Automated Malware Analysis IOC Report for

Details

Name:	6218.1.00007f8b2c556000.00007f8b2c558000.rw-.sdmp
TargetID:	12
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2c558000
Size:	8192

Details

Name:	6372.1.00007f8b2c2c7000.00007f8b2c2c9000.rw-.sdmp
TargetID:	19
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2c2c9000
Size:	8192

Details

Name:	6218.1.0000561f0c7b2000.0000561f0c7c8000.rw-.sdmp
TargetID:	12
Dumpstage:	process exit
Protect:	page read and write
Base address:	561f0c7c8000
Size:	90112

Details

Name:	6372.1.00007f8b2bab9000.00007f8b2c2bb000.rw-.sdmp
TargetID:	19
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2c2bb000
Size:	8396800

Details

Name:	6372.1.00007f8b2c939000.00007f8b2c93f000.rw-.sdmp
TargetID:	19
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2c93f000
Size:	24576

Details

Name:	6370.1.00007ffe101e0000.00007ffe10201000.rw-.sdmp
TargetID:	18
Dumpstage:	process exit
Protect:	page read and write
Base address:	7ffe10201000
Size:	135168

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	6372.1.00007f8b2cdb9000.00007f8b2cdbb000.rw-.sdmp
TargetID:	19
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2cdbb000
Size:	8192

Details

Name:	6336.1.00007f8aa4400000.00007f8aa440e000.r-x.sdmp
TargetID:	16
Dumpstage:	process exit
Protect:	page execute read
Base address:	7f8aa440e000
Size:	57344

Details

Name:	6372.1.0000561f0a7a1000.0000561f0a7ab000.rw-.sdmp
TargetID:	19
Dumpstage:	process exit
Protect:	page read and write
Base address:	561f0a7ab000
Size:	40960

Details

Name:	6338.1.00007f8b2cdff000.00007f8b2ce00000.rw-.sdmp
TargetID:	17
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2ce00000
Size:	4096

Details

Name:	6336.1.00007f8b2cdff000.00007f8b2ce00000.rw-.sdmp
TargetID:	16
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2ce00000
Size:	4096

Details

Name:	6336.1.00007f8b2c556000.00007f8b2c558000.rw-.sdmp
TargetID:	16
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2c558000
Size:	8192

Details

Name:	6372.1.0000561f0a44d000.0000561f0a595000.r-x.sdmp
TargetID:	19
Dumpstage:	process exit
Protect:	page execute read
Base address:	561f0a595000
Size:	1343488

Details

Name:	6338.1.00007f8aa441e000.00007f8aa4425000.rw-.sdmp
TargetID:	17
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8aa4425000
Size:	28672

Details

Name:	6372.1.0000561f0a7b3000.0000561f0c7b1000.rwx.sdmp
TargetID:	19
Dumpstage:	process exit
Protect:	page execute and read and write
Base address:	561f0c7b1000
Size:	33546240

Details

Name:	6372.1.00007f8b2c916000.00007f8b2c91a000.rw-.sdmp
TargetID:	19
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2c91a000
Size:	16384

Details

Name:	6370.1.00007f8b2cc88000.00007f8b2cc8a000.rw-.sdmp
TargetID:	18
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2cc8a000
Size:	8192

Details

Name:	6336.1.00007f8b2cdb9000.00007f8b2cdbb000.rw-.sdmp
TargetID:	16
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2cdbb000
Size:	8192

Details

Name:	6370.1.00007f8b2c916000.00007f8b2c91a000.rw-.sdmp
TargetID:	18
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2c91a000
Size:	16384

Details

Name:	6218.1.00007f8b2c2c7000.00007f8b2c2c9000.rw-.sdmp
TargetID:	12
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2c2c9000
Size:	8192

Details

Name:	6370.1.00007f8b23800000.00007f8b24000000.rw-.sdmp
TargetID:	18
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b24000000
Size:	8388608

