Automated Malware Analysis IOC Report for

Details

Name:	00000000.00000002.667200650.0000000002EC1000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2EC1000
Size:	4382720

Signature Hits	Behavior Group	Mitre Attack
Yara detected AntiVM_3	Malware Analysis System Evasion,
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)	Malware Analysis System Evasion,	Security Software Discovery
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion,	Security Software Discovery
Urls found in memory or binary data	Networking,

Details

Name:	00000000.00000002.667795575.0000000012ED1000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	12ED1000
Size:	3170304

Signature Hits	Behavior Group	Mitre Attack
Yara detected AgentTesla	Stealing of Sensitive Information, Remote Access Functionality
Sample file is different than original file name gathered from version info	System Summary,
Urls found in memory or binary data	Networking,

Details

Name:	00000001.00000002.670523737.0000003C254FF000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3C254FF000
Size:	4096

Details

Name:	00000000.00000002.669803410.00007FFA35920000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7FFA35920000
Size:	4096

Details

Name:	00000000.00000003.661721468.000000001B840000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B840000
Size:	8192

Details

Name:	00000000.00000002.667071435.0000000002DF0000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2DF0000
Size:	733184

Details

Name:	00000000.00000002.669510440.000000001BCA0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1BCA0000
Size:	425984

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary,

Details

Name:	00000000.00000002.667019857.00000000014D0000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	14D0000
Size:	12288

Details

Name:	00000001.00000002.672326121.00007FF542525000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF542525000
Size:	12288

Details

Name:	00000000.00000000.658300699.0000000000C10000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	C10000
Size:	4096

Details

Name:	00000000.00000003.660873982.000000001B850000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B850000
Size:	65536

Details

Name:	00000000.00000002.667009541.0000000001470000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1470000
Size:	8192

Details

Name:	00000000.00000003.661765233.000000001B850000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B850000
Size:	65536

Details

Name:	00000000.00000002.666598494.0000000000C10000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	C10000
Size:	4096

Details

Name:	00000000.00000002.666872489.00000000011FE000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	11FE000
Size:	8192

Details

Name:	00000000.00000002.669297576.000000001B890000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	1B890000
Size:	8192

Details

Name:	00000000.00000003.661550765.000000001BE90000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BE90000
Size:	65536

Details

Name:	00000000.00000003.660781685.000000001B840000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B840000
Size:	57344

Details

Name:	00000000.00000003.661172547.000000001B880000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B880000
Size:	65536

Details

Name:	00000001.00000002.672104828.00007FF5420E6000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5420E6000
Size:	32768

Details

Name:	00000001.00000002.672115585.00007FF5420F5000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5420F5000
Size:	4096

Details

Name:	00000000.00000003.660001715.00000000012D7000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	12D7000
Size:	20480

Details

Name:	00000001.00000002.672294058.00007FF54251A000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF54251A000
Size:	8192

Details

Name:	00000000.00000003.661349684.000000001BD70000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BD70000
Size:	65536

Details

Name:	00000000.00000000.658379989.0000000000C12000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	C12000
Size:	536576

Details

Name:	00000000.00000003.660030578.0000000001520000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1520000
Size:	65536

Details

Name:	00000000.00000003.662079858.000000001B840000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B840000
Size:	65536

Details

Name:	00000000.00000003.661281679.000000001BD20000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BD20000
Size:	65536

Details

Name:	00000000.00000003.661313648.000000001BD50000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BD50000
Size:	65536

Details

Name:	00000000.00000002.669822430.00007FFA3595C000.00000040.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	7FFA3595C000
Size:	4096

Details

Name:	00000001.00000002.672349409.00007FF542537000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF542537000
Size:	49152

Details

Name:	00000000.00000002.667045922.0000000001540000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	1540000
Size:	16384

Details

Name:	00000000.00000002.669749299.00007FFA35913000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7FFA35913000
Size:	40960

Details

Name:	00000000.00000003.661714674.000000001B840000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B840000
Size:	12288

Details

Name:	00000006.00000002.666358108.0000000000372000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	372000
Size:	536576

Details

Name:	00000000.00000003.662133490.000000001B9B0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B9B0000
Size:	65536

Details

Name:	00000004.00000002.664802648.0000000000D30000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	D30000
Size:	4096

Details

Name:	00000000.00000002.669707920.00007FFA35903000.00000040.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	7FFA35903000
Size:	4096

