Automated Malware Analysis IOC Report for

Details

Name:	00000001.00000002.210657283.000000000105B000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	105B000
Size:	45056

Signature Hits	Behavior Group	Mitre Attack
Creates a DirectInput object (often for capturing keystrokes)	Key, Mouse, Clipboard, Microphone and Screen Capturing	Input Capture

Details

Name:	00000002.00000002.205332885.0000000002F0C000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2F0C000
Size:	4096

Details

Name:	00000002.00000002.204944049.0000000000725000.00000004.00000020.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	725000
Size:	151552

Details

Name:	00000000.00000002.213489725.00007FF5B36D7000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B36D7000
Size:	4096

Details

Name:	00000002.00000002.205405556.0000000002FA4000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2FA4000
Size:	40960

Details

Name:	00000000.00000002.213440737.00007FF5B36A6000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B36A6000
Size:	12288

Details

Name:	00000000.00000002.212318475.000002EB91300000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2EB91300000
Size:	4096

Details

Name:	00000002.00000002.205391375.0000000002F96000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2F96000
Size:	8192

Details

Name:	00000002.00000002.205156862.0000000000EEC000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	EEC000
Size:	16384

Details

Name:	00000000.00000002.213388611.00007FF5B3642000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B3642000
Size:	8192

Details

Name:	00000000.00000002.212447285.000002EB91500000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2EB91500000
Size:	4096

Details

Name:	00000002.00000002.205367782.0000000002F45000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2F45000
Size:	16384

Details

Name:	00000002.00000000.203693865.0000000002FB8000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2FB8000
Size:	16384

Details

Name:	00000002.00000002.205205303.0000000002D49000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2D49000
Size:	8192

Details

Name:	00000002.00000002.205309398.0000000002EF4000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2EF4000
Size:	4096

Details

Name:	00000000.00000002.213511504.00007FF5B3739000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B3739000
Size:	20480

Details

Name:	00000002.00000002.205121054.000000000095E000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	95E000
Size:	8192

Details

Name:	00000001.00000002.210518223.0000000000CFD000.00000004.00000010.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	CFD000
Size:	12288

Details

Name:	00000000.00000002.212328699.000002EB91370000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2EB91370000
Size:	16384

Details

Name:	00000000.00000002.212255745.000000F4AC67B000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	F4AC67B000
Size:	20480

Details

Name:	00000002.00000002.205313734.0000000002EF6000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2EF6000
Size:	32768

Details

Name:	00000002.00000002.204908377.00000000006A0000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	6A0000
Size:	4096

Details

Name:	00000000.00000002.213475630.00007FF5B36D0000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B36D0000
Size:	12288

Details

Name:	00000002.00000002.205252870.0000000002EAE000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2EAE000
Size:	8192

Details

Name:	00000001.00000002.210649123.0000000001050000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	1050000
Size:	36864

Details

Name:	00000000.00000002.213297793.00007FF5B322A000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B322A000
Size:	20480

Details

Name:	00000001.00000001.203216209.00000000740D0000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	image loaded
Regiontype:	unkown image
Protect:	page readonly
Base address:	740D0000
Size:	4096

Details

Name:	00000002.00000002.205273876.0000000002ED2000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2ED2000
Size:	4096

Details

Name:	00000002.00000002.205267043.0000000002EBF000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2EBF000
Size:	20480

Details

Name:	00000000.00000002.212335436.000002EB91380000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2EB91380000
Size:	4096

Details

Name:	00000002.00000002.205189656.000000000112E000.00000004.00000010.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	112E000
Size:	8192

Details

Name:	00000002.00000002.205321748.0000000002F02000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2F02000
Size:	8192

Details

Name:	00000002.00000002.205111130.000000000090E000.00000004.00000010.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	90E000
Size:	8192

Details

Name:	00000002.00000002.205167394.0000000000F30000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	F30000
Size:	40960

Details

Name:	00000002.00000002.205180513.00000000010AF000.00000004.00000010.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	10AF000
Size:	4096

Details

Name:	00000000.00000002.212290405.000000F4AC9FE000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	F4AC9FE000
Size:	8192

Details

Name:	00000002.00000002.205175461.000000000106E000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	106E000
Size:	8192

Details

Name:	00000000.00000002.212373687.000002EB91429000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2EB91429000
Size:	73728

Details

Name:	00000001.00000002.210665970.0000000001067000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	1067000
Size:	20480

Details

Name:	00000000.00000002.212467929.000002EB91513000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2EB91513000
Size:	8192