Details

Name:	6336.1.00007f8b24000000.00007f8b24021000.rw-.sdmp
TargetID:	16
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b24021000
Size:	135168

Details

Name:	6370.1.0000561f0e047000.0000561f0e067000.rw-.sdmp
TargetID:	18
Dumpstage:	process exit
Protect:	page read and write
Base address:	561f0e067000
Size:	131072

Details

Name:	6372.1.00007ffe1034b000.00007ffe1034c000.r-x.sdmp
TargetID:	19
Dumpstage:	process exit
Protect:	page execute read
Base address:	7ffe1034c000
Size:	4096

Details

Name:	6372.1.0000561f0e047000.0000561f0e067000.rw-.sdmp
TargetID:	19
Dumpstage:	process exit
Protect:	page read and write
Base address:	561f0e067000
Size:	131072

Details

Name:	6372.1.0000561f0a7ab000.0000561f0a7b3000.rw-.sdmp
TargetID:	19
Dumpstage:	process exit
Protect:	page read and write
Base address:	561f0a7b3000
Size:	32768

Details

Name:	6218.1.00007f8b2cc88000.00007f8b2cc8a000.rw-.sdmp
TargetID:	12
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2cc8a000
Size:	8192

Details

Name:	6336.1.0000561f0e047000.0000561f0e067000.rw-.sdmp
TargetID:	16
Dumpstage:	process exit
Protect:	page read and write
Base address:	561f0e067000
Size:	131072

Details

Name:	6336.1.00007f8b2cdb2000.00007f8b2cdb3000.rw-.sdmp
TargetID:	16
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2cdb3000
Size:	4096

Details

Name:	6218.1.00007f8b24000000.00007f8b24021000.rw-.sdmp
TargetID:	12
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b24021000
Size:	135168

Details

Name:	6338.1.00007f8b2c916000.00007f8b2c91a000.rw-.sdmp
TargetID:	17
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2c91a000
Size:	16384

Details

Name:	6336.1.00007f8aa441e000.00007f8aa4425000.rw-.sdmp
TargetID:	16
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8aa4425000
Size:	28672

Details

Name:	6370.1.00007f8aa4400000.00007f8aa440e000.r-x.sdmp
TargetID:	18
Dumpstage:	process exit
Protect:	page execute read
Base address:	7f8aa440e000
Size:	57344

Details

Name:	6218.1.0000561f0a7ab000.0000561f0a7b3000.rw-.sdmp
TargetID:	12
Dumpstage:	process exit
Protect:	page read and write
Base address:	561f0a7b3000
Size:	32768

Details

Name:	6370.1.00007f8aa441e000.00007f8aa4425000.rw-.sdmp
TargetID:	18
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8aa4425000
Size:	28672

Details

Name:	6338.1.0000561f0dfe4000.0000561f0e047000.rw-.sdmp
TargetID:	17
Dumpstage:	process exit
Protect:	page read and write
Base address:	561f0e047000
Size:	405504

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	6338.1.00007f8aa4400000.00007f8aa440e000.r-x.sdmp
TargetID:	17
Dumpstage:	process exit
Protect:	page execute read
Base address:	7f8aa440e000
Size:	57344

Details

Name:	6218.1.0000561f0dfe4000.0000561f0e047000.rw-.sdmp
TargetID:	12
Dumpstage:	process exit
Protect:	page read and write
Base address:	561f0e047000
Size:	405504

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	6336.1.0000561f0a7b3000.0000561f0c7b1000.rwx.sdmp
TargetID:	16
Dumpstage:	process exit
Protect:	page execute and read and write
Base address:	561f0c7b1000
Size:	33546240

Details

Name:	6336.1.00007f8b2c2c7000.00007f8b2c2c9000.rw-.sdmp
TargetID:	16
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2c2c9000
Size:	8192

