Automated Malware Analysis IOC Report for

Details

Name:	00000003.00000001.209279370.0000000000400000.00000040.00020000.sdmp
TargetID:	3
Dumpstage:	image loaded
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	400000
Size:	163840

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary,
Yara detected FormBook	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
Yara signature match	System Summary,

Details

Name:	00000003.00000002.211005470.0000000000400000.00000040.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	400000
Size:	163840

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary,
Yara detected FormBook	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
Yara signature match	System Summary,

Details

Name:	00000001.00000002.211020267.0000000002A50000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2A50000
Size:	163840

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary,
Yara detected FormBook	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
Yara signature match	System Summary,

Details

Name:	00000001.00000003.206415100.0000000002C40000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2C40000
Size:	1138688

Signature Hits	Behavior Group	Mitre Attack
Binary contains paths to debug symbols	Compliance, System Summary,

Details

Name:	00000005.00000002.230317296.000002A213508000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2A213508000
Size:	12288

Details

Name:	00000002.00000002.206797238.00007FF593A0A000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF593A0A000
Size:	16384

Details

Name:	00000001.00000002.211158192.00000000740D3000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	740D3000
Size:	4096

Details

Name:	00000002.00000002.206724670.00007FF593458000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF593458000
Size:	12288

Details

Name:	00000003.00000002.210997845.00000000002F8000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2F8000
Size:	8192

Details

Name:	00000001.00000003.208193425.0000000002BC6000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2BC6000
Size:	487424

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary,

Details

Name:	00000001.00000002.210354086.000000000214E000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	214E000
Size:	8192

Details

Name:	00000004.00000002.212668684.00000231F0459000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	231F0459000
Size:	81920

Details

Name:	00000002.00000002.205833807.00000232F2A55000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	232F2A55000
Size:	81920

Details

Name:	00000002.00000002.206753003.00007FF593914000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF593914000
Size:	8192

Details

Name:	00000004.00000002.212782250.00000231F0500000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	231F0500000
Size:	4096

Details

Name:	00000003.00000000.203367053.0000000000400000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	400000
Size:	4096

Details

Name:	00000002.00000002.205998369.00000232F2CD0000.00000008.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page write copy
Base address:	232F2CD0000
Size:	266240

Details

Name:	00000001.00000002.210082002.0000000000400000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	400000
Size:	4096

Details

Name:	00000002.00000003.205451446.00000232F2A69000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	232F2A69000
Size:	40960

Details

Name:	00000004.00000002.212801523.00000231F0502000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	231F0502000
Size:	40960

Details

Name:	00000004.00000002.214300692.00007FF589D3C000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589D3C000
Size:	12288

Details

Name:	00000001.00000003.202697873.0000000002A50000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2A50000
Size:	135168

Details

Name:	00000004.00000002.212886718.00000231F0513000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	231F0513000
Size:	20480

Details

Name:	00000005.00000002.230968118.00007FF59166A000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59166A000
Size:	4096

Details

Name:	00000005.00000002.230309783.000002A213500000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2A213500000
Size:	4096

Details

Name:	00000002.00000003.205590718.00000232F2A69000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	232F2A69000
Size:	40960

Details

Name:	00000003.00000003.210596041.00000000006C1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	6C1000
Size:	65536

Details

Name:	00000003.00000000.203380721.0000000000408000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	408000
Size:	8192

Details

Name:	00000004.00000002.214416270.00007FF589D64000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589D64000
Size:	8192

Details

Name:	00000002.00000002.207219923.00007FF593BF5000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF593BF5000
Size:	16384

Details

Name:	00000001.00000003.205871237.0000000002C10000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2C10000
Size:	1138688

Details

Name:	00000001.00000003.206664269.0000000002D5B000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2D5B000
Size:	4096

Details

Name:	00000005.00000002.230336611.000002A213C00000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2A213C00000
Size:	3371008

Details

Name:	00000002.00000002.206936556.00007FF593B8C000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF593B8C000
Size:	4096

Details

Name:	00000001.00000002.210774239.0000000002720000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2720000
Size:	733184

Details

Name:	00000004.00000003.209466730.00000231F046D000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	231F046D000
Size:	24576