Details

Name:	00000002.00000002.205193169.0000000001140000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1140000
Size:	12288

Details

Name:	00000000.00000002.212283304.000000F4AC97B000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	F4AC97B000
Size:	20480

Details

Name:	00000002.00000002.205152742.0000000000DE0000.00000004.00000040.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	DE0000
Size:	4096

Details

Name:	00000002.00000002.205239510.0000000002DEA000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2DEA000
Size:	4096

Details

Name:	00000000.00000002.212423590.000002EB91470000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2EB91470000
Size:	61440

Details

Name:	00000000.00000002.213329467.00007FF5B34BF000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B34BF000
Size:	16384

Details

Name:	00000001.00000002.210484853.000000000090D000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	90D000
Size:	12288

Details

Name:	00000002.00000002.205354985.0000000002F30000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2F30000
Size:	8192

Details

Name:	00000000.00000002.213075288.000002EB92140000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2EB92140000
Size:	1269760

Details

Name:	00000000.00000003.212170277.000002EB91450000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2EB91450000
Size:	126976

Details

Name:	00000001.00000002.210672190.000000000124F000.00000004.00000010.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	124F000
Size:	4096

Details

Name:	00000000.00000002.213307769.00007FF5B3230000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B3230000
Size:	36864

Details

Name:	00000002.00000002.205422492.0000000002FB8000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2FB8000
Size:	16384

Details

Name:	00000002.00000002.204973249.0000000000751000.00000004.00000020.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	751000
Size:	69632

Details

Name:	00000000.00000002.213495175.00007FF5B372E000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B372E000
Size:	4096

Details

Name:	00000000.00000002.212404818.000002EB91455000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2EB91455000
Size:	106496

Details

Name:	00000000.00000002.213360739.00007FF5B3571000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B3571000
Size:	20480

Details

Name:	00000002.00000002.204913245.00000000006EE000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6EE000
Size:	8192

Details

Name:	00000002.00000002.205282415.0000000002EDD000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2EDD000
Size:	12288

Details

Name:	00000002.00000002.205209921.0000000002D53000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2D53000
Size:	4096

Details

Name:	00000002.00000002.205257557.0000000002EB1000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2EB1000
Size:	16384

Details

Name:	00000000.00000002.213407279.00007FF5B365A000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B365A000
Size:	49152

Details

Name:	00000000.00000002.212461044.000002EB91508000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2EB91508000
Size:	12288

Details

Name:	00000002.00000002.204886252.0000000000680000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	680000
Size:	16384

Details

Name:	00000000.00000002.212435648.000002EB9148A000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2EB9148A000
Size:	24576

Details

Name:	00000002.00000002.205336304.0000000002F10000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2F10000
Size:	4096

Details

Name:	00000002.00000002.204900909.0000000000695000.00000004.00000020.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	695000
Size:	16384

Details

Name:	00000000.00000002.212269343.000000F4AC77E000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	F4AC77E000
Size:	8192

Details

Name:	00000002.00000002.204841576.00000000005A6000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5A6000
Size:	4096

Details

Name:	00000001.00000002.210499353.00000000009CE000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	9CE000
Size:	8192

Details

Name:	00000002.00000002.204894041.0000000000690000.00000004.00000020.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	690000
Size:	16384

Details

Name:	00000000.00000002.212452887.000002EB91502000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2EB91502000
Size:	16384

Details

Name:	00000000.00000002.213324834.00007FF5B345A000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B345A000
Size:	4096

Details

Name:	00000000.00000002.212274346.000000F4AC875000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	F4AC875000
Size:	45056

Details

Name:	00000000.00000002.212589039.000002EB916D0000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2EB916D0000
Size:	4096

Details

Name:	00000000.00000002.212344993.000002EB91400000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2EB91400000
Size:	73728

Details

Name:	00000000.00000002.213436178.00007FF5B369D000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B369D000
Size:	12288

Details

Name:	00000002.00000002.205339993.0000000002F12000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2F12000
Size:	12288

Details

Name:	00000000.00000002.213373178.00007FF5B35AC000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B35AC000
Size:	12288

Details

Name:	00000002.00000002.205199872.0000000002D42000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2D42000
Size:	20480

Details

Name:	00000002.00000002.204817647.00000000003BB000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3BB000
Size:	20480

Details

Name:	00000002.00000002.204993782.0000000000800000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	800000
Size:	806912

Details

Name:	00000002.00000002.205299058.0000000002EEB000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2EEB000
Size:	12288

Details

Name:	00000000.00000002.212296628.000000F4ACAF7000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	F4ACAF7000
Size:	36864