Details

Name:	00000000.00000002.669260070.000000001B820000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1B820000
Size:	12288

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary,

Details

Name:	00000001.00000002.670454636.0000003C24FDE000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3C24FDE000
Size:	8192

Details

Name:	00000000.00000003.661489341.000000001BE40000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BE40000
Size:	65536

Details

Name:	00000001.00000002.672521088.00007FF542596000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF542596000
Size:	8192

Details

Name:	00000000.00000002.669698041.00007FF4D79D0000.00000040.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	7FF4D79D0000
Size:	4096

Details

Name:	00000000.00000003.661251002.000000001B9F0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B9F0000
Size:	65536

Details

Name:	00000001.00000002.672164859.00007FF54241E000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF54241E000
Size:	4096

Details

Name:	00000000.00000003.660194297.000000001B820000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B820000
Size:	65536

Details

Name:	00000000.00000002.667036218.0000000001530000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1530000
Size:	65536

Details

Name:	00000004.00000002.664916914.0000000000DB6000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	DB6000
Size:	4096

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary,

Details

Name:	00000000.00000002.668312772.000000001B43C000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1B43C000
Size:	16384

Details

Name:	00000000.00000003.662158413.000000001B9D0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B9D0000
Size:	65536

Details

Name:	00000000.00000003.660040634.0000000001530000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1530000
Size:	65536

Details

Name:	00000000.00000002.666692587.0000000000CB0000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	CB0000
Size:	16384

Details

Name:	00000000.00000002.669352116.000000001BAA0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1BAA0000
Size:	4096

Details

Name:	00000000.00000002.669832377.00007FFA359B0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7FFA359B0000
Size:	4096

Details

Name:	00000001.00000002.670756138.0000022B2BD40000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	22B2BD40000
Size:	16384

Details

Name:	00000003.00000002.664002596.0000000000420000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	420000
Size:	4096

Details

Name:	00000001.00000002.670606271.0000022B2BC70000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	22B2BC70000
Size:	806912

Details

Name:	00000000.00000002.669606375.000000001BE0E000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1BE0E000
Size:	8192

Details

Name:	00000000.00000003.662115572.000000001B880000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B880000
Size:	65536

Details

Name:	00000001.00000002.672458274.00007FF54256A000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF54256A000
Size:	20480

Details

Name:	00000000.00000002.666997302.0000000001430000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	1430000
Size:	12288

Details

Name:	00000001.00000002.670486841.0000003C25375000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3C25375000
Size:	45056

Details

Name:	00000000.00000003.661776032.000000001B860000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B860000
Size:	65536

Details

Name:	00000001.00000002.670430065.0000003C24F5B000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3C24F5B000
Size:	20480

Details

Name:	00000001.00000002.672122685.00007FF542297000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF542297000
Size:	8192

Details

Name:	00000000.00000002.669281676.000000001B870000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	1B870000
Size:	12288

Details

Name:	00000000.00000003.661437516.000000001BDF0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BDF0000
Size:	65536

Details

Name:	00000001.00000002.670913075.0000022B2BE3C000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22B2BE3C000
Size:	57344

Details

Name:	00000000.00000002.667772404.0000000012EC8000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	12EC8000
Size:	16384

Details

Name:	00000001.00000003.670049962.0000022B2BE4D000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	22B2BE4D000
Size:	135168

Details

Name:	00000000.00000003.666445989.000000001B879000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap private
Protect:	page read and write
Base address:	1B879000
Size:	8192

Details

Name:	00000000.00000003.662169455.000000001B9E0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B9E0000
Size:	32768

Details

Name:	00000000.00000003.661690214.000000001B840000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B840000
Size:	16384

Details

Name:	00000000.00000003.662146245.000000001B9C0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B9C0000
Size:	65536

Details

Name:	00000000.00000003.660323635.000000001B830000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B830000
Size:	8192

Details

Name:	00000000.00000002.669641137.000000001BF0F000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1BF0F000
Size:	4096

Details

Name:	00000001.00000002.671260618.0000022B2C602000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22B2C602000
Size:	4096

Details

Name:	00000000.00000003.661305585.000000001BD40000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BD40000
Size:	65536

Details

Name:	00000000.00000002.669897376.00007FFA35A20000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7FFA35A20000
Size:	16384

Details

Name:	00000000.00000002.666868062.00000000010E0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	10E0000
Size:	4096