Details

Name:	6338.1.0000561f0e047000.0000561f0e067000.rw-.sdmp
TargetID:	17
Dumpstage:	process exit
Protect:	page read and write
Base address:	561f0e067000
Size:	131072

Details

Name:	6218.1.0000561f0a7a1000.0000561f0a7ab000.rw-.sdmp
TargetID:	12
Dumpstage:	process exit
Protect:	page read and write
Base address:	561f0a7ab000
Size:	40960

Details

Name:	6338.1.0000561f0a7b3000.0000561f0c7b1000.rwx.sdmp
TargetID:	17
Dumpstage:	process exit
Protect:	page execute and read and write
Base address:	561f0c7b1000
Size:	33546240

Details

Name:	6338.1.00007f8b2c556000.00007f8b2c558000.rw-.sdmp
TargetID:	17
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2c558000
Size:	8192

Details

Name:	6370.1.0000561f0a7b3000.0000561f0c7b1000.rwx.sdmp
TargetID:	18
Dumpstage:	process exit
Protect:	page execute and read and write
Base address:	561f0c7b1000
Size:	33546240

Details

Name:	6218.1.00007f8b2c916000.00007f8b2c91a000.rw-.sdmp
TargetID:	12
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2c91a000
Size:	16384

Details

Name:	6370.1.0000561f0dfe4000.0000561f0e047000.rw-.sdmp
TargetID:	18
Dumpstage:	process exit
Protect:	page read and write
Base address:	561f0e047000
Size:	405504

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	6372.1.00007f8b2cdff000.00007f8b2ce00000.rw-.sdmp
TargetID:	19
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2ce00000
Size:	4096

Details

Name:	6370.1.00007f8b2c556000.00007f8b2c558000.rw-.sdmp
TargetID:	18
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2c558000
Size:	8192

Details

Name:	6370.1.00007f8b2cdb2000.00007f8b2cdb3000.rw-.sdmp
TargetID:	18
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2cdb3000
Size:	4096

Details

Name:	6370.1.00007ffe1034b000.00007ffe1034c000.r-x.sdmp
TargetID:	18
Dumpstage:	process exit
Protect:	page execute read
Base address:	7ffe1034c000
Size:	4096

Details

Name:	6370.1.0000561f0a7a1000.0000561f0a7ab000.rw-.sdmp
TargetID:	18
Dumpstage:	process exit
Protect:	page read and write
Base address:	561f0a7ab000
Size:	40960

Details

Name:	6338.1.00007f8b24000000.00007f8b24021000.rw-.sdmp
TargetID:	17
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b24021000
Size:	135168

Details

Name:	6218.1.00007f8aa4400000.00007f8aa440e000.r-x.sdmp
TargetID:	12
Dumpstage:	process exit
Protect:	page execute read
Base address:	7f8aa440e000
Size:	57344

Details

Name:	6338.1.00007f8b2c2c7000.00007f8b2c2c9000.rw-.sdmp
TargetID:	17
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2c2c9000
Size:	8192

Details

Name:	6336.1.00007ffe101e0000.00007ffe10201000.rw-.sdmp
TargetID:	16
Dumpstage:	process exit
Protect:	page read and write
Base address:	7ffe10201000
Size:	135168

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	6218.1.00007f8b2ba37000.00007f8b2bab8000.rw-.sdmp
TargetID:	12
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2bab8000
Size:	528384

Details

Name:	6372.1.0000561f0c7b2000.0000561f0c7c8000.rw-.sdmp
TargetID:	19
Dumpstage:	process exit
Protect:	page read and write
Base address:	561f0c7c8000
Size:	90112

Details

Name:	6370.1.00007f8aa441d000.00007f8aa441e000.rw-.sdmp
TargetID:	18
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8aa441e000
Size:	4096

Details

Name:	6338.1.00007f8b2bab9000.00007f8b2c2bb000.rw-.sdmp
TargetID:	17
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2c2bb000
Size:	8396800