Details

Name:	00000002.00000002.204984996.0000000000763000.00000004.00000020.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	763000
Size:	8192

Details

Name:	00000002.00000002.205162203.0000000000F2B000.00000004.00000010.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	F2B000
Size:	20480

Details

Name:	00000002.00000002.204847163.00000000005A9000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5A9000
Size:	4096

Details

Name:	00000002.00000002.205134908.00000000009E0000.00000004.00000040.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	9E0000
Size:	20480

Details

Name:	00000001.00000002.210506113.0000000000A2F000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	A2F000
Size:	8192

Details

Name:	00000000.00000002.213396562.00007FF5B3648000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B3648000
Size:	65536

Details

Name:	00000002.00000002.205213488.0000000002D6C000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2D6C000
Size:	4096

Details

Name:	00000002.00000002.204832094.0000000000599000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	599000
Size:	8192

Details

Name:	00000002.00000002.205287081.0000000002EE1000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2EE1000
Size:	16384

Details

Name:	00000000.00000002.212312532.000000F4ACCFE000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	F4ACCFE000
Size:	8192

Details

Name:	00000000.00000002.213340836.00007FF5B350A000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B350A000
Size:	4096

Details

Name:	00000001.00000002.210633153.0000000000E0E000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	E0E000
Size:	8192

Details

Name:	00000002.00000002.205360257.0000000002F35000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2F35000
Size:	24576

Details

Name:	00000000.00000002.213378719.00007FF5B3630000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B3630000
Size:	4096

Details

Name:	00000000.00000002.213319280.00007FF5B3240000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B3240000
Size:	4096

Details

Name:	00000000.00000002.212600929.000002EB91E00000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2EB91E00000
Size:	3371008

Details

Name:	00000000.00000002.213458453.00007FF5B36BC000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B36BC000
Size:	12288

Details

Name:	00000001.00000002.210675985.0000000001420000.00000004.00000040.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	1420000
Size:	8192

Details

Name:	00000002.00000002.204855784.00000000005AC000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5AC000
Size:	4096

Details

Name:	00000002.00000002.204917699.0000000000700000.00000004.00000020.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	700000
Size:	32768

Details

Name:	00000001.00000002.210492995.0000000000970000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	970000
Size:	4096

Details

Name:	00000002.00000002.205248195.0000000002EA4000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2EA4000
Size:	4096

Details

Name:	00000000.00000002.213444520.00007FF5B36AC000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B36AC000
Size:	12288

Details

Name:	00000000.00000002.213383089.00007FF5B3632000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B3632000
Size:	4096

Details

Name:	00000000.00000002.213466049.00007FF5B36C5000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B36C5000
Size:	24576

Details

Name:	00000000.00000002.212595446.000002EB91C02000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2EB91C02000
Size:	4096

Details

Name:	00000001.00000001.203211718.00000000740D0000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	image loaded
Regiontype:	unkown image
Protect:	page readonly
Base address:	740D0000
Size:	4096

Details

Name:	00000000.00000002.212340468.000002EB91390000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2EB91390000
Size:	4096

Details

Name:	00000002.00000002.205148461.0000000000D80000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	D80000
Size:	4096

Details

Name:	00000000.00000000.201063659.00007FF5B3739000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B3739000
Size:	20480

Details

Name:	00000002.00000002.205131172.00000000009A0000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	9A0000
Size:	4096

Details

Name:	00000002.00000002.205304322.0000000002EF0000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2EF0000
Size:	12288

Details

Name:	00000002.00000002.205184990.00000000010EE000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	10EE000
Size:	8192

Details

Name:	00000002.00000002.205374016.0000000002F4A000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2F4A000
Size:	49152

Details

Name:	00000002.00000002.205227396.0000000002DD5000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2DD5000
Size:	28672

Details

Name:	00000000.00000002.213345361.00007FF5B3528000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B3528000
Size:	8192

Details

Name:	00000000.00000002.213450000.00007FF5B36B6000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B36B6000
Size:	20480

Details

Name:	00000001.00000002.210638393.0000000000E70000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	E70000
Size:	20480

Details

Name:	00000000.00000002.213423012.00007FF5B3675000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B3675000
Size:	16384

Details

Name:	00000000.00000002.213501032.00007FF5B3731000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B3731000
Size:	28672

Details

Name:	00000002.00000002.205116221.0000000000910000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	910000
Size:	4096

Details

Name:	00000000.00000002.212263464.000000F4AC6FD000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	F4AC6FD000
Size:	12288