Details

Name:	00000004.00000002.214108212.00007FF589CD8000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589CD8000
Size:	4096

Details

Name:	00000001.00000002.211091894.0000000073782000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	73782000
Size:	4096

Details

Name:	00000004.00000003.209782146.00000231F0469000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	231F0469000
Size:	40960

Details

Name:	00000005.00000002.231026598.00007FF591781000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF591781000
Size:	20480

Details

Name:	00000005.00000002.231021564.00007FF59175D000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59175D000
Size:	8192

Details

Name:	00000002.00000002.205741961.00000232F29B0000.00000004.00000020.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	232F29B0000
Size:	8192

Details

Name:	00000003.00000002.213181158.0000000000B1F000.00000040.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	B1F000
Size:	1601536

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary,
Binary contains paths to debug symbols	Compliance, System Summary,

Details

Name:	00000001.00000002.210301757.00000000007DF000.00000004.00000010.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7DF000
Size:	4096

Details

Name:	00000004.00000002.214474626.00007FF589DBE000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589DBE000
Size:	4096

Details

Name:	00000001.00000003.205051087.0000000002B96000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2B96000
Size:	487424

Details

Name:	00000005.00000002.230329405.000002A213990000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2A213990000
Size:	4096

Details

Name:	00000005.00000002.231213632.00007FF591949000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF591949000
Size:	20480

Details

Name:	00000005.00000002.230312981.000002A213502000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2A213502000
Size:	16384

Details

Name:	00000004.00000003.209925838.00000231F046D000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	231F046D000
Size:	24576

Details

Name:	00000005.00000002.231188816.00007FF5918E4000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5918E4000
Size:	8192

Details

Name:	00000005.00000002.230083430.000000EF8E96E000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	EF8E96E000
Size:	8192

Details

Name:	00000002.00000003.205566977.00000232F2A6C000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	232F2A6C000
Size:	28672

Details

Name:	00000002.00000002.206822209.00007FF593AA8000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF593AA8000
Size:	8192

Details

Name:	00000002.00000002.205882583.00000232F2C00000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	232F2C00000
Size:	806912

Details

Name:	00000001.00000002.210221603.0000000000610000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	610000
Size:	806912

Details

Name:	00000001.00000002.210091927.0000000000401000.00000020.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute read
Base address:	401000
Size:	28672

Details

Name:	00000004.00000002.213855930.00007FF589568000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589568000
Size:	12288

Details

Name:	00000005.00000002.230959825.00007FF591450000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF591450000
Size:	4096

Details

Name:	00000001.00000000.201872363.0000000000408000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	408000
Size:	8192

Details

Name:	00000002.00000002.206918462.00007FF593B8A000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF593B8A000
Size:	4096

Details

Name:	00000005.00000002.230074925.000000EF8E8EB000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	EF8E8EB000
Size:	20480

Details

Name:	00000002.00000002.205747617.00000232F29C0000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	232F29C0000
Size:	16384

Details

Name:	00000005.00000002.230991750.00007FF59171A000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59171A000
Size:	4096

Details

Name:	00000005.00000002.230981457.00007FF59170E000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59170E000
Size:	8192

Details

Name:	00000001.00000003.204554868.0000000002B96000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2B96000
Size:	487424

Details

Name:	00000005.00000002.231170202.00007FF5918D5000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5918D5000
Size:	24576

Details

Name:	00000001.00000002.210401850.00000000022E0000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	22E0000
Size:	3371008

Details

Name:	00000004.00000003.210480463.00000231F0469000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	231F0469000
Size:	40960

Details

Name:	00000004.00000002.212181018.00000231F03B0000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	231F03B0000
Size:	16384

Details

Name:	00000004.00000002.212936738.00000231F1DA0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	231F1DA0000
Size:	4096

Details

Name:	00000002.00000002.205863007.00000232F2B02000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	232F2B02000
Size:	40960

Details

Name:	00000004.00000002.212211134.00000231F0402000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	231F0402000
Size:	65536

Details

Name:	00000004.00000002.214031874.00007FF589BD3000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589BD3000
Size:	4096

Details

Name:	00000004.00000000.208528296.00007FF589DC9000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589DC9000
Size:	20480

