	4096

Details

Name:	0000000B.00000002.1965419107.0000000005312000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5312000
Size:	49152

Details

Name:	00000009.00000002.1973680913.000000000121B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	121B000
Size:	24576

Details

Name:	00000009.00000002.1975298411.000000000348B000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	348B000
Size:	24576

Details

Name:	0000000B.00000002.1957694984.0000000002C60000.00000004.00000020.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2C60000
Size:	4096

Details

Name:	00000012.00000002.2087050965.0000000003841000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3841000
Size:	49152

Details

Name:	00000009.00000002.1975298411.0000000003110000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3110000
Size:	28672

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000000.00000002.1864749756.000000000127B000.00000040.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	127B000
Size:	4096

Details

Name:	00000000.00000002.1865665100.0000000002D10000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2D10000
Size:	16384

Details

Name:	0000000B.00000002.1968590030.00000000073DE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	73DE000
Size:	8192

Details

Name:	00000009.00000002.1974732142.0000000001420000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1420000
Size:	16384

Details

Name:	0000000B.00000002.1957634614.00000000013B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	13B0000
Size:	16384

Details

Name:	00000012.00000002.2096098713.000000000569E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	569E000
Size:	8192

Details

Name:	00000012.00000002.2098032599.00000000062B0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	62B0000
Size:	4096

Details

Name:	00000012.00000002.2097512132.0000000006102000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6102000
Size:	12288

Details

Name:	00000000.00000002.1869193454.0000000005904000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5904000
Size:	16384

Details

Name:	00000000.00000002.1870165375.0000000007650000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7650000
Size:	65536

Details

Name:	00000009.00000002.1986256755.000000000695F000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	695F000
Size:	4096

Details

Name:	00000009.00000002.1974292104.000000000132F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	132F000
Size:	4096

Details

Name:	00000009.00000002.1984852708.000000000670B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	670B000
Size:	4096

Details

Name:	00000012.00000002.2081500546.000000000296E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	296E000
Size:	1638400

Signature Hits	Behavior Group	Mitre Attack
Found many strings related to Crypto-Wallets (likely being stolen)	Stealing of Sensitive Information	Data from Local System
URLs found in memory or binary data	Networking

Details

Name:	00000000.00000002.1865319396.0000000002CCB000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2CCB000
Size:	20480

Details

Name:	00000000.00000002.1862161622.0000000001077000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1077000
Size:	65536

Details

Name:	00000009.00000002.1984563433.0000000005A80000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5A80000
Size:	36864

Details

Name:	0000000F.00000002.1931058181.0000000000550000.00000004.00000020.00020000.00000000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	550000
Size:	4096

Details

Name:	00000012.00000002.2087050965.0000000003AF1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3AF1000
Size:	8192

Details

Name:	00000009.00000002.1974368003.00000000013A0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	13A0000
Size:	12288

Details

Name:	0000000B.00000002.1967331616.0000000005E40000.00000004.00000020.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5E40000
Size:	4096

Details

Name:	0000000B.00000002.1967216468.0000000005630000.00000040.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	5630000
Size:	65536

Details

Name:	0000000B.00000002.1956204293.0000000001182000.00000004.00000020.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1182000
Size:	266240

Details

Name:	00000000.00000002.1862054748.0000000001040000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1040000
Size:	8192

Details

Name:	00000012.00000002.2081500546.0000000002B04000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2B04000
Size:	262144

Details

Name:	00000000.00000002.1872036689.000000000ADCB000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	ADCB000
Size:	20480

Details

Name:	00000009.00000002.1974613673.00000000013D7000.00000040.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	13D7000
Size:	4096

Details

Name:	00000000.00000002.1872454547.000000007F5A0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7F5A0000
Size:	4096

Details

Name:	0000000B.00000002.1969848771.000000000A86E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	A86E000
Size:	8192

Details

Name:	0000000B.00000002.1958380307.000000000304F000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	304F000
Size:	16384

Details

Name:	0000000B.00000002.1955841762.0000000000B9A000.00000004.00000010.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	B9A000
Size:	24576

Details

Name:	00000000.00000002.1865883060.0000000002D40000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2D40000
Size:	4096

Details

Name:	0000000F.00000002.1931094609.000000000069F000.00000004.00000001.00020000.00000000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	69F000
Size:	4096

Details

Name:	00000009.00000002.1975298411.0000000002F91000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2F91000
Size:	319488

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000012.00000002.2098521507.00000000063A0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	63A0000
Size:	36864

Details

Name:	0000000B.00000002.1962453143.0000000004E08000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4E08000
Size:	4096

Details

Name:	0000000B.00000002.1967331616.0000000005E50000.00000004.00000020.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5E50000
Size:	40960

Details

Name:	00000012.00000002.2102043205.0000000007465000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7465000
Size:	28672

Details

Name:	0000000B.00000002.1969296624.0000000009FCE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	9FCE000
Size:	8192

Details

Name:	00000000.00000002.1868499658.00000000052D2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	52D2000
Size:	57344

Details

Name:	00000012.00000002.2087050965.0000000003AF8000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3AF8000
Size:	167936

Details

Name:	00000009.00000002.1993459288.0000000007765000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7765000
Size:	16384

Details

Name:	00000006.00000002.1835807880.000000000314E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	314E000
Size:	8192

Details

Name:	00000009.00000002.1973579761.0000000000FC0000.00000004.00000020.00040000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	FC0000
Size:	4096

Details

Name:	00000012.00000002.2097840370.000000000629F000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	629F000
Size:	4096

Details

Name:	00000009.00000002.1982563157.0000000005450000.00000040.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page execute and read and write
Base address:	5450000
Size:	4096

Details

Name:	00000000.00000002.1869118294.00000000058B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	58B0000
Size:	4096

Details

Name:	0000000B.00000002.1957196952.00000000012F0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	12F0000
Size:	4096

Details

Name:	00000009.00000002.1974388683.00000000013A3000.00000040.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	13A3000
Size:	4096

Details

Name:	0000000B.00000002.1967104702.0000000005615000.00000004.00000020.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5615000
Size:	40960

Details

Name:	00000012.00000002.2098333214.0000000006386000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6386000
Size:	24576

Details

Name:	00000012.00000002.2097840370.0000000006272000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6272000
Size:	8192

Details

Name:	00000012.00000002.2078146941.00000000009FD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	9FD000
Size:	53248

Details

Name:	00000009.00000002.1974254123.0000000001222000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1222000
Size:	53248

Details

Name:	00000009.00000002.1974858536.0000000002E10000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2E10000
Size:	4096

Details

Name:	00000000.00000002.1870060930.000000000762E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	762E000
Size:	8192

Details

Name:	00000012.00000002.2079877792.0000000000CFE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	CFE000
Size:	4096

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000009.00000002.1986144326.000000000681E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	681E000
Size:	8192

Details

Name:	00000000.00000002.1862796935.000000000125D000.00000040.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	125D000
Size:	4096

Details

Name:	00000012.00000002.2093084256.000000000497D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	497D000
Size:	12288

Details

Name:	00000000.00000002.1869321281.0000000006F82000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6F82000
Size:	1761280

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000012.00000002.2087050965.000000000387C000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	387C000
Size:	4096

Details

Name:	0000000B.00000002.1966893056.0000000005594000.00000002.08000000.00040000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library section
Protect:	page readonly
Base address:	5594000
Size:	4096

Details

Name:	00000012.00000002.2096133308.00000000056C0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	56C0000
Size:	36864

Details

Name:	00000012.00000002.2098333214.0000000006380000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6380000
Size:	20480

Details

Name:	00000012.00000002.2081500546.0000000002D07000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2D07000
Size:	12288

Details

Name:	00000012.00000002.2080649090.00000000025CB000.00000040.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	25CB000
Size:	8192

Details

Name:	00000012.00000002.2098139099.00000000062C0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	62C0000
Size:	57344

Details

Name:	00000009.00000002.1975298411.0000000003021000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3021000
Size:	4096

Details

Name:	00000009.00000002.1974404675.00000000013A4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	13A4000
Size:	16384

Details

Name:	00000012.00000002.2081500546.00000000028C3000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	28C3000
Size:	4096

Details

Name:	00000012.00000002.2094995830.0000000005180000.00000040.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	5180000
Size:	65536

Details

Name:	00000012.00000002.2098595953.00000000063D1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	63D1000
Size:	8192

Details

Name:	00000012.00000002.2079553581.0000000000C90000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	C90000
Size:	8192

Details

Name:	00000012.00000002.2081500546.0000000002C59000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2C59000
Size:	507904

Details

Name:	0000000F.00000002.1931039873.000000000054E000.00000004.00000001.00020000.00000000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	54E000
Size:	8192

Details

Name:	00000000.00000002.1869193454.00000000058EE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	58EE000
Size:	77824

Details

Name:	00000012.00000002.2087050965.0000000003860000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3860000
Size:	4096

Details

Name:	00000000.00000002.1871491830.000000000A66D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	A66D000
Size:	12288

Details

Name:	0000000B.00000002.1969269914.0000000009ECE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	9ECE000
Size:	8192

Details

Name:	00000000.00000002.1872374871.000000000B020000.00000040.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	B020000
Size:	12288

Details

Name:	00000009.00000002.1984085324.00000000058BA000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	58BA000
Size:	8192

Details

Name:	00000000.00000002.1864685752.0000000001277000.00000040.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	1277000
Size:	4096