Details

Name:	00000000.00000002.213356238.00007FF5B354D000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B354D000
Size:	8192

Details

Name:	00000000.00000002.213483420.00007FF5B36D4000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B36D4000
Size:	8192

Details

Name:	00000002.00000002.204988592.0000000000766000.00000004.00000020.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	766000
Size:	16384

Details

Name:	00000002.00000002.204926322.000000000070A000.00000004.00000020.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	70A000
Size:	102400

Details

Name:	00000001.00000002.210524433.0000000000D00000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	D00000
Size:	806912

Details

Name:	00000000.00000002.213429074.00007FF5B367F000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B367F000
Size:	16384

Details

Name:	00000000.00000002.212473939.000002EB91600000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2EB91600000
Size:	806912

Details

Name:	00000002.00000001.203951062.00000000740D0000.00000002.00020000.sdmp
TargetID:	2
Dumpstage:	image loaded
Regiontype:	unkown image
Protect:	page readonly
Base address:	740D0000
Size:	4096

Details

Name:	00000002.00000002.204837030.000000000059D000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	59D000
Size:	4096

Details

Name:	00000000.00000002.212306539.000000F4ACBFF000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	F4ACBFF000
Size:	4096

Details

Name:	00000002.00000002.205217619.0000000002D72000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2D72000
Size:	12288

Details

Name:	00000000.00000002.212323617.000002EB91360000.00000004.00000020.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	2EB91360000
Size:	8192

Details

Name:	00000002.00000002.205126832.000000000099E000.00000004.00000010.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	99E000
Size:	8192

Details

Name:	00000000.00000002.212387822.000002EB9143C000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2EB9143C000
Size:	57344

Details

Name:	00000000.00000002.212399253.000002EB9144E000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2EB9144E000
Size:	8192

Details

Name:	00000002.00000002.205234720.0000000002DE5000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2DE5000
Size:	8192

Details

Name:	00000000.00000002.213366514.00007FF5B3577000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B3577000
Size:	20480

Details

Name:	00000002.00000002.205292951.0000000002EE6000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2EE6000
Size:	16384

Details

Name:	00000002.00000002.204824420.00000000003F9000.00000004.00000010.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3F9000
Size:	28672

Details

Name:	00000002.00000002.204967038.000000000074B000.00000004.00000020.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	74B000
Size:	20480

Details

Name:	00000002.00000002.205430660.00000000045D0000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	45D0000
Size:	3371008

Details

Name:	00000002.00000002.205140545.00000000009F0000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	9F0000
Size:	36864

Details

Name:	00000002.00000002.204861931.0000000000660000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	660000
Size:	4096

Details

Name:	00000002.00000002.205243890.0000000002EA0000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2EA0000
Size:	4096

Details

Name:	00000001.00000002.210644755.0000000000F7F000.00000004.00000010.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	F7F000
Size:	4096

Details

Name:	00000002.00000002.205263256.0000000002EB8000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2EB8000
Size:	4096

Details

Name:	00000002.00000002.205346766.0000000002F23000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2F23000
Size:	28672

Details

Name:	00000000.00000002.213432869.00007FF5B3689000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B3689000
Size:	8192

Details

Name:	00000001.00000002.210512354.0000000000A33000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	A33000
Size:	4096

Details

Name:	00000002.00000002.205222161.0000000002DC8000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2DC8000
Size:	12288

Details

Name:	00000000.00000003.212191744.000002EB9144A000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2EB9144A000
Size:	24576

Details

Name:	00000000.00000002.213418342.00007FF5B366E000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B366E000
Size:	12288

Details

Name:	00000002.00000002.205326724.0000000002F07000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2F07000
Size:	16384

Details

Name:	00000000.00000002.213335313.00007FF5B34FE000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B34FE000
Size:	8192

Details

Name:	00000000.00000002.212359661.000002EB91413000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2EB91413000
Size:	86016

Details

Name:	00000002.00000002.205415049.0000000002FB0000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2FB0000
Size:	16384

Details

Name:	00000000.00000002.213393035.00007FF5B3646000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B3646000
Size:	4096

Details

Name:	00000002.00000002.205277817.0000000002EDA000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2EDA000
Size:	8192

Details

Name:	00000002.00000002.205396661.0000000002F9B000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2F9B000
Size:	32768

Details

Name:	00000002.00000002.205385773.0000000002F90000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2F90000
Size:	12288

Details

Name:	00000000.00000002.213352213.00007FF5B3543000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B3543000
Size:	4096

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOCReport

Processes

URLs

IPs

Memdumps