Details

Name:	00000001.00000002.210140602.000000000042C000.00000004.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	42C000
Size:	12288

Details

Name:	00000004.00000002.214260502.00007FF589D2D000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589D2D000
Size:	12288

Details

Name:	00000001.00000002.210391150.00000000022D0000.00000004.00000040.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	22D0000
Size:	8192

Details

Name:	00000004.00000002.214037290.00007FF589BD7000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589BD7000
Size:	12288

Details

Name:	00000001.00000000.201866081.0000000000401000.00000020.00020000.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute read
Base address:	401000
Size:	28672

Details

Name:	00000003.00000000.203373462.0000000000401000.00000020.00020000.sdmp
TargetID:	3
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute read
Base address:	401000
Size:	28672

Details

Name:	00000001.00000003.202412655.0000000000497000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	497000
Size:	8192

Details

Name:	00000005.00000002.231011210.00007FF591753000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF591753000
Size:	4096

Details

Name:	00000002.00000002.206781430.00007FF593975000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF593975000
Size:	12288

Details

Name:	00000005.00000002.231163939.00007FF5918CC000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5918CC000
Size:	12288

Details

Name:	00000005.00000002.230294836.000002A21346D000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2A21346D000
Size:	49152

Details

Name:	00000004.00000002.211178164.0000004C3C07F000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4C3C07F000
Size:	4096

Details

Name:	00000001.00000003.203800232.0000000002D2F000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2D2F000
Size:	462848

Details

Name:	00000005.00000002.231046615.00007FF5917BC000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5917BC000
Size:	12288

Details

Name:	00000004.00000002.211128255.0000004C3BEFF000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4C3BEFF000
Size:	4096

Details

Name:	00000005.00000002.231092749.00007FF59187E000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59187E000
Size:	12288

Details

Name:	00000002.00000002.207330871.00007FF593C1D000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF593C1D000
Size:	12288

Details

Name:	00000005.00000002.231200947.00007FF591941000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF591941000
Size:	28672

Details

Name:	00000001.00000002.210054801.000000000019A000.00000004.00000010.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	19A000
Size:	24576

Details

Name:	00000005.00000002.230942009.00007FF59143A000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59143A000
Size:	20480

Details

Name:	00000002.00000002.205851311.00000232F2A6D000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	232F2A6D000
Size:	24576

Details

Name:	00000003.00000002.210991032.000000000019E000.00000004.00000010.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	19E000
Size:	8192

Details

Name:	00000001.00000002.210169051.0000000000495000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	495000
Size:	12288

Details

Name:	00000001.00000000.201877384.000000000040A000.00000008.00020000.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page write copy
Base address:	40A000
Size:	4096

Details

Name:	00000001.00000003.204654506.0000000002C10000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2C10000
Size:	1138688

Details

Name:	00000005.00000002.230141121.000002A213240000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2A213240000
Size:	806912

Details

Name:	00000001.00000002.211060795.0000000073780000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	73780000
Size:	4096

Details

Name:	00000004.00000002.211197488.00000231F0220000.00000004.00000040.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	231F0220000
Size:	4096

Details

Name:	00000001.00000002.210175797.00000000004DE000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4DE000
Size:	8192

Details

Name:	00000001.00000002.210359715.0000000002190000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2190000
Size:	12288

Details

Name:	00000001.00000003.209451920.0000000002C40000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2C40000
Size:	1138688

Details

Name:	00000002.00000002.207449965.00007FF593C36000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF593C36000
Size:	20480

Details

Name:	00000002.00000002.205820177.00000232F2A3F000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	232F2A3F000
Size:	61440

Details

Name:	00000004.00000002.214279126.00007FF589D36000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589D36000
Size:	12288

Details

Name:	00000001.00000003.203434500.0000000002A80000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2A80000
Size:	1130496

Details

Name:	00000001.00000002.210045323.000000000009B000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	9B000
Size:	20480

Details

Name:	00000005.00000002.231083907.00007FF59186A000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59186A000
Size:	49152

Details

Name:	00000001.00000003.206026887.0000000002D2F000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2D2F000
Size:	462848

Details

Name:	00000004.00000002.214335863.00007FF589D60000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589D60000
Size:	12288