Details

Name:	0000000B.00000002.1957046945.00000000012D3000.00000040.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	12D3000
Size:	4096

Details

Name:	00000009.00000002.1994390517.0000000007A90000.00000040.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7A90000
Size:	65536

Details

Name:	00000012.00000002.2095726717.00000000052AE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	52AE000
Size:	8192

Details

Name:	0000000B.00000002.1965376035.0000000004F9C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4F9C000
Size:	16384

Details

Name:	00000012.00000002.2087050965.000000000384E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	384E000
Size:	4096

Details

Name:	00000009.00000002.1978351761.0000000003F9E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3F9E000
Size:	4096

Details

Name:	00000012.00000002.2081166347.0000000002714000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2714000
Size:	20480

Details

Name:	0000000B.00000002.1966551414.00000000053B0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	53B0000
Size:	65536

Details

Name:	00000012.00000002.2101522862.0000000007427000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7427000
Size:	40960

Details

Name:	00000009.00000002.1986256755.000000000694F000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	694F000
Size:	8192

Details

Name:	00000012.00000002.2099106968.00000000063F0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	63F0000
Size:	4096

Details

Name:	00000012.00000002.2097935692.00000000062A4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	62A4000
Size:	36864

Details

Name:	00000009.00000002.1975298411.0000000003025000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3025000
Size:	614400

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	00000012.00000002.2080872307.0000000002640000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2640000
Size:	8192

Details

Name:	00000009.00000002.1974919940.0000000002F00000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2F00000
Size:	65536

Details

Name:	00000009.00000002.1994062917.00000000077E6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	77E6000
Size:	8192

Details

Name:	00000009.00000002.1974491696.00000000013C0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	13C0000
Size:	4096

Details

Name:	00000012.00000002.2087050965.00000000039D5000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	39D5000
Size:	4096

Details

Name:	0000000B.00000002.1966443474.0000000005390000.00000004.00000020.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5390000
Size:	4096

Details

Name:	00000009.00000002.1985906141.00000000067A0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	67A0000
Size:	57344

Details

Name:	00000000.00000002.1871301533.000000000A4EE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	A4EE000
Size:	8192

Details

Name:	00000000.00000002.1868653668.00000000053C0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	53C0000
Size:	65536

Details

Name:	00000009.00000002.1988895174.0000000006E82000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6E82000
Size:	8192

Details

Name:	00000009.00000002.1994121935.0000000007A50000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7A50000
Size:	65536

Details

Name:	00000009.00000002.1974573783.00000000013D2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	13D2000
Size:	4096

Details

Name:	00000012.00000002.2098595953.00000000063B6000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	63B6000
Size:	4096

Details

Name:	00000000.00000002.1868850992.0000000005510000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5510000
Size:	8192

Details

Name:	00000012.00000002.2078146941.0000000000950000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	950000
Size:	114688

Details

Name:	00000000.00000002.1868499658.00000000052D0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	52D0000
Size:	4096

Details

Name:	00000009.00000002.1984765995.000000000659F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	659F000
Size:	4096

Details

Name:	00000009.00000002.1994770945.00000000091A6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	91A6000
Size:	12288

Details

Name:	0000000B.00000002.1968110816.00000000070BF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	70BF000
Size:	4096

Details

Name:	00000009.00000002.1983373678.00000000057E0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	57E0000
Size:	65536

Details

Name:	00000000.00000002.1862134583.000000000104D000.00000040.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	104D000
Size:	4096

Details

Name:	00000009.00000002.1973680913.0000000001138000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1138000
Size:	86016

Details

Name:	00000000.00000002.1868209148.0000000005251000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5251000
Size:	16384

Details

Name:	00000009.00000002.1988895174.0000000006E7D000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6E7D000
Size:	4096

Details

Name:	00000009.00000002.1973680913.00000000011CD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	11CD000
Size:	315392

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000012.00000002.2099657232.0000000006880000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6880000
Size:	4096

Details

Name:	00000012.00000002.2087050965.0000000003AF4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3AF4000
Size:	12288

Details

Name:	00000009.00000002.1982716486.0000000005791000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5791000
Size:	49152

Details

Name:	00000012.00000002.2101292233.00000000072F0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	72F0000
Size:	32768

Details

Name:	00000000.00000002.1865981717.0000000002D51000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2D51000
Size:	1597440

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary
URLs found in memory or binary data	Networking

Details

Name:	00000009.00000002.1986222454.000000000692F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	692F000
Size:	4096

Details

Name:	00000000.00000002.1863065734.0000000001266000.00000040.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	1266000
Size:	8192

Details

Name:	00000009.00000002.1974667412.0000000001400000.00000040.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	1400000
Size:	65536

Details

Name:	00000012.00000002.2102455328.0000000007D6E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7D6E000
Size:	8192

Details

Name:	00000012.00000002.2096687535.0000000006032000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6032000
Size:	155648

Details

Name:	00000012.00000002.2087050965.0000000003AEA000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3AEA000
Size:	8192

Details

Name:	00000012.00000002.2101418486.00000000073E0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	73E0000
Size:	24576

Details

Name:	00000009.00000002.1993291270.000000000773A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	773A000
Size:	12288

Details

Name:	00000012.00000002.2100306911.0000000006A8E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	6A8E000
Size:	8192

Details

Name:	00000000.00000002.1861891436.0000000000FF7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	FF7000
Size:	32768

Details

Name:	00000009.00000002.1974508549.00000000013C2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	13C2000
Size:	4096

Details

Name:	0000000B.00000002.1956598432.00000000011DE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	11DE000
Size:	8192

Details

Name:	00000012.00000002.2098595953.00000000063DD000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	63DD000
Size:	4096

Details

Name:	00000012.00000002.2097616107.0000000006110000.00000040.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	6110000
Size:	65536

Details

Name:	00000000.00000002.1871796495.000000000AAEE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	AAEE000
Size:	8192

Details

Name:	00000012.00000002.2095303152.00000000051FD000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	51FD000
Size:	12288

Details

Name:	0000000B.00000002.1956906127.00000000012B0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	12B0000
Size:	8192

Details

Name:	00000009.00000002.1975106612.0000000002F60000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2F60000
Size:	36864

Details

Name:	00000012.00000002.2099965742.00000000068A0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	68A0000
Size:	4096

Details

Name:	0000000B.00000002.1967104702.0000000005610000.00000004.00000020.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5610000
Size:	12288

Details

Name:	00000012.00000002.2087050965.0000000003ADE000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3ADE000
Size:	16384

Details

Name:	00000000.00000002.1865549505.0000000002CF0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2CF0000
Size:	65536

Details

Name:	00000009.00000002.1986256755.0000000006948000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6948000
Size:	4096

Details

Name:	00000000.00000002.1869793237.0000000007360000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7360000
Size:	552960

Details

Name:	00000012.00000002.2079416440.0000000000B20000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	B20000
Size:	8192

Details

Name:	00000012.00000002.2098032599.00000000062B5000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	62B5000
Size:	45056

Details

Name:	00000009.00000002.1984672849.0000000005D1E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	5D1E000
Size:	8192

Details

Name:	0000000B.00000002.1967073483.0000000005600000.00000004.00000020.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5600000
Size:	4096

Details

Name:	00000012.00000002.2079578238.0000000000CDE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	CDE000
Size:	8192

Details

Name:	00000009.00000002.1974803995.000000000152F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	152F000
Size:	4096

Details

Name:	00000000.00000002.1865196039.0000000002C8E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2C8E000
Size:	8192

Details

Name:	0000000B.00000002.1956598432.00000000011C6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	11C6000
Size:	94208

Details

Name:	00000012.00000002.2081500546.0000000002CDE000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2CDE000
Size:	151552

Details

Name:	00000000.00000002.1868876636.000000000555B000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	555B000
Size:	20480

Details

Name:	0000000B.00000002.1959789817.0000000004094000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4094000
Size:	4096

Details

Name:	00000000.00000002.1864829563.0000000001290000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1290000
Size:	4096

Details

Name:	00000000.00000002.1870036156.000000000752E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	752E000
Size:	8192

Details

Name:	00000012.00000002.2079683221.0000000000CE3000.00000040.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	CE3000
Size:	4096

Details

Name:	00000009.00000002.1993766836.00000000077D5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	77D5000
Size:	16384

Signature Hits	Behavior Group	Mitre Attack
AV process strings found (often used to terminate AV products)	Lowering of HIPS / PFW / Operating System Security Settings	Security Software Discovery

Details

Name:	00000009.00000002.1994093868.0000000007A2E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7A2E000
Size:	8192

Details

Name:	00000012.00000002.2101117710.00000000071C0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	71C0000
Size:	4096

Details

Name:	00000000.00000002.1866595947.0000000003DEC000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3DEC000
Size:	176128

Details

Name:	00000000.00000002.1861808705.0000000000F9E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	F9E000
Size:	8192

Details

Name:	00000009.00000002.1988895174.0000000006E85000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6E85000
Size:	36864

Details

Name:	0000000B.00000002.1957603751.00000000013AC000.00000004.00000010.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	13AC000
Size:	16384

Details

Name:	00000000.00000002.1861989550.0000000001000000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1000000
Size:	4096

Details

Name:	00000012.00000002.2079739650.0000000000CED000.00000040.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	CED000
Size:	4096