Details

Name:	6218.1.0000561f0a7b3000.0000561f0c7b1000.rwx.sdmp
TargetID:	12
Dumpstage:	process exit
Protect:	page execute and read and write
Base address:	561f0c7b1000
Size:	33546240

Details

Name:	6336.1.0000561f0a7ab000.0000561f0a7b3000.rw-.sdmp
TargetID:	16
Dumpstage:	process exit
Protect:	page read and write
Base address:	561f0a7b3000
Size:	32768

Details

Name:	6372.1.0000561f0dfe4000.0000561f0e047000.rw-.sdmp
TargetID:	19
Dumpstage:	process exit
Protect:	page read and write
Base address:	561f0e047000
Size:	405504

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	6372.1.00007f8b2cc88000.00007f8b2cc8a000.rw-.sdmp
TargetID:	19
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2cc8a000
Size:	8192

Details

Name:	6372.1.00007ffe101e0000.00007ffe10201000.rw-.sdmp
TargetID:	19
Dumpstage:	process exit
Protect:	page read and write
Base address:	7ffe10201000
Size:	135168

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	6370.1.0000561f0c7b2000.0000561f0c7c8000.rw-.sdmp
TargetID:	18
Dumpstage:	process exit
Protect:	page read and write
Base address:	561f0c7c8000
Size:	90112

Details

Name:	6338.1.0000561f0a7ab000.0000561f0a7b3000.rw-.sdmp
TargetID:	17
Dumpstage:	process exit
Protect:	page read and write
Base address:	561f0a7b3000
Size:	32768

Details

Name:	6338.1.00007ffe101e0000.00007ffe10201000.rw-.sdmp
TargetID:	17
Dumpstage:	process exit
Protect:	page read and write
Base address:	7ffe10201000
Size:	135168

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	6370.1.00007f8b2cdb9000.00007f8b2cdbb000.rw-.sdmp
TargetID:	18
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2cdbb000
Size:	8192

Details

Name:	6218.1.00007f8b2cdff000.00007f8b2ce00000.rw-.sdmp
TargetID:	12
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2ce00000
Size:	4096

Details

Name:	6218.1.00007f8b2cdb2000.00007f8b2cdb3000.rw-.sdmp
TargetID:	12
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2cdb3000
Size:	4096

Details

Name:	6218.1.00007f8b23800000.00007f8b24000000.rw-.sdmp
TargetID:	12
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b24000000
Size:	8388608

Details

Name:	6338.1.00007f8b2c939000.00007f8b2c93f000.rw-.sdmp
TargetID:	17
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2c93f000
Size:	24576

Details

Name:	6338.1.0000561f0a7a1000.0000561f0a7ab000.rw-.sdmp
TargetID:	17
Dumpstage:	process exit
Protect:	page read and write
Base address:	561f0a7ab000
Size:	40960

Details

Name:	6218.1.00007ffe1034b000.00007ffe1034c000.r-x.sdmp
TargetID:	12
Dumpstage:	process exit
Protect:	page execute read
Base address:	7ffe1034c000
Size:	4096

Details

Name:	6336.1.00007f8b2cc88000.00007f8b2cc8a000.rw-.sdmp
TargetID:	16
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2cc8a000
Size:	8192

Details

Name:	6370.1.00007f8b24000000.00007f8b24021000.rw-.sdmp
TargetID:	18
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b24021000
Size:	135168

Details

Name:	6336.1.0000561f0c7b2000.0000561f0c7c8000.rw-.sdmp
TargetID:	16
Dumpstage:	process exit
Protect:	page read and write
Base address:	561f0c7c8000
Size:	90112

Details

Name:	6338.1.00007f8b2cdb2000.00007f8b2cdb3000.rw-.sdmp
TargetID:	17
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2cdb3000
Size:	4096