Details

Name:	00000001.00000002.210310803.00000000008E0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	8E0000
Size:	4096

Details

Name:	00000002.00000002.207292657.00007FF593C09000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF593C09000
Size:	8192

Details

Name:	00000002.00000003.205354901.00000232F2A6D000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	232F2A6D000
Size:	24576

Details

Name:	00000004.00000002.213997174.00007FF589B1A000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589B1A000
Size:	16384

Details

Name:	00000003.00000002.211840686.0000000000560000.00000004.00000020.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	560000
Size:	16384

Details

Name:	00000001.00000000.201882532.0000000000438000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	438000
Size:	4096

Details

Name:	00000002.00000002.206790011.00007FF593980000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF593980000
Size:	4096

Details

Name:	00000001.00000000.201861016.0000000000400000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	400000
Size:	4096

Details

Name:	00000002.00000002.207369274.00007FF593C26000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF593C26000
Size:	12288

Details

Name:	00000005.00000002.230109104.000000EF8EE7F000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	EF8EE7F000
Size:	4096

Details

Name:	00000002.00000002.207121189.00007FF593BDA000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF593BDA000
Size:	49152

Details

Name:	00000003.00000002.212088077.0000000000A00000.00000040.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	A00000
Size:	1150976

Details

Name:	00000003.00000003.209524166.00000000005C4000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5C4000
Size:	28672

Details

Name:	00000002.00000002.206854061.00007FF593B67000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF593B67000
Size:	8192

Details

Name:	00000005.00000002.231075979.00007FF591858000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF591858000
Size:	65536

Details

Name:	00000005.00000002.231125256.00007FF59188F000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59188F000
Size:	16384

Details

Name:	00000002.00000002.207609247.00007FF593C54000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF593C54000
Size:	8192

Details

Name:	00000001.00000003.205126597.0000000002C10000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2C10000
Size:	1138688

Details

Name:	00000004.00000002.214523895.00007FF589DC9000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589DC9000
Size:	20480

Details

Name:	00000002.00000002.207565353.00007FF593C50000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF593C50000
Size:	12288

Details

Name:	00000004.00000002.211216594.00000231F0280000.00000004.00000020.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	231F0280000
Size:	8192

Details

Name:	00000005.00000002.230937611.00007FF591024000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF591024000
Size:	4096

Details

Name:	00000001.00000003.208745685.0000000002C40000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2C40000
Size:	1138688

Details

Name:	00000003.00000000.203391909.0000000000438000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	438000
Size:	4096

Details

Name:	00000004.00000002.213981671.00007FF589A90000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589A90000
Size:	4096

Details

Name:	00000002.00000002.206903594.00007FF593B71000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF593B71000
Size:	4096

Details

Name:	00000004.00000002.214215528.00007FF589D0F000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589D0F000
Size:	16384

Details

Name:	00000004.00000003.210753655.00000231F046D000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	231F046D000
Size:	24576

Details

Name:	00000001.00000002.210378838.00000000021C0000.00000004.00000040.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	21C0000
Size:	4096

Details

Name:	00000001.00000003.206303788.0000000002BC6000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2BC6000
Size:	487424

Details

Name:	00000001.00000003.209205909.0000000002D5F000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2D5F000
Size:	462848

Details

Name:	00000004.00000002.214137833.00007FF589CEA000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589CEA000
Size:	49152

Details

Name:	00000001.00000003.203604130.0000000002C10000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2C10000
Size:	1138688

Details

Name:	00000001.00000003.204877107.0000000002A80000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2A80000
Size:	1130496

Details

Name:	00000004.00000002.214328811.00007FF589D57000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589D57000
Size:	16384

Details

Name:	00000001.00000002.211127067.0000000073785000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	73785000
Size:	4096

Details

Name:	00000002.00000002.205770629.00000232F2A13000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	232F2A13000
Size:	86016

Details

Name:	00000004.00000002.214005290.00007FF589B30000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589B30000
Size:	4096

Details

Name:	00000005.00000002.230102854.000000EF8EDFB000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	EF8EDFB000
Size:	20480

Details

Name:	00000004.00000002.214240290.00007FF589D19000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589D19000
Size:	8192