Details

Name:	00000009.00000002.1973634739.00000000010E0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	10E0000
Size:	12288

Details

Name:	00000012.00000002.2098595953.00000000063D6000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	63D6000
Size:	4096

Details

Name:	0000000B.00000002.1967834381.0000000007060000.00000004.00000020.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7060000
Size:	143360

Details

Name:	0000000B.00000002.1956107655.0000000000F65000.00000004.00000020.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	F65000
Size:	12288

Details

Name:	00000012.00000002.2079766412.0000000000CF0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	CF0000
Size:	24576

Details

Name:	00000009.00000002.1987070606.00000000069EE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	69EE000
Size:	8192

Details

Name:	00000000.00000002.1865067886.00000000012E0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	12E0000
Size:	16384

Details

Name:	00000009.00000002.1994559433.0000000007AD0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7AD0000
Size:	4096

Details

Name:	00000012.00000002.2101522862.0000000007456000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7456000
Size:	32768

Details

Name:	00000009.00000002.1974334751.0000000001360000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1360000
Size:	4096

Details

Name:	0000000B.00000002.1958156483.0000000002CD0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2CD0000
Size:	16384

Details

Name:	00000000.00000002.1871233129.000000000A3AE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	A3AE000
Size:	8192

Details

Name:	00000012.00000002.2101217767.00000000071E5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	71E5000
Size:	16384

Details

Name:	0000000B.00000002.1967726457.0000000007040000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7040000
Size:	65536

Details

Name:	00000009.00000002.1973680913.0000000001159000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1159000
Size:	45056

Details

Name:	0000000B.00000002.1957491362.0000000001307000.00000040.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	1307000
Size:	4096

Details

Name:	00000000.00000002.1862683074.000000000124E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	124E000
Size:	8192

Details

Name:	00000000.00000002.1871399246.000000000A52E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	A52E000
Size:	8192

Details

Name:	0000000B.00000002.1968135247.0000000007160000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7160000
Size:	65536

Details

Name:	00000009.00000002.1994712831.000000000838E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	838E000
Size:	8192

Details

Name:	00000012.00000002.2095886441.00000000053CB000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	53CB000
Size:	8192

Details

Name:	00000012.00000002.2081500546.0000000002948000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2948000
Size:	4096

Details

Name:	00000012.00000002.2081500546.00000000028C5000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	28C5000
Size:	4096

Details

Name:	00000000.00000002.1868903376.0000000005560000.00000040.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page execute and read and write
Base address:	5560000
Size:	4096

Details

Name:	00000012.00000002.2100782745.0000000007170000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7170000
Size:	65536

Details

Name:	0000000B.00000002.1957870425.0000000002CA0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CA0000
Size:	4096

Details

Name:	00000009.00000002.1985975691.00000000067C2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	67C2000
Size:	12288

Details

Name:	00000012.00000002.2098595953.00000000063BC000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	63BC000
Size:	4096

Details

Name:	00000012.00000002.2099837899.0000000006890000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6890000
Size:	65536

Details

Name:	00000000.00000002.1869321281.0000000006F60000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6F60000
Size:	24576

Details

Name:	00000009.00000002.1986256755.0000000006955000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6955000
Size:	4096

Details

Name:	00000012.00000002.2078146941.0000000000A0C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	A0C000
Size:	16384

Details

Name:	00000009.00000002.1984563433.0000000005A8E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5A8E000
Size:	8192

Details

Name:	00000012.00000002.2078085820.0000000000900000.00000004.00000020.00040000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	900000
Size:	4096

Details

Name:	00000009.00000002.1973127254.0000000000E5B000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	E5B000
Size:	20480

Details

Name:	0000000B.00000002.1969594734.000000000A38E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	A38E000
Size:	8192

Details

Name:	0000000B.00000002.1957353971.0000000001300000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1300000
Size:	4096

Details

Name:	00000012.00000002.2080698500.00000000025E0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	25E0000
Size:	4096

Details

Name:	0000000B.00000002.1957725778.0000000002C80000.00000040.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	2C80000
Size:	65536

Details

Name:	00000006.00000002.1835675032.0000000002D40000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2D40000
Size:	20480

Details

Name:	00000009.00000002.1982591769.000000000555E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	555E000
Size:	8192

Details

Name:	00000006.00000002.1835857564.00000000031A0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	31A0000
Size:	32768

Details

Name:	00000009.00000002.1993766836.00000000077B8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	77B8000
Size:	36864

Details

Name:	0000000F.00000002.1930966174.000000000019A000.00000004.00000010.00020000.00000000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	19A000
Size:	24576

Details

Name:	00000009.00000002.1978351761.0000000004001000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4001000
Size:	675840

Details

Name:	00000009.00000002.1994017771.00000000077DD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	77DD000
Size:	24576

Details

Name:	00000009.00000002.1993459288.0000000007751000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7751000
Size:	57344

Details

Name:	0000000B.00000002.1969969375.000000000A9AE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	A9AE000
Size:	8192

Details

Name:	00000009.00000002.1985788190.0000000006798000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6798000
Size:	12288

Details

Name:	00000012.00000002.2087050965.0000000003C36000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3C36000
Size:	1863680

Details

Name:	00000012.00000002.2081367874.0000000002720000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2720000
Size:	4096

Details

Name:	0000000F.00000002.1931002074.000000000041B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	41B000
Size:	90112

Details

Name:	0000000B.00000002.1956865184.000000000127E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	127E000
Size:	8192

Details

Name:	00000009.00000002.1973680913.0000000001165000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1165000
Size:	397312

Details

Name:	00000009.00000002.1993228386.00000000071F0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	71F0000
Size:	4096

Details

Name:	00000012.00000002.2095201988.00000000051E0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	51E0000
Size:	65536

Details

Name:	00000012.00000002.2102107910.0000000007490000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7490000
Size:	4096

Details

Name:	0000000B.00000002.1957106441.00000000012DD000.00000040.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	12DD000
Size:	4096

Details

Name:	00000000.00000002.1861844393.0000000000FDE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	FDE000
Size:	8192

Details

Name:	00000009.00000002.1983468265.0000000005810000.00000040.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	5810000
Size:	65536

Details

Name:	00000012.00000002.2080432541.00000000025C2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	25C2000
Size:	4096

Details

Name:	00000012.00000002.2095886441.00000000053C0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	53C0000
Size:	36864

Details

Name:	00000012.00000002.2081500546.0000000002BFD000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2BFD000
Size:	368640

Details

Name:	00000009.00000002.1986172817.0000000006820000.00000040.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	6820000
Size:	16384

Details

Name:	00000000.00000002.1870663904.0000000007C30000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7C30000
Size:	57344

Details

Name:	0000000B.00000002.1969687615.000000000A72C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	A72C000
Size:	16384

Details

Name:	00000006.00000002.1835632193.0000000002D0A000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2D0A000
Size:	24576

Details

Name:	00000009.00000002.1982716486.0000000005782000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5782000
Size:	36864

Details

Name:	00000012.00000002.2096687535.000000000605E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	605E000
Size:	4096

Details

Name:	00000012.00000002.2098282691.000000000636F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	636F000
Size:	4096

Details

Name:	00000009.00000002.1992274997.0000000006E9B000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6E9B000
Size:	20480

Details

Name:	00000009.00000002.1975298411.0000000003397000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3397000
Size:	176128

Details

Name:	00000000.00000002.1869193454.0000000005928000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5928000
Size:	4096

Details

Name:	00000012.00000002.2102107910.000000000747E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	747E000
Size:	4096

Details

Name:	00000009.00000002.1993259720.0000000007730000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7730000
Size:	4096

Details

Name:	00000009.00000002.1983600114.0000000005830000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5830000
Size:	53248

Details

Name:	00000009.00000002.1994190704.0000000007A60000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7A60000
Size:	12288

Details

Name:	00000012.00000002.2101025608.00000000071B0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	71B0000
Size:	65536

Details

Name:	00000000.00000002.1860691477.0000000000AEA000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	AEA000
Size:	24576

Details

Name:	00000012.00000002.2098595953.00000000063B4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	63B4000
Size:	4096

Details

Name:	00000000.00000002.1871668980.000000000A8AD000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	A8AD000
Size:	12288

Details

Name:	00000009.00000002.1982651252.000000000575E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	575E000
Size:	8192

Details

Name:	00000009.00000002.1984852708.0000000006725000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6725000
Size:	188416

Details

Name:	00000009.00000002.1986833448.0000000006972000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6972000
Size:	8192

Details

Name:	00000000.00000002.1871455654.000000000A62F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	A62F000
Size:	4096

Details

Name:	00000009.00000002.1978351761.00000000040C2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	40C2000
Size:	2637824

Details

Name:	00000009.00000002.1987168639.0000000006A2E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	6A2E000
Size:	8192

Details

Name:	00000012.00000002.2099557085.0000000006870000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6870000
Size:	65536

Details

Name:	00000009.00000002.1974877012.0000000002E28000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2E28000
Size:	4096

Details

Name:	00000012.00000002.2081166347.000000000271A000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	271A000
Size:	24576

Details

Name:	00000012.00000002.2095886441.00000000053CE000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	53CE000
Size:	8192

Details

Name:	00000009.00000002.1974476059.00000000013BD000.00000040.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	13BD000
Size:	4096

Details

Name:	0000000B.00000002.1957574000.000000000136E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	136E000
Size:	8192