Details

Name:	6370.1.0000561f0a44d000.0000561f0a595000.r-x.sdmp
TargetID:	18
Dumpstage:	process exit
Protect:	page execute read
Base address:	561f0a595000
Size:	1343488

Details

Name:	6372.1.00007f8b2ba37000.00007f8b2bab8000.rw-.sdmp
TargetID:	19
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2bab8000
Size:	528384

Details

Name:	6370.1.00007f8b2bab9000.00007f8b2c2bb000.rw-.sdmp
TargetID:	18
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2c2bb000
Size:	8396800

Details

Name:	6218.1.0000561f0a44d000.0000561f0a595000.r-x.sdmp
TargetID:	12
Dumpstage:	process exit
Protect:	page execute read
Base address:	561f0a595000
Size:	1343488

Details

Name:	6336.1.00007f8aa441d000.00007f8aa441e000.rw-.sdmp
TargetID:	16
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8aa441e000
Size:	4096

Details

Name:	6336.1.00007ffe1034b000.00007ffe1034c000.r-x.sdmp
TargetID:	16
Dumpstage:	process exit
Protect:	page execute read
Base address:	7ffe1034c000
Size:	4096

Details

Name:	6370.1.00007f8b2c939000.00007f8b2c93f000.rw-.sdmp
TargetID:	18
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2c93f000
Size:	24576

Details

Name:	6338.1.00007f8b2ba37000.00007f8b2bab8000.rw-.sdmp
TargetID:	17
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2bab8000
Size:	528384

Details

Name:	6336.1.00007f8b2c939000.00007f8b2c93f000.rw-.sdmp
TargetID:	16
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2c93f000
Size:	24576

Details

Name:	6336.1.00007f8aa4425000.00007f8aa4428000.rw-.sdmp
TargetID:	16
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8aa4428000
Size:	12288

Details

Name:	6372.1.00007f8b23800000.00007f8b24000000.rw-.sdmp
TargetID:	19
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b24000000
Size:	8388608

Details

Name:	6370.1.00007f8aa4425000.00007f8aa44cf000.rw-.sdmp
TargetID:	18
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8aa44cf000
Size:	696320

Details

Name:	6372.1.00007f8b2c556000.00007f8b2c558000.rw-.sdmp
TargetID:	19
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2c558000
Size:	8192

Details

Name:	6218.1.00007f8b2bab9000.00007f8b2c2bb000.rw-.sdmp
TargetID:	12
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2c2bb000
Size:	8396800

Details

Name:	6336.1.00007f8b2c916000.00007f8b2c91a000.rw-.sdmp
TargetID:	16
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2c91a000
Size:	16384

Details

Name:	6336.1.00007f8b2ba37000.00007f8b2bab8000.rw-.sdmp
TargetID:	16
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2bab8000
Size:	528384

Details

Name:	6338.1.0000561f0c7b2000.0000561f0c7c8000.rw-.sdmp
TargetID:	17
Dumpstage:	process exit
Protect:	page read and write
Base address:	561f0c7c8000
Size:	90112

Details

Name:	6338.1.0000561f0a44d000.0000561f0a595000.r-x.sdmp
TargetID:	17
Dumpstage:	process exit
Protect:	page execute read
Base address:	561f0a595000
Size:	1343488

Details

Name:	6338.1.00007f8b23800000.00007f8b24000000.rw-.sdmp
TargetID:	17
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b24000000
Size:	8388608

Details

Name:	6372.1.00007f8b2cdb2000.00007f8b2cdb3000.rw-.sdmp
TargetID:	19
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2cdb3000
Size:	4096

Details

Name:	6336.1.00007f8b23800000.00007f8b24000000.rw-.sdmp
TargetID:	16
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b24000000
Size:	8388608

Details

Name:	6218.1.00007f8b2c939000.00007f8b2c93f000.rw-.sdmp
TargetID:	12
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2c93f000
Size:	24576