Details

Name:	00000004.00000002.214103477.00007FF589CD6000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589CD6000
Size:	4096

Details

Name:	00000004.00000002.214011932.00007FF589BB8000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589BB8000
Size:	8192

Details

Name:	00000001.00000003.204797789.0000000002D2F000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2D2F000
Size:	462848

Details

Name:	00000005.00000002.231072074.00007FF591856000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF591856000
Size:	4096

Details

Name:	00000004.00000002.214089948.00007FF589C9C000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589C9C000
Size:	4096

Details

Name:	00000004.00000002.211037880.0000004C3BB6B000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4C3BB6B000
Size:	20480

Details

Name:	00000004.00000002.211141676.0000004C3BF7A000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4C3BF7A000
Size:	24576

Details

Name:	00000002.00000000.202214686.00007FF593CB9000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF593CB9000
Size:	20480

Details

Name:	00000004.00000002.211075815.0000004C3BBEE000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4C3BBEE000
Size:	8192

Details

Name:	00000001.00000003.202614559.0000000002A50000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2A50000
Size:	135168

Details

Name:	00000005.00000002.231142248.00007FF5918B6000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5918B6000
Size:	12288

Details

Name:	00000004.00000002.212446386.00000231F0429000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	231F0429000
Size:	98304

Details

Name:	00000001.00000002.210321936.0000000000960000.00000004.00000040.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	960000
Size:	12288

Details

Name:	00000004.00000002.213919987.00007FF589A37000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589A37000
Size:	12288

Details

Name:	00000001.00000003.206020884.0000000002D2B000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2D2B000
Size:	4096

Details

Name:	00000004.00000002.211099046.0000004C3BE7A000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4C3BE7A000
Size:	24576

Details

Name:	00000001.00000002.210125931.000000000041D000.00000004.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	41D000
Size:	20480

Details

Name:	00000003.00000003.209503256.00000000005CF000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5CF000
Size:	45056

Details

Name:	00000005.00000002.230127246.000000EF8F17E000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	EF8F17E000
Size:	8192

Details

Name:	00000004.00000002.214308747.00007FF589D46000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589D46000
Size:	20480

Details

Name:	00000001.00000003.202431546.0000000002A50000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2A50000
Size:	135168

Details

Name:	00000004.00000002.214323111.00007FF589D4C000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589D4C000
Size:	12288

Details

Name:	00000005.00000002.231132115.00007FF591899000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF591899000
Size:	8192

Details

Name:	00000005.00000002.230284057.000002A213457000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2A213457000
Size:	86016

Details

Name:	00000002.00000003.205407366.00000232F2A6C000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	232F2A6C000
Size:	28672

Details

Name:	00000001.00000003.209398504.0000000002BC6000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2BC6000
Size:	487424

Details

Name:	00000001.00000002.210327741.0000000000966000.00000004.00000040.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	966000
Size:	4096

Details

Name:	00000002.00000002.206957295.00007FF593BC6000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF593BC6000
Size:	4096

Details

Name:	00000002.00000002.206040070.00000232F2D20000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	232F2D20000
Size:	36864

Details

Name:	00000004.00000002.212598080.00000231F0442000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	231F0442000
Size:	57344

Details

Name:	00000002.00000002.206843545.00007FF593AC7000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF593AC7000
Size:	12288

Details

Name:	00000005.00000002.230301597.000002A213484000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2A213484000
Size:	53248

Details

Name:	00000004.00000002.214057398.00007FF589C7A000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589C7A000
Size:	20480

Details

Name:	00000001.00000002.210335230.0000000000970000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	970000
Size:	36864

Details

Name:	00000001.00000002.210073759.0000000000335000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	335000
Size:	4096

Details

Name:	00000001.00000003.209184537.0000000002D5B000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2D5B000
Size:	4096

Details

Name:	00000002.00000003.205492634.00000232F2A6D000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	232F2A6D000
Size:	24576

Details

Name:	00000002.00000002.207194234.00007FF593BEE000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF593BEE000
Size:	12288

Details

Name:	00000005.00000002.230088994.000000EF8E9ED000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	EF8E9ED000
Size:	12288

Details

Name:	00000005.00000002.231153540.00007FF5918C6000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5918C6000
Size:	20480