Details

Name:	00000000.00000003.660618917.000000001B840000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B840000
Size:	61440

Details

Name:	00000000.00000003.661708091.000000001B840000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B840000
Size:	4096

Details

Name:	00000003.00000000.663776286.0000000000422000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	422000
Size:	536576

Details

Name:	00000005.00000002.665611516.0000000000FD6000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	FD6000
Size:	4096

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary,

Details

Name:	00000000.00000002.669954601.00007FFA35A30000.00000040.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	7FFA35A30000
Size:	65536

Details

Name:	00000000.00000002.666909845.000000000123F000.00000004.00000020.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	123F000
Size:	16384

Details

Name:	00000001.00000002.670933908.0000022B2BE4E000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22B2BE4E000
Size:	131072

Details

Name:	00000001.00000002.671033485.0000022B2BF02000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22B2BF02000
Size:	12288

Details

Name:	00000001.00000002.672572722.00007FF542604000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF542604000
Size:	20480

Details

Name:	00000003.00000000.663760612.0000000000420000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	420000
Size:	4096

Details

Name:	00000001.00000002.670574665.0000022B2BC00000.00000004.00000040.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	22B2BC00000
Size:	4096

Details

Name:	00000004.00000002.664808759.0000000000D32000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	D32000
Size:	536576

Details

Name:	00000001.00000002.672060003.00007FF541C30000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF541C30000
Size:	4096

Details

Name:	00000000.00000003.661502568.000000001BE50000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BE50000
Size:	65536

Details

Name:	00000000.00000002.669811985.00007FFA3592D000.00000040.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	7FFA3592D000
Size:	4096

Details

Name:	00000000.00000003.661407277.000000001BDC0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BDC0000
Size:	65536

Details

Name:	00000006.00000002.666351934.0000000000370000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	370000
Size:	4096

Details

Name:	00000000.00000003.661467919.000000001BE20000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BE20000
Size:	65536

Details

Name:	00000001.00000002.670535466.0000003C255F7000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3C255F7000
Size:	36864

Details

Name:	00000000.00000003.666388610.000000001B873000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	heap private
Protect:	page read and write
Base address:	1B873000
Size:	32768

Details

Name:	00000000.00000002.666876860.0000000001200000.00000004.00000020.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	1200000
Size:	49152

Details

Name:	00000001.00000002.672595560.00007FF542611000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF542611000
Size:	20480

Details

Name:	00000000.00000003.661237937.000000001B9E0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B9E0000
Size:	65536

Details

Name:	00000002.00000000.662861822.0000000000312000.00000002.00020000.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	312000
Size:	536576

Details

Name:	00000000.00000002.666914777.0000000001268000.00000004.00000020.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	1268000
Size:	610304

Details

Name:	00000000.00000003.661731291.000000001B840000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B840000
Size:	65536

Details

Name:	00000005.00000002.665543525.0000000000F50000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	F50000
Size:	4096

Details

Name:	00000000.00000003.661141953.000000001B840000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B840000
Size:	65536

Details

Name:	00000001.00000002.670988371.0000022B2BE6F000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22B2BE6F000
Size:	57344

Details

Name:	00000000.00000002.667067979.0000000002DEF000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2DEF000
Size:	4096

Details

Name:	00000001.00000002.672478100.00007FF542574000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF542574000
Size:	20480

Details

Name:	00000000.00000000.658437026.0000000000C96000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	C96000
Size:	4096

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary,

Details

Name:	00000000.00000002.667013481.0000000001490000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1490000
Size:	4096

Details

Name:	00000002.00000002.663039940.0000000000310000.00000002.00020000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	310000
Size:	4096

Details

Name:	00000006.00000000.666205722.0000000000370000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	370000
Size:	4096

Details

Name:	00000000.00000003.666342904.000000001BAA1000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BAA1000
Size:	397312

Details

Name:	00000000.00000003.661396087.000000001BDB0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BDB0000
Size:	65536

Details

Name:	00000000.00000002.667023831.00000000014E0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	14E0000
Size:	4096

Details

Name:	00000000.00000002.669983313.00007FFA35AB0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7FFA35AB0000
Size:	45056

Details

Name:	00000001.00000002.672332700.00007FF54252B000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF54252B000
Size:	45056

Details

Name:	00000004.00000001.664777512.0000000000D30000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	image loaded
Regiontype:	unkown image
Protect:	page readonly
Base address:	D30000
Size:	4096