Details

Name:	00000009.00000002.1984563433.0000000005A8B000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5A8B000
Size:	8192

Details

Name:	00000009.00000002.1982716486.0000000005760000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5760000
Size:	36864

Details

Name:	00000000.00000002.1872284947.000000000B00E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	B00E000
Size:	8192

Details

Name:	00000009.00000002.1984085324.00000000058BD000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	58BD000
Size:	12288

Details

Name:	00000000.00000002.1862740325.0000000001250000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1250000
Size:	40960

Details

Name:	00000009.00000002.1973285501.0000000000F90000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	F90000
Size:	16384

Details

Name:	0000000B.00000002.1957384563.0000000001302000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1302000
Size:	4096

Details

Name:	00000009.00000002.1985260291.000000000676E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	676E000
Size:	4096

Details

Name:	00000000.00000002.1868607196.00000000053B0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	53B0000
Size:	65536

Details

Name:	00000012.00000002.2100918199.000000000719A000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	719A000
Size:	16384

Details

Name:	0000000F.00000002.1931133090.000000000071F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	71F000
Size:	4096

Details

Name:	00000000.00000002.1861891436.0000000000FF0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	FF0000
Size:	20480

Details

Name:	00000009.00000002.1984852708.00000000066E2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	66E2000
Size:	147456

Details

Name:	0000000F.00000002.1930951343.000000000015D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	15D000
Size:	12288

Details

Name:	00000000.00000002.1868468541.00000000052C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	52C0000
Size:	4096

Details

Name:	00000012.00000002.2093598194.00000000050C1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	50C1000
Size:	16384

Details

Name:	00000012.00000002.2102636162.000000007F5E0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7F5E0000
Size:	4096

Details

Name:	0000000B.00000002.1969320700.000000000A00D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	A00D000
Size:	12288

Details

Name:	00000009.00000002.1992377711.0000000006EC0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6EC0000
Size:	65536

Details

Name:	00000009.00000002.1975298411.0000000003013000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3013000
Size:	4096

Details

Name:	00000009.00000002.1988895174.0000000006E6E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6E6E000
Size:	4096

Details

Name:	00000009.00000002.1988895174.0000000006E5C000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6E5C000
Size:	4096

Details

Name:	0000000F.00000002.1930983460.0000000000400000.00000004.00000020.00040000.00000000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	400000
Size:	4096

Details

Name:	0000000B.00000002.1957026401.00000000012D0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	12D0000
Size:	4096

Details

Name:	00000000.00000002.1871857376.000000000AC2E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	AC2E000
Size:	8192

Details

Name:	00000012.00000002.2080084506.00000000025AD000.00000040.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	25AD000
Size:	4096

Details

Name:	00000009.00000002.1978351761.0000000003F91000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3F91000
Size:	45056

Details

Name:	00000012.00000002.2102107910.0000000007472000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7472000
Size:	20480

Details

Name:	00000012.00000002.2101149408.00000000071D0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	71D0000
Size:	4096

Details

Name:	00000012.00000002.2094909788.0000000005170000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5170000
Size:	53248

Details

Name:	00000000.00000002.1862030356.0000000001030000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1030000
Size:	8192

Details

Name:	0000000B.00000002.1967425195.0000000006F40000.00000004.00000020.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6F40000
Size:	552960

Details

Name:	0000000B.00000002.1970044011.000000007FA50000.00000040.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7FA50000
Size:	4096

Details

Name:	00000000.00000002.1868773775.00000000053F0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	53F0000
Size:	4096

Details

Name:	00000012.00000002.2079965937.00000000025A0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	25A0000
Size:	28672

Details

Name:	00000012.00000002.2096223915.0000000005EEE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	5EEE000
Size:	8192

Details

Name:	00000012.00000002.2080981505.0000000002668000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2668000
Size:	4096

Details

Name:	00000012.00000002.2097798706.000000000626F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	626F000
Size:	4096

Details

Name:	00000012.00000002.2100081130.0000000006900000.00000040.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	6900000
Size:	65536

Details

Name:	00000012.00000002.2080720824.000000000262E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	262E000
Size:	8192

Details

Name:	0000000B.00000002.1955944727.0000000000F00000.00000004.00000020.00040000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	F00000
Size:	4096

Details

Name:	00000012.00000002.2087050965.00000000038A3000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	38A3000
Size:	802816

Details

Name:	00000009.00000002.1984816951.00000000066A0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	66A0000
Size:	4096

Details

Name:	0000000B.00000002.1957870425.0000000002CA3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CA3000
Size:	8192

Details

Name:	00000000.00000002.1869047569.00000000057A0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	57A0000
Size:	12288

Details

Name:	0000000B.00000002.1956107655.0000000000F60000.00000004.00000020.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	F60000
Size:	16384

Details

Name:	00000009.00000002.1988895174.0000000006E5F000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6E5F000
Size:	8192

Details

Name:	00000000.00000002.1868701495.00000000053D0000.00000002.08000000.00040000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library section
Protect:	page readonly
Base address:	53D0000
Size:	65536

Details

Name:	00000012.00000002.2077881634.00000000005D0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5D0000
Size:	16384

Details

Name:	00000009.00000002.1988895174.0000000006E71000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6E71000
Size:	8192

Details

Name:	00000000.00000002.1869193454.0000000005902000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5902000
Size:	4096

Details

Name:	00000000.00000002.1870501574.0000000007B30000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7B30000
Size:	151552

Details

Name:	00000009.00000002.1984707181.0000000005D5E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	5D5E000
Size:	8192

Details

Name:	00000012.00000002.2081419114.0000000002730000.00000040.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page execute and read and write
Base address:	2730000
Size:	4096

Details

Name:	00000009.00000002.1973285501.0000000000F95000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	F95000
Size:	16384

Details

Name:	00000000.00000002.1865370174.0000000002CD0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	2CD0000
Size:	65536

Details

Name:	00000000.00000002.1871558933.000000000A76D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	A76D000
Size:	12288

Details

Name:	00000009.00000002.1975205599.0000000002F80000.00000040.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page execute and read and write
Base address:	2F80000
Size:	4096

Details

Name:	00000000.00000002.1871825361.000000000AB2E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	AB2E000
Size:	8192

Details

Name:	00000009.00000002.1984302723.00000000058E0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	58E0000
Size:	65536

Details

Name:	00000000.00000002.1862161622.0000000001108000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1108000
Size:	192512

Details

Name:	0000000B.00000002.1969654408.000000000A62C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	A62C000
Size:	16384

Details

Name:	0000000B.00000002.1957291403.00000000012F6000.00000040.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	12F6000
Size:	8192

Details

Name:	00000012.00000002.2095493401.0000000005210000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5210000
Size:	65536

Details

Name:	00000009.00000002.1974557844.00000000013D0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	13D0000
Size:	4096

Details

Name:	00000000.00000000.1766522104.00000000009B0000.00000002.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	9B0000
Size:	4096

Details

Name:	00000000.00000002.1861533936.0000000000E50000.00000004.00000020.00040000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	E50000
Size:	4096

Details

Name:	00000012.00000002.2081460337.000000000283E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	283E000
Size:	8192

Details

Name:	0000000B.00000002.1956204293.0000000001174000.00000004.00000020.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1174000
Size:	20480

Details

Name:	00000012.00000002.2102213799.00000000075F0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	75F0000
Size:	61440

Details

Name:	00000009.00000002.1988410814.0000000006E4E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	6E4E000
Size:	8192

Details

Name:	0000000B.00000002.1959789817.0000000003FC2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3FC2000
Size:	4096

Details

Name:	00000009.00000002.1982505252.000000000540E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	540E000
Size:	8192

Details

Name:	00000012.00000002.2097404668.00000000060E0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	60E0000
Size:	61440

Details

Name:	00000009.00000002.1986731899.0000000006960000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6960000
Size:	4096

Details

Name:	00000000.00000002.1868743336.00000000053E0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	53E0000
Size:	8192

Details

Name:	00000009.00000002.1982716486.0000000005776000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5776000
Size:	45056

Details

Name:	00000012.00000002.2093386626.0000000004D60000.00000040.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page execute and read and write
Base address:	4D60000
Size:	4096

Details

Name:	00000012.00000002.2093598194.00000000050D2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	50D2000
Size:	36864

Details

Name:	00000009.00000002.1984789978.000000000669E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	669E000
Size:	8192

Details

Name:	00000009.00000002.1978351761.0000000004361000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4361000
Size:	937984

Details

Name:	00000009.00000002.1993744626.0000000007785000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7785000
Size:	4096

Details

Name:	00000009.00000002.1987908189.0000000006AE0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6AE0000
Size:	65536

Details

Name:	00000009.00000002.1975298411.0000000003015000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3015000
Size:	4096

Details

Name:	00000009.00000002.1974630465.00000000013DB000.00000040.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	13DB000
Size:	8192

Details

Name:	00000009.00000002.1978351761.0000000003FA2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3FA2000
Size:	303104

Details

Name:	0000000B.00000002.1958246718.0000000002CE0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CE0000
Size:	4096

Details

Name:	00000012.00000002.2096052109.000000000565E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	565E000
Size:	8192

Details

Name:	00000009.00000002.1983058227.00000000057A1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	57A1000
Size:	61440

Details

Name:	00000000.00000002.1864503894.0000000001272000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1272000
Size:	4096