Details

Name:	00000001.00000002.210387250.00000000022CF000.00000004.00000010.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	22CF000
Size:	4096

Details

Name:	00000004.00000002.214067366.00007FF589C81000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589C81000
Size:	4096

Details

Name:	00000005.00000003.230025907.000002A21344B000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2A21344B000
Size:	24576

Details

Name:	00000001.00000002.210068481.0000000000331000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	331000
Size:	12288

Details

Name:	00000001.00000003.205294754.0000000002D2B000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2D2B000
Size:	4096

Details

Name:	00000003.00000003.210609764.0000000000564000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	564000
Size:	4096

Details

Name:	00000005.00000002.230232760.000002A213310000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2A213310000
Size:	16384

Details

Name:	00000001.00000001.201898280.0000000000400000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	image loaded
Regiontype:	unkown image
Protect:	page readonly
Base address:	400000
Size:	4096

Details

Name:	00000004.00000003.210350047.00000231F046F000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	231F046F000
Size:	16384

Details

Name:	00000002.00000002.205684564.000000A40676B000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	A40676B000
Size:	20480

Details

Name:	00000001.00000002.210211995.0000000000548000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	548000
Size:	12288

Details

Name:	00000005.00000002.230118832.000000EF8F077000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	EF8F077000
Size:	36864

Details

Name:	00000005.00000002.230731793.000002A213F40000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2A213F40000
Size:	1269760

Details

Name:	00000004.00000002.211158687.0000004C3BFFF000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4C3BFFF000
Size:	4096

Details

Name:	00000001.00000002.210155122.000000000047E000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	47E000
Size:	8192

Details

Name:	00000003.00000003.209515421.00000000005CE000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5CE000
Size:	8192

Details

Name:	00000005.00000002.230321315.000002A213513000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2A213513000
Size:	8192

Details

Name:	00000004.00000002.213873190.00007FF58956C000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58956C000
Size:	4096

Details

Name:	00000002.00000002.207655182.00007FF593CAE000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF593CAE000
Size:	4096

Details

Name:	00000001.00000002.210937807.0000000002920000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2920000
Size:	8192

Details

Name:	00000001.00000003.205305969.0000000002D2F000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2D2F000
Size:	462848

Details

Name:	00000001.00000002.210918816.000000000281E000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	281E000
Size:	8192

Details

Name:	00000005.00000002.230241013.000002A213400000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2A213400000
Size:	73728

Details

Name:	00000002.00000003.205550478.00000232F2A69000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	232F2A69000
Size:	40960

Details

Name:	00000005.00000002.231192286.00007FF5918E7000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5918E7000
Size:	4096

Details

Name:	00000002.00000002.207243209.00007FF593BFF000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF593BFF000
Size:	16384

Details

Name:	00000003.00000002.211130521.0000000000430000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	430000
Size:	806912

Details

Name:	00000005.00000002.230131234.000000EF8F27F000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	EF8F27F000
Size:	4096

Details

Name:	00000002.00000002.207750518.00007FF593CB9000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF593CB9000
Size:	20480

Details

Name:	00000004.00000002.214163827.00007FF589CFE000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589CFE000
Size:	12288

Details

Name:	00000001.00000002.210955246.0000000002930000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2930000
Size:	4096

Details

Name:	00000001.00000003.206672202.0000000002D5F000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2D5F000
Size:	462848

Details

Name:	00000004.00000003.209581356.00000231F046F000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	231F046F000
Size:	16384

Details

Name:	00000002.00000003.205509104.00000232F2A6D000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	232F2A6D000
Size:	24576

Details

Name:	00000001.00000003.209742812.0000000002D5B000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2D5B000
Size:	4096

Details

Name:	00000001.00000003.206870550.0000000002AB0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2AB0000
Size:	1130496

Details

Name:	00000003.00000002.213569916.0000000000CAF000.00000040.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	CAF000
Size:	479232

Details

Name:	00000004.00000002.214185214.00007FF589D05000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589D05000
Size:	16384

Details

Name:	00000005.00000002.231039465.00007FF591787000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF591787000
Size:	20480

Details

Name:	00000001.00000002.210160337.0000000000480000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	480000
Size:	4096