Details

Name:	00000001.00000002.671010062.0000022B2BE8A000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22B2BE8A000
Size:	24576

Details

Name:	00000002.00000000.662939455.0000000000396000.00000002.00020000.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	396000
Size:	4096

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary,

Details

Name:	00000000.00000003.661742403.000000001B850000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B850000
Size:	61440

Details

Name:	00000000.00000002.669304003.000000001B893000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	1B893000
Size:	12288

Details

Name:	00000000.00000003.661607801.000000001B840000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B840000
Size:	65536

Details

Name:	00000001.00000000.658880076.00007FF542612000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF542612000
Size:	16384

Details

Name:	00000001.00000002.672586227.00007FF54260A000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF54260A000
Size:	12288

Details

Name:	00000000.00000003.661154888.000000001B850000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B850000
Size:	65536

Details

Name:	00000000.00000002.669724290.00007FFA3590D000.00000040.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	7FFA3590D000
Size:	12288

Details

Name:	00000004.00000000.664642646.0000000000D30000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	D30000
Size:	4096

Details

Name:	00000000.00000003.659991202.00000000012DC000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	12DC000
Size:	61440

Details

Name:	00000000.00000003.661373834.000000001BD8D000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BD8D000
Size:	12288

Details

Name:	00000003.00000001.663989960.0000000000420000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	image loaded
Regiontype:	unkown image
Protect:	page readonly
Base address:	420000
Size:	4096

Details

Name:	00000000.00000002.666721602.0000000001010000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1010000
Size:	806912

Details

Name:	00000001.00000002.670877084.0000022B2BE29000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22B2BE29000
Size:	73728

Details

Name:	00000002.00000000.662853353.0000000000310000.00000002.00020000.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	310000
Size:	4096

Details

Name:	00000001.00000002.670467060.0000003C2527D000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3C2527D000
Size:	12288

Details

Name:	00000000.00000002.667016649.00000000014C0000.00000040.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page execute and read and write
Base address:	14C0000
Size:	4096

Details

Name:	00000000.00000003.661580315.000000001BEC0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BEC0000
Size:	16384

Details

Name:	00000001.00000002.670769183.0000022B2BD50000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	22B2BD50000
Size:	4096

Details

Name:	00000000.00000003.661188247.000000001B9B0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B9B0000
Size:	57344

Details

Name:	00000000.00000002.666884550.000000000120D000.00000004.00000020.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	120D000
Size:	45056

Details

Name:	00000000.00000003.661618514.000000001B850000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B850000
Size:	24576

Details

Name:	00000000.00000003.661637724.000000001B840000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B840000
Size:	32768

Details

Name:	00000000.00000002.666906299.000000000123C000.00000004.00000020.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	123C000
Size:	8192

Details

Name:	00000000.00000003.660925969.000000001B9B0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B9B0000
Size:	24576

Details

Name:	00000000.00000003.661180128.000000001B9A0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B9A0000
Size:	65536

Details

Name:	00000001.00000002.672216060.00007FF542484000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF542484000
Size:	4096

Details

Name:	00000000.00000002.669715556.00007FFA35904000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7FFA35904000
Size:	8192

Details

Name:	00000001.00000002.672275147.00007FF54250C000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF54250C000
Size:	8192

Details

Name:	00000001.00000002.672301954.00007FF54251E000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF54251E000
Size:	4096

Details

Name:	00000001.00000002.672495573.00007FF54257F000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF54257F000
Size:	8192

Details

Name:	00000000.00000003.662047224.000000001B840000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B840000
Size:	61440

Details

Name:	00000000.00000002.669328727.000000001BA00000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	1BA00000
Size:	12288

Details

Name:	00000000.00000002.669845463.00007FFA359B6000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7FFA359B6000
Size:	4096

Details

Name:	00000003.00000002.664096938.00000000004A6000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	4A6000
Size:	4096

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary,

Details

Name:	00000001.00000002.672259774.00007FF54250A000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF54250A000
Size:	4096

Details

Name:	00000006.00000000.666212681.0000000000372000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	372000
Size:	536576

Details

Name:	00000000.00000003.662124730.000000001B9A0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B9A0000
Size:	65536

Details

Name:	00000000.00000002.666709122.0000000000DD5000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	DD5000
Size:	45056