Details

Name:	00000012.00000002.2100337353.0000000006A90000.00000040.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	6A90000
Size:	65536

Details

Name:	00000009.00000002.1974986267.0000000002F54000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2F54000
Size:	20480

Details

Name:	00000000.00000002.1862161622.0000000001091000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1091000
Size:	196608

Details

Name:	00000009.00000002.1988090481.0000000006AF0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6AF0000
Size:	65536

Details

Name:	00000012.00000002.2095855068.00000000053BF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	53BF000
Size:	4096

Details

Name:	00000009.00000002.1994839140.000000007F2B0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7F2B0000
Size:	4096

Details

Name:	0000000B.00000002.1966809046.0000000005580000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5580000
Size:	65536

Details

Name:	00000009.00000002.1973610641.00000000010DE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	10DE000
Size:	8192

Details

Name:	00000009.00000002.1983895441.0000000005890000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5890000
Size:	65536

Details

Name:	00000012.00000002.2097754965.0000000006160000.00000040.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	6160000
Size:	16384

Details

Name:	00000012.00000002.2094697033.0000000005150000.00000040.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	5150000
Size:	65536

Details

Name:	0000000B.00000002.1958380307.0000000002FD8000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2FD8000
Size:	479232

Details

Name:	00000000.00000002.1865474040.0000000002CE0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2CE0000
Size:	65536

Details

Name:	00000012.00000002.2097512132.0000000006100000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6100000
Size:	4096

Details

Name:	00000000.00000002.1862161622.000000000105E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	105E000
Size:	98304

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	00000009.00000002.1988895174.0000000006E56000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6E56000
Size:	4096

Details

Name:	00000000.00000002.1864228771.0000000001270000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1270000
Size:	4096

Details

Name:	00000009.00000002.1986256755.0000000006935000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6935000
Size:	12288

Details

Name:	00000000.00000002.1866595947.0000000003D51000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3D51000
Size:	507904

Details

Name:	00000009.00000002.1993715334.000000000777F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	777F000
Size:	12288

Details

Name:	00000000.00000002.1870702823.0000000007C7E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7C7E000
Size:	8192

Details

Name:	00000012.00000002.2101522862.000000000743C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	743C000
Size:	24576

Details

Name:	00000012.00000002.2081500546.0000000002D35000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2D35000
Size:	12288

Details

Name:	00000000.00000002.1869096688.00000000058AE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	58AE000
Size:	8192

Details

Name:	00000012.00000002.2080126152.00000000025B0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	25B0000
Size:	4096

Details

Name:	0000000B.00000002.1957248812.00000000012F2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	12F2000
Size:	4096

Details

Name:	00000012.00000002.2080542072.00000000025C5000.00000040.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	25C5000
Size:	4096

Details

Name:	00000012.00000002.2081500546.0000000002AFF000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2AFF000
Size:	8192

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000000.00000002.1862161622.0000000001138000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1138000
Size:	94208

Details

Name:	0000000B.00000002.1957329276.00000000012FA000.00000040.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	12FA000
Size:	4096

Details

Name:	00000012.00000002.2098229313.000000000632D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	632D000
Size:	12288

Details

Name:	00000009.00000002.1975298411.0000000003427000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3427000
Size:	192512

Details

Name:	0000000B.00000002.1965419107.0000000005306000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5306000
Size:	16384

Details

Name:	00000012.00000002.2100731430.000000000716F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	716F000
Size:	4096

Details

Name:	00000012.00000002.2077881634.00000000005D5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5D5000
Size:	16384

Details

Name:	00000000.00000002.1865114849.00000000013EE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	13EE000
Size:	8192

Details

Name:	00000012.00000002.2101522862.000000000744B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	744B000
Size:	40960

Details

Name:	0000000B.00000002.1968740420.00000000075EE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	75EE000
Size:	8192

Details

Name:	00000009.00000002.1974841765.0000000002E0E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2E0E000
Size:	8192

Details

Name:	00000000.00000002.1872241505.000000000AF0E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	AF0E000
Size:	8192

Details

Name:	0000000B.00000002.1969229144.0000000009DCF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	9DCF000
Size:	4096

Details

Name:	00000000.00000002.1862161622.0000000001050000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1050000
Size:	28672

Details

Name:	00000009.00000002.1974309378.0000000001350000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1350000
Size:	20480

Details

Name:	00000006.00000002.1835782313.000000000310F000.00000004.00000001.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	310F000
Size:	4096

Details

Name:	00000012.00000002.2087050965.0000000003852000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3852000
Size:	12288

Details

Name:	00000012.00000002.2093598194.00000000050E1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	50E1000
Size:	49152

Details

Name:	00000009.00000002.1986833448.0000000006970000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6970000
Size:	4096

Details

Name:	0000000B.00000002.1968046422.00000000070AA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	70AA000
Size:	20480

Details

Name:	0000000B.00000002.1969624374.000000000A48E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	A48E000
Size:	8192

Details

Name:	00000012.00000002.2087050965.00000000039CE000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	39CE000
Size:	4096

Details

Name:	00000012.00000002.2078146941.000000000096D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	96D000
Size:	49152

Details

Name:	00000012.00000002.2095396185.0000000005200000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5200000
Size:	65536

Details

Name:	00000012.00000002.2096258385.0000000005FEE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	5FEE000
Size:	8192

Details

Name:	0000000B.00000002.1956204293.000000000114A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	114A000
Size:	8192

Details

Name:	0000000B.00000002.1968668011.00000000074BE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	74BE000
Size:	8192

Details

Name:	00000012.00000002.2081500546.0000000002CD8000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2CD8000
Size:	12288

Details

Name:	00000012.00000002.2102547920.0000000007E70000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7E70000
Size:	4096

Details

Name:	00000009.00000002.1974591553.00000000013D5000.00000040.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	13D5000
Size:	4096

Details

Name:	00000009.00000002.1975298411.00000000033C4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	33C4000
Size:	192512

Details

Name:	00000009.00000002.1993340101.0000000007742000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7742000
Size:	12288

Details

Name:	00000000.00000002.1870321036.00000000078CE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	78CE000
Size:	8192

Details

Name:	0000000B.00000002.1957981999.0000000002CB4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2CB4000
Size:	4096

Details

Name:	00000009.00000002.1973680913.0000000001130000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1130000
Size:	28672

Details

Name:	0000000F.00000002.1931114842.00000000006DE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	6DE000
Size:	8192

Details

Name:	00000000.00000002.1865981717.0000000002F9F000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2F9F000
Size:	16384

Details

Name:	00000012.00000002.2100890072.0000000007180000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7180000
Size:	4096

Details

Name:	00000000.00000002.1868209148.0000000005234000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5234000
Size:	16384

Details

Name:	00000000.00000002.1870142937.0000000007640000.00000040.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7640000
Size:	4096

Details

Name:	00000006.00000002.1835904523.0000000003340000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3340000
Size:	16384

Details

Name:	0000000B.00000002.1968046422.00000000070BB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	70BB000
Size:	8192

Details

Name:	00000009.00000002.1974986267.0000000002F50000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2F50000
Size:	12288

Details

Name:	00000012.00000002.2078146941.0000000000A11000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	A11000
Size:	167936

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	0000000B.00000002.1957134037.00000000012E0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	12E0000
Size:	24576

Details

Name:	00000009.00000002.1975298411.000000000345E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	345E000
Size:	176128

Details

Name:	0000000B.00000002.1959789817.0000000003E01000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3E01000
Size:	36864

Details

Name:	0000000B.00000002.1966996287.00000000055EB000.00000004.00000010.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	55EB000
Size:	20480

Details

Name:	00000012.00000002.2098595953.00000000063E2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	63E2000
Size:	8192

Details

Name:	00000009.00000002.1984224974.00000000058D0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	58D0000
Size:	65536

Details

Name:	00000009.00000002.1974651412.00000000013F0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	13F0000
Size:	4096

Details

Name:	00000000.00000002.1870759311.0000000007D7E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7D7E000
Size:	8192

Details

Name:	00000000.00000002.1868209148.000000000525D000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	525D000
Size:	69632

Details

Name:	00000009.00000002.1974964220.0000000002F4E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2F4E000
Size:	8192

Details

Name:	0000000B.00000002.1965419107.000000000530D000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	530D000
Size:	16384

Details

Name:	00000006.00000002.1835754758.0000000002DD0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2DD0000
Size:	4096

Details

Name:	00000012.00000002.2095103709.00000000051D0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	51D0000
Size:	65536

Details

Name:	00000012.00000002.2097725472.000000000615E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	615E000
Size:	8192

Details

Name:	00000009.00000002.1984151111.00000000058C0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	58C0000
Size:	65536

Details

Name:	0000000B.00000002.1966475167.00000000053A0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	53A0000
Size:	4096

Details

Name:	0000000B.00000002.1957785517.0000000002C90000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2C90000
Size:	65536

Details

Name:	00000000.00000002.1869164391.00000000058C9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	58C9000
Size:	53248

Details

Name:	00000009.00000002.1986997684.0000000006980000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6980000
Size:	57344

Details

Name:	00000000.00000002.1870205941.0000000007660000.00000040.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7660000
Size:	65536

Details

Name:	00000009.00000002.1988895174.0000000006E76000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6E76000
Size:	4096

Details

Name:	0000000B.00000002.1957981999.0000000002CB0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2CB0000
Size:	4096