Details

Name:	00000002.00000002.205698817.000000A406A79000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	A406A79000
Size:	28672

Details

Name:	00000002.00000002.205872965.00000232F2B13000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	232F2B13000
Size:	20480

Details

Name:	00000005.00000002.230324878.000002A213600000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2A213600000
Size:	4096

Details

Name:	00000002.00000002.205692303.000000A4067EF000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	A4067EF000
Size:	4096

Details

Name:	00000002.00000002.207639492.00007FF593C57000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF593C57000
Size:	4096

Details

Name:	00000002.00000002.206741171.00007FF59345C000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59345C000
Size:	4096

Details

Name:	00000001.00000002.211149237.00000000740D1000.00000020.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute read
Base address:	740D1000
Size:	8192

Details

Name:	00000005.00000002.231148160.00007FF5918BC000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5918BC000
Size:	12288

Details

Name:	00000002.00000002.206945635.00007FF593BC2000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF593BC2000
Size:	8192

Details

Name:	00000003.00000000.203386237.000000000040A000.00000008.00020000.sdmp
TargetID:	3
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page write copy
Base address:	40A000
Size:	4096

Details

Name:	00000005.00000002.230237868.000002A2133F0000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2A2133F0000
Size:	4096

Details

Name:	00000003.00000003.209533415.00000000005CF000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5CF000
Size:	45056

Details

Name:	00000004.00000002.211224525.00000231F0290000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	231F0290000
Size:	806912

Details

Name:	00000001.00000003.203556450.0000000002B96000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2B96000
Size:	487424

Details

Name:	00000005.00000002.231067145.00007FF591852000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF591852000
Size:	8192

Details

Name:	00000001.00000002.210928873.000000000291F000.00000004.00000010.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	291F000
Size:	4096

Details

Name:	00000005.00000000.218951154.00007FF591949000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF591949000
Size:	20480

Details

Name:	00000004.00000002.214492777.00007FF589DC1000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589DC1000
Size:	28672

Details

Name:	00000002.00000002.206811723.00007FF593A20000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF593A20000
Size:	4096

Details

Name:	00000002.00000002.205858754.00000232F2B00000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	232F2B00000
Size:	4096

Details

Name:	00000005.00000002.230095002.000000EF8ECF5000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	EF8ECF5000
Size:	45056

Details

Name:	00000005.00000002.230976247.00007FF5916CF000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5916CF000
Size:	16384

Details

Name:	00000004.00000002.214077134.00007FF589C9A000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589C9A000
Size:	4096

Details

Name:	00000002.00000003.205578815.00000232F2A69000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	232F2A69000
Size:	12288

Details

Name:	00000004.00000002.212905831.00000231F0600000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	231F0600000
Size:	36864

Details

Name:	00000005.00000002.230947985.00007FF591440000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF591440000
Size:	36864

Details

Name:	00000002.00000002.207704790.00007FF593CB1000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF593CB1000
Size:	28672

Details

Name:	00000001.00000002.210144999.0000000000435000.00000004.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	435000
Size:	8192

Details

Name:	00000001.00000002.210187257.0000000000510000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	510000
Size:	24576

Details

Name:	00000001.00000002.210181834.00000000004E0000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	4E0000
Size:	16384

Details

Name:	00000003.00000002.213565017.0000000000CAB000.00000040.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	CAB000
Size:	4096

Details

Name:	00000001.00000003.205613055.0000000002A80000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2A80000
Size:	1130496

Details

Name:	00000005.00000002.230996331.00007FF591738000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF591738000
Size:	8192

Details

Name:	00000005.00000002.230332918.000002A213A02000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2A213A02000
Size:	4096

Details

Name:	00000004.00000002.212203884.00000231F0400000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	231F0400000
Size:	4096

Details

Name:	00000001.00000002.210316298.000000000093E000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	93E000
Size:	8192

Details

Name:	00000001.00000001.202300081.00000000740D0000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	image loaded
Regiontype:	unkown image
Protect:	page readonly
Base address:	740D0000
Size:	4096

Details

Name:	00000005.00000002.230137696.000002A213230000.00000004.00000020.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	2A213230000
Size:	8192