Details

Name:	00000000.00000003.660886819.000000001B860000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B860000
Size:	65536

Details

Name:	00000000.00000003.661363706.000000001BD80000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BD80000
Size:	49152

Details

Name:	00000000.00000003.661457746.000000001BE10000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BE10000
Size:	65536

Details

Name:	00000000.00000003.661662681.000000001B840000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B840000
Size:	4096

Details

Name:	00000000.00000003.661559518.000000001BEA0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BEA0000
Size:	65536

Details

Name:	00000001.00000002.670503604.0000003C2547B000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3C2547B000
Size:	20480

Details

Name:	00000000.00000003.660859595.000000001B840000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B840000
Size:	65536

Details

Name:	00000001.00000002.671044616.0000022B2BF13000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22B2BF13000
Size:	8192

Details

Name:	00000001.00000002.672444715.00007FF542564000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF542564000
Size:	4096

Details

Name:	00000001.00000002.672384003.00007FF54254F000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF54254F000
Size:	16384

Details

Name:	00000000.00000002.669922681.00007FFA35A25000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7FFA35A25000
Size:	16384

Details

Name:	00000001.00000002.671053107.0000022B2C000000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	22B2C000000
Size:	4096

Details

Name:	00000000.00000003.660897861.000000001B880000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B880000
Size:	65536

Details

Name:	00000000.00000003.661426134.000000001BDE0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BDE0000
Size:	65536

Details

Name:	00000000.00000003.666401377.000000001BA10000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BA10000
Size:	430080

Details

Name:	00000000.00000003.661700662.000000001B840000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B840000
Size:	4096

Details

Name:	00000000.00000002.669163828.000000001B780000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1B780000
Size:	401408

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary,

Details

Name:	00000006.00000001.666328610.0000000000370000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	image loaded
Regiontype:	unkown image
Protect:	page readonly
Base address:	370000
Size:	4096

Details

Name:	00000000.00000002.669939067.00007FFA35A2B000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7FFA35A2B000
Size:	16384

Details

Name:	00000005.00000002.665548936.0000000000F52000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	F52000
Size:	536576

Details

Name:	00000001.00000002.671038215.0000022B2BF08000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22B2BF08000
Size:	12288

Details

Name:	00000000.00000003.661416038.000000001BDD0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BDD0000
Size:	65536

Details

Name:	00000000.00000002.666990621.0000000001400000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1400000
Size:	8192

Details

Name:	00000002.00000002.663046441.0000000000312000.00000002.00020000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	312000
Size:	536576

Details

Name:	00000000.00000003.661295736.000000001BD30000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BD30000
Size:	65536

Details

Name:	00000001.00000002.672512055.00007FF54258E000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF54258E000
Size:	16384

Details

Name:	00000001.00000002.671059286.0000022B2C460000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	22B2C460000
Size:	1269760

Details

Name:	00000002.00000002.663114844.0000000000396000.00000002.00020000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	396000
Size:	4096

Details

Name:	00000001.00000002.672143673.00007FF542401000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF542401000
Size:	4096

Details

Name:	00000000.00000003.661515464.000000001BE60000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BE60000
Size:	65536

Details

Name:	00000001.00000002.670831628.0000022B2BE13000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22B2BE13000
Size:	77824

Details

Name:	00000000.00000002.669741211.00007FFA35910000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7FFA35910000
Size:	8192

Details

Name:	00000000.00000002.666687341.0000000000C96000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	C96000
Size:	4096

Details

Name:	00000000.00000002.669789898.00007FFA3591D000.00000040.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	7FFA3591D000
Size:	8192

Details

Name:	00000000.00000002.667001902.0000000001435000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	1435000
Size:	8192

Details

Name:	00000000.00000002.669854423.00007FFA359BC000.00000040.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	7FFA359BC000
Size:	4096

Details

Name:	00000000.00000002.669880768.00007FFA359E6000.00000040.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	7FFA359E6000
Size:	4096

Details

Name:	00000000.00000003.666457859.00000000014A4000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	14A4000
Size:	49152

Details

Name:	00000000.00000003.661378370.000000001BD90000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BD90000
Size:	65536

Details

Name:	00000000.00000003.660239411.000000001B824000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B824000
Size:	20480

Details

Name:	00000000.00000003.660235315.000000001B821000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B821000
Size:	8192

Details

Name:	00000000.00000002.667057099.0000000001550000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1550000
Size:	36864