Details

Name:	00000009.00000002.1985501982.0000000006775000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6775000
Size:	24576

Details

Name:	00000000.00000002.1862920502.0000000001262000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1262000
Size:	4096

Details

Name:	00000009.00000002.1993340101.0000000007746000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7746000
Size:	40960

Details

Name:	00000012.00000002.2098444749.0000000006390000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6390000
Size:	53248

Details

Name:	00000009.00000002.1994623136.0000000007AF0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7AF0000
Size:	4096

Details

Name:	00000012.00000002.2100434595.0000000006ADE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	6ADE000
Size:	8192

Details

Name:	00000009.00000002.1982716486.000000000578E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	578E000
Size:	8192

Details

Name:	0000000B.00000002.1968620731.0000000007470000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7470000
Size:	57344

Details

Name:	00000012.00000002.2093144027.0000000004CFE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4CFE000
Size:	8192

Details

Name:	00000012.00000002.2099106968.00000000063F4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	63F4000
Size:	49152

Details

Name:	00000012.00000002.2102574538.0000000007E80000.00000040.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7E80000
Size:	4096

Details

Name:	0000000B.00000002.1956204293.000000000114E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	114E000
Size:	98304

Details

Name:	00000012.00000002.2080189923.00000000025B2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	25B2000
Size:	4096

Details

Name:	00000012.00000002.2094376299.0000000005110000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5110000
Size:	65536

Details

Name:	00000012.00000002.2081500546.000000000294A000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	294A000
Size:	143360

Details

Name:	00000000.00000002.1865665100.0000000002D15000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2D15000
Size:	45056

Details

Name:	00000012.00000002.2079917447.000000000259E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	259E000
Size:	8192

Details

Name:	00000009.00000002.1974523249.00000000013C6000.00000040.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	13C6000
Size:	40960

Details

Name:	00000012.00000002.2093598194.00000000050C6000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	50C6000
Size:	45056

Details

Name:	00000009.00000002.1987274539.0000000006A40000.00000040.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	6A40000
Size:	65536

Details

Name:	00000000.00000002.1868773775.00000000053F3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	53F3000
Size:	8192

Details

Name:	00000012.00000002.2087050965.0000000003B36000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3B36000
Size:	933888

Details

Name:	00000012.00000002.2078146941.0000000000A42000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	A42000
Size:	53248

Details

Name:	0000000B.00000002.1968765082.00000000076EF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	76EF000
Size:	4096

Details

Name:	00000009.00000002.1983999304.00000000058A0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	58A0000
Size:	65536

Details

Name:	00000009.00000002.1993145604.00000000071E0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	71E0000
Size:	65536

Details

Name:	00000012.00000002.2081500546.0000000002890000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2890000
Size:	122880

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000012.00000002.2094811404.0000000005160000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5160000
Size:	65536

Details

Name:	00000000.00000002.1871713360.000000000A9AE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	A9AE000
Size:	8192

Details

Name:	00000009.00000002.1994190704.0000000007A64000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7A64000
Size:	49152

Details

Name:	00000012.00000002.2096549080.0000000006000000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6000000
Size:	4096

Details

Name:	0000000B.00000002.1956598432.00000000011FC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	11FC000
Size:	274432

Details

Name:	0000000B.00000002.1968830760.00000000077FF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	77FF000
Size:	4096

Details

Name:	00000009.00000002.1975298411.000000000312C000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	312C000
Size:	151552

Details

Name:	00000012.00000002.2078113229.000000000094D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	94D000
Size:	12288

Details

Name:	00000012.00000002.2087050965.0000000003892000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3892000
Size:	8192

Details

Name:	00000009.00000002.1985975691.00000000067C0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	67C0000
Size:	4096

Details

Name:	00000009.00000002.1974444897.00000000013B0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	13B0000
Size:	28672

Details

Name:	00000012.00000002.2095583495.0000000005220000.00000040.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	5220000
Size:	65536

Details

Name:	00000009.00000002.1986256755.0000000006932000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6932000
Size:	8192

Details

Name:	00000012.00000002.2101522862.000000000741F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	741F000
Size:	28672

Details

Name:	00000012.00000002.2099994043.00000000068F0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	68F0000
Size:	65536

Details

Name:	00000009.00000002.1986833448.0000000006975000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6975000
Size:	45056

Details

Name:	00000012.00000002.2093433309.0000000004E6E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4E6E000
Size:	8192

Details

Name:	00000009.00000002.1986060031.00000000067D0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	67D0000
Size:	65536

Details

Name:	0000000B.00000002.1969995107.000000000A9C0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	A9C0000
Size:	8192

Details

Name:	00000006.00000002.1835701671.0000000002D80000.00000004.00000020.00040000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2D80000
Size:	4096

Details

Name:	00000009.00000002.1975298411.00000000033F7000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	33F7000
Size:	4096

Signature Hits	Behavior Group	Mitre Attack
SQL strings found in memory and binary data	System Summary

Details

Name:	00000009.00000002.1973035327.0000000000400000.00000040.00000400.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	remote allocation
Protect:	page execute and read and write
Base address:	400000
Size:	4096

Details

Name:	0000000B.00000002.1969345080.000000000A10D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	A10D000
Size:	12288

Details

Name:	00000009.00000002.1985260291.0000000006754000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6754000
Size:	4096

Details

Name:	0000000B.00000002.1968784156.00000000076F0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	76F0000
Size:	65536

Details

Name:	00000012.00000002.2093562122.00000000050AE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	50AE000
Size:	8192

Details

Name:	00000012.00000002.2087050965.0000000003888000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3888000
Size:	8192

Details

Name:	00000012.00000002.2093598194.00000000050DE000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	50DE000
Size:	8192

Details

Name:	00000009.00000002.1993071099.00000000071D0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	71D0000
Size:	65536

Details

Name:	0000000B.00000002.1967277468.00000000057ED000.00000004.00000010.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	57ED000
Size:	12288

Details

Name:	0000000B.00000002.1958102019.0000000002CC0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2CC0000
Size:	65536

Details

Name:	00000012.00000002.2099221863.0000000006400000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6400000
Size:	65536

Details

Name:	00000012.00000002.2095303152.00000000051FA000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	51FA000
Size:	8192

Details

Name:	0000000B.00000002.1966305002.0000000005320000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5320000
Size:	65536

Details

Name:	0000000B.00000002.1969523216.000000000A24E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	A24E000
Size:	8192

Details

Name:	00000012.00000002.2101182000.00000000071E1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	71E1000
Size:	4096

Details

Name:	0000000B.00000002.1967041008.00000000055F0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	55F0000
Size:	4096

Details

Name:	00000012.00000002.2081500546.00000000028D1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	28D1000
Size:	4096

Details

Name:	00000012.00000002.2102513698.0000000007E6E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7E6E000
Size:	8192

Details

Name:	00000012.00000002.2087050965.000000000386C000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	386C000
Size:	8192

Details

Name:	00000009.00000002.1973214469.0000000000F58000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	F58000
Size:	32768

Details

Name:	00000012.00000002.2080363535.00000000025C0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	25C0000
Size:	4096

Details

Name:	00000012.00000002.2079527809.0000000000C8E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	C8E000
Size:	8192

Details

Name:	00000012.00000002.2100478795.0000000006B1E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	6B1E000
Size:	8192

Details

Name:	0000000B.00000002.1969560112.000000000A34E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	A34E000
Size:	8192

Details

Name:	0000000B.00000002.1968202486.0000000007170000.00000040.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7170000
Size:	65536

Details

Name:	00000012.00000002.2081038113.0000000002700000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2700000
Size:	65536

Details

Name:	00000009.00000002.1986256755.000000000695A000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	695A000
Size:	8192

Details

Name:	00000000.00000002.1862161622.0000000001058000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1058000
Size:	16384

Details

Name:	00000012.00000002.2096687535.0000000006078000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6078000
Size:	409600

Details

Name:	00000012.00000002.2102404745.0000000007D2E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7D2E000
Size:	8192

Details

Name:	00000009.00000002.1986256755.0000000006930000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6930000
Size:	4096

Details

Name:	00000006.00000002.1835857564.00000000031AA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	31AA000
Size:	106496

Details

Name:	00000000.00000002.1872153007.000000000AECC000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	AECC000
Size:	16384

Details

Name:	00000009.00000002.1994742746.0000000009190000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	9190000
Size:	4096

Details

Name:	00000012.00000002.2102304752.0000000007610000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7610000
Size:	20480

Details

Name:	0000000B.00000002.1959789817.0000000003E9C000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3E9C000
Size:	176128

Details

Name:	00000012.00000002.2087050965.000000000386F000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	386F000
Size:	8192

Details

Name:	00000009.00000002.1985678796.000000000677E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	677E000
Size:	28672

Details

Name:	00000012.00000002.2098595953.00000000063CE000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	63CE000
Size:	4096

Details

Name:	00000012.00000002.2093598194.00000000050BB000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	50BB000
Size:	20480

Details

Name:	00000009.00000002.1988182586.0000000006DCE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	6DCE000
Size:	8192

Details

Name:	00000009.00000002.1975298411.0000000002FE0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2FE0000
Size:	122880

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	0000000B.00000002.1969728627.000000000A76D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	A76D000
Size:	12288

Details

Name:	00000012.00000002.2099439614.000000000676C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	676C000
Size:	16384