Details

Name:	6370.1.0000561f0a7ab000.0000561f0a7b3000.rw-.sdmp
TargetID:	18
Dumpstage:	process exit
Protect:	page read and write
Base address:	561f0a7b3000
Size:	32768

Details

Name:	6218.1.00007f8aa441d000.00007f8aa441e000.rw-.sdmp
TargetID:	12
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8aa441e000
Size:	4096

Details

Name:	6218.1.00007f8b2cdb9000.00007f8b2cdbb000.rw-.sdmp
TargetID:	12
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2cdbb000
Size:	8192

Details

Name:	6338.1.00007ffe1034b000.00007ffe1034c000.r-x.sdmp
TargetID:	17
Dumpstage:	process exit
Protect:	page execute read
Base address:	7ffe1034c000
Size:	4096

Details

Name:	6336.1.0000561f0dfe4000.0000561f0e047000.rw-.sdmp
TargetID:	16
Dumpstage:	process exit
Protect:	page read and write
Base address:	561f0e047000
Size:	405504

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	6336.1.00007f8b2bab9000.00007f8b2c2bb000.rw-.sdmp
TargetID:	16
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2c2bb000
Size:	8396800

Details

Name:	6338.1.00007f8b2cdb9000.00007f8b2cdbb000.rw-.sdmp
TargetID:	17
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2cdbb000
Size:	8192

Details

Name:	6218.1.00007f8aa441e000.00007f8aa4425000.rw-.sdmp
TargetID:	12
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8aa4425000
Size:	28672

Details

Name:	6370.1.00007f8b2ba37000.00007f8b2bab8000.rw-.sdmp
TargetID:	18
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2bab8000
Size:	528384

Details

Name:	6218.1.00007ffe101e0000.00007ffe10201000.rw-.sdmp
TargetID:	12
Dumpstage:	process exit
Protect:	page read and write
Base address:	7ffe10201000
Size:	135168

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	6336.1.0000561f0a44d000.0000561f0a595000.r-x.sdmp
TargetID:	16
Dumpstage:	process exit
Protect:	page execute read
Base address:	561f0a595000
Size:	1343488

Details

Name:	6338.1.00007f8b2cc88000.00007f8b2cc8a000.rw-.sdmp
TargetID:	17
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2cc8a000
Size:	8192

Details

Name:	6372.1.00007f8aa441d000.00007f8aa441e000.rw-.sdmp
TargetID:	19
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8aa441e000
Size:	4096

Details

Name:	6338.1.00007f8aa441d000.00007f8aa441e000.rw-.sdmp
TargetID:	17
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8aa441e000
Size:	4096

Details

Name:	6370.1.00007f8b2c2c7000.00007f8b2c2c9000.rw-.sdmp
TargetID:	18
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2c2c9000
Size:	8192

Details

Name:	6336.1.0000561f0a7a1000.0000561f0a7ab000.rw-.sdmp
TargetID:	16
Dumpstage:	process exit
Protect:	page read and write
Base address:	561f0a7ab000
Size:	40960

Details

Name:	6370.1.00007f8b2cdff000.00007f8b2ce00000.rw-.sdmp
TargetID:	18
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b2ce00000
Size:	4096

Details

Name:	6372.1.00007f8b24000000.00007f8b24021000.rw-.sdmp
TargetID:	19
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8b24021000
Size:	135168

Details

Name:	6372.1.00007f8aa441e000.00007f8aa4425000.rw-.sdmp
TargetID:	19
Dumpstage:	process exit
Protect:	page read and write
Base address:	7f8aa4425000
Size:	28672

Details

Name:	6372.1.00007f8aa4400000.00007f8aa440e000.r-x.sdmp
TargetID:	19
Dumpstage:	process exit
Protect:	page execute read
Base address:	7f8aa440e000
Size:	57344

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
sh4.elf

Processes

Memdumps

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Reportsh4.elf

Processes

Memdumps

IOC Report
sh4.elf