Details

Name:	00000001.00000002.670796354.0000022B2BE00000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22B2BE00000
Size:	4096

Details

Name:	00000002.00000001.663026352.0000000000310000.00000002.00020000.sdmp
TargetID:	2
Dumpstage:	image loaded
Regiontype:	unkown image
Protect:	page readonly
Base address:	310000
Size:	4096

Details

Name:	00000000.00000002.669342251.000000001BA90000.00000040.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page execute and read and write
Base address:	1BA90000
Size:	4096

Details

Name:	00000000.00000002.669666828.000000001C00E000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1C00E000
Size:	8192

Details

Name:	00000000.00000002.669865124.00007FFA359C0000.00000040.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	7FFA359C0000
Size:	4096

Details

Name:	00000000.00000003.660944510.000000001B840000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B840000
Size:	65536

Details

Name:	00000000.00000003.661163669.000000001B860000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B860000
Size:	65536

Details

Name:	00000001.00000002.671026819.0000022B2BF00000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22B2BF00000
Size:	4096

Details

Name:	00000000.00000002.667786661.0000000012ECD000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	12ECD000
Size:	8192

Details

Name:	00000000.00000003.661584105.000000001BEC5000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BEC5000
Size:	16384

Details

Name:	00000000.00000002.667005903.0000000001440000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1440000
Size:	4096

Details

Name:	00000000.00000003.660344080.000000001B830000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B830000
Size:	61440

Details

Name:	00000005.00000000.665441503.0000000000F52000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	F52000
Size:	536576

Details

Name:	00000006.00000002.666445214.00000000003F6000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	3F6000
Size:	4096

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary,

Details

Name:	00000000.00000001.658453295.0000000000C10000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	image loaded
Regiontype:	unkown image
Protect:	page readonly
Base address:	C10000
Size:	4096

Details

Name:	00000000.00000003.661569560.000000001BEB0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BEB0000
Size:	61440

Details

Name:	00000001.00000002.672371148.00007FF54254C000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF54254C000
Size:	4096

Details

Name:	00000000.00000002.668278184.000000001AEF0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1AEF0000
Size:	4096

Details

Name:	00000001.00000002.672085480.00007FF5420E0000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5420E0000
Size:	20480

Details

Name:	00000001.00000002.670549378.0000003C256FE000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3C256FE000
Size:	8192

Details

Name:	00000000.00000002.667760554.0000000012EC1000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	12EC1000
Size:	20480

Details

Name:	00000000.00000002.669360244.000000001BBA0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1BBA0000
Size:	401408

Details

Name:	00000001.00000002.672138939.00007FF5423C3000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5423C3000
Size:	8192

Details

Name:	00000000.00000003.661785979.000000001B880000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B880000
Size:	12288

Details

Name:	00000000.00000003.661794690.000000001B840000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B840000
Size:	8192

Details

Name:	00000006.00000000.666279287.00000000003F6000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	3F6000
Size:	4096

Details

Name:	00000004.00000000.664707044.0000000000DB6000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	DB6000
Size:	4096

Details

Name:	00000001.00000002.670865042.0000022B2BE27000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22B2BE27000
Size:	4096

Details

Name:	00000000.00000002.666891379.0000000001219000.00000004.00000020.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	1219000
Size:	131072

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary,

Details

Name:	00000000.00000003.660913921.000000001B9A0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B9A0000
Size:	65536

Details

Name:	00000001.00000002.672201558.00007FF542473000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF542473000
Size:	24576

Details

Name:	00000000.00000003.660248723.000000001B820000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B820000
Size:	36864

Details

Name:	00000001.00000002.672504057.00007FF542588000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF542588000
Size:	12288

Details

Name:	00000001.00000003.670305801.0000022B2BE4A000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	22B2BE4A000
Size:	4096

Details

Name:	00000000.00000002.667027040.00000000014F0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	14F0000
Size:	4096

Details

Name:	00000000.00000002.667031385.0000000001510000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1510000
Size:	8192

Details

Name:	00000000.00000003.661446444.000000001BE00000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BE00000
Size:	65536

Details

Name:	00000000.00000002.667050531.0000000001545000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	1545000
Size:	36864

Details

Name:	00000000.00000003.662093697.000000001B850000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B850000
Size:	53248

Details

Name:	00000001.00000002.671268532.0000022B2C800000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	22B2C800000
Size:	3371008