Details

Name:	00000000.00000002.1865981717.0000000002EE0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2EE0000
Size:	774144

Details

Name:	00000000.00000002.1869004113.0000000005790000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5790000
Size:	65536

Details

Name:	00000000.00000002.1861673551.0000000000E85000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	E85000
Size:	12288

Details

Name:	00000012.00000002.2087050965.0000000003881000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3881000
Size:	8192

Details

Name:	00000009.00000002.1987604983.0000000006ACE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	6ACE000
Size:	8192

Details

Name:	00000009.00000002.1974732142.0000000001426000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1426000
Size:	28672

Details

Name:	00000000.00000002.1868179997.0000000004EEB000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4EEB000
Size:	20480

Details

Name:	00000000.00000002.1865765533.0000000002D20000.00000040.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page execute and read and write
Base address:	2D20000
Size:	4096

Details

Name:	00000000.00000002.1868973085.0000000005600000.00000004.08000000.00040000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library section
Protect:	page read and write
Base address:	5600000
Size:	49152

Details

Name:	00000009.00000002.1982618296.000000000565E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	565E000
Size:	8192

Details

Name:	00000009.00000002.1975298411.0000000003459000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3459000
Size:	8192

Signature Hits	Behavior Group	Mitre Attack
SQL strings found in memory and binary data	System Summary

Details

Name:	00000012.00000002.2101522862.00000000073F9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	73F9000
Size:	143360

Details

Name:	00000012.00000002.2096687535.000000000605A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	605A000
Size:	4096

Details

Name:	00000012.00000002.2098595953.00000000063BF000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	63BF000
Size:	8192

Details

Name:	00000009.00000002.1974823573.0000000002D0E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2D0E000
Size:	8192

Details

Name:	0000000B.00000002.1956067375.0000000000F5E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	F5E000
Size:	8192

Details

Name:	00000012.00000002.2080627661.00000000025C7000.00000040.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	25C7000
Size:	4096

Details

Name:	00000012.00000002.2079603129.0000000000CE0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	CE0000
Size:	12288

Details

Name:	00000009.00000002.1993595745.000000000776B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	776B000
Size:	61440

Details

Name:	00000000.00000002.1861673551.0000000000E80000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	E80000
Size:	16384

Details

Name:	00000009.00000002.1984417755.000000000596D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	596D000
Size:	12288

Details

Name:	00000009.00000002.1975298411.0000000003154000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3154000
Size:	12288

Details

Name:	0000000B.00000002.1956009479.0000000000F10000.00000004.00000020.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	F10000
Size:	8192

Details

Name:	00000012.00000002.2100635573.0000000006B30000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6B30000
Size:	65536

Details

Name:	0000000B.00000002.1969370206.000000000A110000.00000004.00000020.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	A110000
Size:	270336

Details

Name:	0000000B.00000002.1957071720.00000000012D4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	12D4000
Size:	8192

Details

Name:	00000009.00000002.1985678796.0000000006788000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6788000
Size:	16384

Details

Name:	00000009.00000002.1974986267.0000000002F5A000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2F5A000
Size:	24576

Details

Name:	00000009.00000002.1974713885.0000000001410000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1410000
Size:	8192

Details

Name:	00000000.00000002.1863875722.000000000126A000.00000040.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	126A000
Size:	4096

Details

Name:	00000000.00000002.1868209148.000000000523B000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	523B000
Size:	65536

Details

Name:	0000000B.00000002.1958333832.0000000002DF0000.00000040.00000020.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap
Protect:	page execute and read and write
Base address:	2DF0000
Size:	4096

Details

Name:	00000006.00000002.1835731328.0000000002DCE000.00000004.00000001.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2DCE000
Size:	8192

Details

Name:	00000012.00000002.2080279462.00000000025B6000.00000040.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	25B6000
Size:	40960

Details

Name:	00000000.00000002.1868434081.0000000005280000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5280000
Size:	65536

Details

Name:	00000012.00000002.2087050965.00000000039C8000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	39C8000
Size:	8192

Details

Name:	00000012.00000002.2087050965.0000000003865000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3865000
Size:	8192

Details

Name:	00000012.00000002.2079471463.0000000000B40000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	B40000
Size:	4096

Details

Name:	0000000B.00000002.1958156483.0000000002CD5000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2CD5000
Size:	45056

Details

Name:	0000000B.00000002.1966893056.0000000005590000.00000002.08000000.00040000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library section
Protect:	page readonly
Base address:	5590000
Size:	4096

Details

Name:	0000000B.00000002.1959789817.0000000003E7C000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3E7C000
Size:	4096

Details

Name:	00000012.00000002.2087050965.0000000003875000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3875000
Size:	16384

Details

Name:	00000009.00000002.1992274997.0000000006E90000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6E90000
Size:	40960

Details

Name:	00000012.00000002.2102359731.0000000007C2E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7C2E000
Size:	8192

Details

Name:	00000000.00000002.1871593043.000000000A770000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	A770000
Size:	4096

Details

Name:	00000012.00000002.2099327711.0000000006410000.00000040.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	6410000
Size:	65536

Details

Name:	00000009.00000002.1993340101.000000000773E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	773E000
Size:	12288

Details

Name:	00000009.00000002.1985501982.0000000006772000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6772000
Size:	8192

Details

Name:	00000012.00000002.2100189048.0000000006910000.00000040.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	6910000
Size:	4096

Details

Name:	0000000B.00000002.1969917054.000000000A8AE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	A8AE000
Size:	8192

Details

Name:	00000012.00000002.2098595953.00000000063C8000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	63C8000
Size:	4096

Details

Name:	0000000B.00000002.1957520213.000000000130B000.00000040.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	130B000
Size:	4096

Details

Name:	00000012.00000002.2093495416.0000000004F6E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4F6E000
Size:	8192

Details

Name:	00000009.00000002.1982716486.0000000005771000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5771000
Size:	16384

Details

Name:	00000000.00000002.1870501574.0000000007B56000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7B56000
Size:	245760

Details

Name:	00000000.00000002.1869047569.00000000057A5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	57A5000
Size:	40960

Details

Name:	0000000B.00000002.1968694851.00000000074FE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	74FE000
Size:	8192

Details

Name:	0000000B.00000002.1967834381.0000000007085000.00000004.00000020.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7085000
Size:	131072

Details

Name:	00000009.00000002.1994679884.0000000007C40000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7C40000
Size:	8192

Details

Name:	00000012.00000002.2099657232.0000000006882000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6882000
Size:	57344

Details

Name:	00000009.00000002.1988895174.0000000006E78000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6E78000
Size:	4096

Details

Name:	00000012.00000002.2081500546.00000000028BB000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	28BB000
Size:	20480

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000009.00000002.1992958541.0000000006F00000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6F00000
Size:	8192

Details

Name:	00000000.00000002.1865619134.0000000002D00000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2D00000
Size:	65536

Details

Name:	00000012.00000002.2078146941.0000000000987000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	987000
Size:	479232

Details

Name:	00000000.00000002.1861607481.0000000000E60000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	E60000
Size:	8192

Details

Name:	00000009.00000002.1988895174.0000000006E64000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6E64000
Size:	8192

Details

Name:	00000012.00000002.2093528863.0000000004FAE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4FAE000
Size:	8192

Details

Name:	00000012.00000002.2094493247.0000000005120000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5120000
Size:	65536

Details

Name:	00000012.00000002.2078146941.0000000000985000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	985000
Size:	4096

Details

Name:	00000009.00000002.1994281993.0000000007A70000.00000040.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7A70000
Size:	65536

Details

Name:	00000009.00000002.1982716486.000000000576B000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	576B000
Size:	20480

Details

Name:	00000012.00000002.2081500546.0000000002B46000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2B46000
Size:	364544

Details

Name:	00000009.00000002.1987449215.0000000006A50000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6A50000
Size:	65536

Details

Name:	00000006.00000002.1835594243.0000000002CCD000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2CCD000
Size:	12288

Details

Name:	0000000B.00000002.1956946415.00000000012C7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	12C7000
Size:	32768

Details

Name:	0000000B.00000002.1965419107.00000000052EB000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	52EB000
Size:	65536

Details

Name:	00000012.00000002.2079706545.0000000000CE4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	CE4000
Size:	16384

Details

Name:	0000000B.00000002.1956946415.00000000012C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	12C0000
Size:	20480

Details

Name:	00000009.00000002.1975298411.000000000300D000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	300D000
Size:	12288

Details

Name:	00000009.00000002.1983120184.00000000057C0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	57C0000
Size:	65536

Details

Name:	00000012.00000002.2077839268.000000000058B000.00000004.00000010.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	58B000
Size:	20480

Details

Name:	00000012.00000002.2081500546.0000000002B02000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2B02000
Size:	4096

Details

Name:	00000000.00000002.1862867301.0000000001260000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1260000
Size:	4096

Details

Name:	00000009.00000002.1974895504.0000000002EFC000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2EFC000
Size:	16384

Details

Name:	00000012.00000002.2079766412.0000000000CF8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	CF8000
Size:	16384

Details

Name:	00000009.00000002.1986256755.000000000694A000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	694A000
Size:	8192

Details

Name:	00000009.00000002.1992856836.0000000006EF0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	6EF0000
Size:	65536

Details

Name:	00000012.00000002.2100918199.0000000007190000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7190000
Size:	36864