Details

Name:	00000001.00000003.670219670.0000022B2BE4B000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	22B2BE4B000
Size:	8192

Details

Name:	00000001.00000002.672150142.00007FF54241B000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF54241B000
Size:	8192

Details

Name:	00000000.00000002.666605148.0000000000C12000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	C12000
Size:	536576

Details

Name:	00000000.00000002.670006390.00007FFA35AC0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7FFA35AC0000
Size:	57344

Details

Name:	00000004.00000000.664649876.0000000000D32000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	D32000
Size:	536576

Details

Name:	00000000.00000003.661480447.000000001BE30000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BE30000
Size:	65536

Details

Name:	00000000.00000003.660068349.0000000001520000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1520000
Size:	8192

Details

Name:	00000000.00000003.661387261.000000001BDA0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BDA0000
Size:	65536

Details

Name:	00000000.00000002.667194312.0000000002EB0000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2EB0000
Size:	4096

Details

Name:	00000003.00000002.664013345.0000000000422000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	422000
Size:	536576

Details

Name:	00000001.00000002.672176247.00007FF54246D000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF54246D000
Size:	20480

Details

Name:	00000000.00000003.666454207.00000000014A0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	14A0000
Size:	12288

Details

Name:	00000000.00000003.661259974.000000001BA80000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BA80000
Size:	36864

Details

Name:	00000001.00000002.672541072.00007FF54259D000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF54259D000
Size:	16384

Details

Name:	00000000.00000002.666985924.00000000013FF000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	13FF000
Size:	4096

Details

Name:	00000001.00000002.670559526.0000003C257FF000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3C257FF000
Size:	4096

Details

Name:	00000000.00000003.661673766.000000001B840000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B840000
Size:	12288

Details

Name:	00000000.00000003.661340602.000000001BD60000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BD60000
Size:	65536

Details

Name:	00000001.00000002.672397933.00007FF542557000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF542557000
Size:	28672

Details

Name:	00000000.00000003.661755136.000000001B840000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B840000
Size:	65536

Details

Name:	00000005.00000000.665430720.0000000000F50000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	F50000
Size:	4096

Details

Name:	00000001.00000002.672229868.00007FF54248C000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF54248C000
Size:	8192

Details

Name:	00000001.00000002.670594176.0000022B2BC60000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	22B2BC60000
Size:	8192

Details

Name:	00000001.00000002.670807376.0000022B2BE02000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22B2BE02000
Size:	65536

Details

Name:	00000000.00000002.669462674.000000001BC62000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1BC62000
Size:	208896

Details

Name:	00000001.00000002.672312968.00007FF542520000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF542520000
Size:	16384

Details

Name:	00000003.00000000.663911836.00000000004A6000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	4A6000
Size:	4096

Details

Name:	00000000.00000003.661265776.000000001BD10000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BD10000
Size:	65536

Details

Name:	00000005.00000000.665502687.0000000000FD6000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	FD6000
Size:	4096

Details

Name:	00000000.00000003.661195585.000000001B9C0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B9C0000
Size:	65536

Details

Name:	00000001.00000002.672133536.00007FF542371000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF542371000
Size:	12288

Details

Name:	00000000.00000003.662103301.000000001B860000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B860000
Size:	65536

Details

Name:	00000000.00000003.661528254.000000001BE70000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BE70000
Size:	65536

Details

Name:	00000000.00000003.660048903.000000001B780000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B780000
Size:	61440

Details

Name:	00000005.00000001.665533070.0000000000F50000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	image loaded
Regiontype:	unkown image
Protect:	page readonly
Base address:	F50000
Size:	4096

Details

Name:	00000000.00000002.668363683.000000001B440000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1B440000
Size:	3371008

Details

Name:	00000000.00000003.661540695.000000001BE80000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BE80000
Size:	65536

Details

Name:	00000001.00000002.672528928.00007FF542599000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF542599000
Size:	12288

Details

Name:	00000001.00000002.672072815.00007FF541D81000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF541D81000
Size:	4096

Details

Name:	00000000.00000002.669318670.000000001B99D000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1B99D000
Size:	12288

Details

Name:	00000000.00000003.661229026.000000001B9D0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1B9D0000
Size:	65536

Details

Name:	00000001.00000002.670784456.0000022B2BD60000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22B2BD60000
Size:	4096

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOCReport

Files

Processes

URLs

Memdumps