Details

Name:	0000000B.00000002.1968264045.0000000007396000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7396000
Size:	16384

Details

Name:	00000012.00000002.2094235445.0000000005100000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5100000
Size:	65536

Details

Name:	00000012.00000002.2093190267.0000000004D3E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4D3E000
Size:	8192

Details

Name:	00000012.00000002.2097840370.0000000006270000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6270000
Size:	4096

Details

Name:	00000009.00000002.1984852708.0000000006709000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6709000
Size:	4096

Details

Name:	00000009.00000002.1983532366.0000000005820000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5820000
Size:	65536

Details

Name:	00000000.00000002.1868563753.00000000052E0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	52E0000
Size:	65536

Details

Name:	00000000.00000002.1868114703.0000000004D58000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4D58000
Size:	4096

Details

Name:	00000012.00000002.2093015938.000000000487C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	487C000
Size:	16384

Details

Name:	00000009.00000002.1992477327.0000000006ED0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6ED0000
Size:	65536

Details

Name:	00000000.00000002.1868209148.000000000524E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	524E000
Size:	4096

Details

Name:	00000012.00000002.2096194461.0000000005DEF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	5DEF000
Size:	4096

Details

Name:	00000009.00000002.1984531437.0000000005A7E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	5A7E000
Size:	8192

Details

Name:	00000000.00000002.1871759437.000000000A9ED000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	A9ED000
Size:	12288

Details

Name:	00000009.00000002.1994650826.0000000007C3E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7C3E000
Size:	8192

Details

Name:	00000009.00000002.1993766836.00000000077A4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	77A4000
Size:	28672

Details

Name:	00000012.00000002.2087050965.00000000039DA000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	39DA000
Size:	270336

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	0000000B.00000002.1958380307.0000000002E01000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2E01000
Size:	1302528

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000009.00000002.1984453787.0000000005970000.00000040.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	5970000
Size:	65536

Details

Name:	00000000.00000002.1865981717.0000000002ED8000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2ED8000
Size:	28672

Details

Name:	0000000B.00000002.1958380307.0000000002F40000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2F40000
Size:	593920

Details

Name:	0000000B.00000002.1965419107.00000000052FE000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	52FE000
Size:	4096

Details

Name:	00000009.00000002.1993766836.000000000778B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	778B000
Size:	16384

Details

Name:	00000012.00000002.2087050965.0000000003A33000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3A33000
Size:	684032

Details

Name:	00000000.00000002.1860772280.0000000000BE7000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	BE7000
Size:	36864

Details

Name:	00000000.00000002.1869137951.00000000058C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	58C0000
Size:	32768

Details

Name:	00000009.00000002.1983197574.00000000057D0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	57D0000
Size:	65536

Details

Name:	00000000.00000002.1870347095.00000000078F0000.00000004.08000000.00040000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library section
Protect:	page read and write
Base address:	78F0000
Size:	434176

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	0000000B.00000002.1966659891.0000000005570000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5570000
Size:	65536

Details

Name:	00000009.00000002.1993687319.000000000777C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	777C000
Size:	8192

Details

Name:	00000012.00000002.2078011381.00000000008F7000.00000004.00000010.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	8F7000
Size:	36864

Details

Name:	00000012.00000002.2093304108.0000000004D51000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4D51000
Size:	61440

Details

Name:	00000000.00000002.1868816329.00000000054F0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	54F0000
Size:	4096

Details

Name:	00000009.00000002.1988335985.0000000006E0E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	6E0E000
Size:	8192

Details

Name:	00000012.00000002.2081500546.0000000002D3B000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2D3B000
Size:	618496

Details

Name:	00000009.00000002.1974428041.00000000013AD000.00000040.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	13AD000
Size:	4096

Details

Name:	00000000.00000002.1870087292.0000000007630000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7630000
Size:	65536

Details

Name:	00000009.00000002.1987690436.0000000006AD0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6AD0000
Size:	65536

Details

Name:	00000009.00000002.1973680913.000000000114E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	114E000
Size:	40960

Details

Name:	0000000B.00000002.1957541714.0000000001320000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1320000
Size:	4096

Details

Name:	00000012.00000002.2101477747.00000000073EC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	73EC000
Size:	12288

Details

Name:	0000000B.00000002.1966412489.0000000005370000.00000004.00000020.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5370000
Size:	8192

Details

Name:	00000009.00000002.1994593661.0000000007AE0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7AE0000
Size:	4096

Details

Name:	0000000B.00000002.1957981999.0000000002CB6000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2CB6000
Size:	40960

Details

Name:	00000012.00000002.2081500546.00000000028D5000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	28D5000
Size:	466944

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000012.00000002.2080747573.0000000002630000.00000040.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	2630000
Size:	65536

Details

Name:	00000009.00000002.1993027138.000000000710B000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	710B000
Size:	20480

Details

Name:	00000000.00000002.1868209148.0000000005230000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5230000
Size:	12288

Details

Name:	0000000B.00000002.1966354921.0000000005340000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5340000
Size:	65536

Details

Name:	00000000.00000000.1766557578.00000000009B2000.00000002.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	9B2000
Size:	696320

Details

Name:	00000012.00000002.2081166347.0000000002710000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2710000
Size:	12288

Details

Name:	00000012.00000002.2080942109.0000000002650000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2650000
Size:	4096

Details

Name:	00000009.00000002.1982474500.000000000508D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	508D000
Size:	12288

Details

Name:	00000012.00000002.2098595953.00000000063C4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	63C4000
Size:	8192

Details

Name:	00000012.00000002.2081500546.0000000002BA1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2BA1000
Size:	368640

Details

Name:	0000000F.00000002.1931002074.0000000000410000.00000004.00000020.00020000.00000000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	410000
Size:	32768

Details

Name:	00000009.00000002.1988895174.0000000006E68000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6E68000
Size:	4096

Details

Name:	00000000.00000002.1868938488.00000000055F0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	55F0000
Size:	65536

Details

Name:	00000000.00000002.1870258350.0000000007880000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7880000
Size:	24576

Details

Name:	00000012.00000002.2098595953.00000000063B2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	63B2000
Size:	4096

Details

Name:	0000000B.00000002.1965419107.0000000005301000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5301000
Size:	16384

Details

Name:	00000012.00000002.2087050965.0000000003AE5000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3AE5000
Size:	4096

Details

Name:	00000009.00000002.1975298411.00000000033FB000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	33FB000
Size:	172032

Details

Name:	00000012.00000002.2097935692.00000000062A0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	62A0000
Size:	4096

Details

Name:	00000012.00000002.2096549080.0000000005FFC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5FFC000
Size:	4096

Details

Name:	0000000B.00000002.1957667323.00000000014BF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	14BF000
Size:	4096

Details

Name:	00000012.00000002.2093598194.00000000050B0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	50B0000
Size:	36864

Details

Name:	00000009.00000002.1993766836.00000000077CA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	77CA000
Size:	32768

Details

Name:	0000000B.00000002.1966475167.00000000053A2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	53A2000
Size:	57344

Details

Name:	00000009.00000002.1993766836.0000000007795000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7795000
Size:	16384

Details

Name:	00000009.00000002.1987569883.0000000006A80000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6A80000
Size:	4096

Details

Name:	00000000.00000002.1862109999.0000000001044000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1044000
Size:	8192

Details

Name:	0000000B.00000002.1968717591.000000000753E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	753E000
Size:	8192

Details

Name:	00000009.00000002.1988895174.0000000006E54000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6E54000
Size:	4096

Details

Name:	00000012.00000002.2095760912.00000000052B0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	52B0000
Size:	65536

Details

Name:	00000009.00000002.1988895174.0000000006E50000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6E50000
Size:	12288

Details

Name:	00000009.00000002.1984740157.000000000649F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	649F000
Size:	4096

Details

Name:	0000000B.00000002.1957164467.00000000012ED000.00000040.00000800.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	12ED000
Size:	4096

Details

Name:	00000012.00000002.2096549080.0000000005FF0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5FF0000
Size:	4096

Details

Name:	0000000B.00000002.1966962567.00000000055A0000.00000040.00000020.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap
Protect:	page execute and read and write
Base address:	55A0000
Size:	4096

Details

Name:	00000012.00000002.2081500546.0000000002D0D000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2D0D000
Size:	147456

Details

Name:	0000000B.00000002.1956204293.0000000001167000.00000004.00000020.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1167000
Size:	49152

Details

Name:	00000012.00000002.2078146941.000000000097A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	97A000
Size:	12288

Details

Name:	00000009.00000002.1984376053.000000000592D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	592D000
Size:	12288

Details

Name:	00000000.00000002.1865806824.0000000002D30000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2D30000
Size:	65536

Details

Name:	0000000B.00000002.1956204293.0000000001140000.00000004.00000020.00020000.00000000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1140000
Size:	36864

Details

Name:	00000012.00000002.2087050965.0000000003859000.00000004.00000800.00020000.00000000.sdmp
TargetID:	18
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3859000
Size:	16384

Details

Name:	00000009.00000002.1975298411.0000000003118000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3118000
Size:	40960

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
PZNfhfaj9O.exe

Files

Processes

URLs

Domains

IPs

Registry

Memdumps

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC ReportPZNfhfaj9O.exe

Files

Processes

URLs

Domains

IPs

Registry

Memdumps

IOC Report
PZNfhfaj9O.exe