Details

Name:	00000002.00000002.206986963.00007FF593BC8000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF593BC8000
Size:	4096

Details

Name:	00000003.00000003.210812357.0000000000500000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	500000
Size:	139264

Details

Name:	00000002.00000003.205388367.00000232F2A69000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	232F2A69000
Size:	40960

Details

Name:	00000005.00000002.230250219.000002A213413000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2A213413000
Size:	86016

Details

Name:	00000002.00000002.205714325.000000A406B79000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	A406B79000
Size:	28672

Details

Name:	00000001.00000003.202401316.0000000002951000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2951000
Size:	65536

Details

Name:	00000005.00000002.230134258.000002A2131D0000.00000004.00000040.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2A2131D0000
Size:	4096

Details

Name:	00000005.00000002.231110130.00007FF591885000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF591885000
Size:	16384

Details

Name:	00000002.00000003.205426075.00000232F2A69000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	232F2A69000
Size:	12288

Details

Name:	00000005.00000002.230262288.000002A213429000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2A213429000
Size:	73728

Details

Name:	00000002.00000002.205735860.00000232F2950000.00000004.00000040.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	232F2950000
Size:	4096

Details

Name:	00000002.00000002.206055979.00000232F45C0000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	232F45C0000
Size:	3371008

Details

Name:	00000001.00000002.210192886.0000000000518000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	518000
Size:	167936

Details

Name:	00000001.00000002.210216816.000000000054C000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	54C000
Size:	4096

Details

Name:	00000005.00000002.231183565.00007FF5918E0000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5918E0000
Size:	12288

Details

Name:	00000002.00000002.205754771.00000232F2A00000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	232F2A00000
Size:	4096

Details

Name:	00000001.00000002.210366962.00000000021A0000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	21A0000
Size:	20480

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary,

Details

Name:	00000005.00000002.230114049.000000EF8EF7D000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	EF8EF7D000
Size:	12288

Details

Name:	00000002.00000002.206771755.00007FF593927000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF593927000
Size:	12288

Details

Name:	00000001.00000001.202322105.0000000073780000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	image loaded
Regiontype:	unkown image
Protect:	page readonly
Base address:	73780000
Size:	4096

Details

Name:	00000002.00000002.207422121.00007FF593C2C000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF593C2C000
Size:	12288

Details

Name:	00000005.00000002.231196340.00007FF59193E000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59193E000
Size:	4096

Details

Name:	00000003.00000003.209488659.00000000005C9000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5C9000
Size:	8192

Details

Name:	00000005.00000002.230272674.000002A21343C000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2A21343C000
Size:	61440

Details

Name:	00000004.00000002.214126429.00007FF589CDA000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589CDA000
Size:	57344

Details

Name:	00000002.00000002.205797634.00000232F2A29000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	232F2A29000
Size:	86016

Details

Name:	00000002.00000002.207037994.00007FF593BCA000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF593BCA000
Size:	57344

Details

Name:	00000001.00000002.210766286.000000000271F000.00000004.00000010.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	271F000
Size:	4096

Details

Name:	00000004.00000002.211955422.00000231F0360000.00000008.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page write copy
Base address:	231F0360000
Size:	266240

Details

Name:	00000001.00000003.204268776.0000000002A80000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2A80000
Size:	1130496

Details

Name:	00000005.00000003.230012140.000002A213451000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2A213451000
Size:	110592

Details

Name:	00000001.00000002.210306787.00000000008DE000.00000004.00000010.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	8DE000
Size:	8192

Details

Name:	00000001.00000002.210106552.0000000000408000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	408000
Size:	8192

Details

Name:	00000004.00000002.214044670.00007FF589C77000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589C77000
Size:	8192

Details

Name:	00000001.00000002.211137968.00000000740D0000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	740D0000
Size:	4096

Details

Name:	00000004.00000002.212320763.00000231F0413000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	231F0413000
Size:	86016

Details

Name:	00000003.00000002.213150395.0000000000B1B000.00000040.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	B1B000
Size:	4096

Details

Name:	00000003.00000002.211873234.00000000005C0000.00000004.00000020.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	5C0000
Size:	16384

Details

Name:	00000001.00000002.211111185.0000000073783000.00000040.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	73783000
Size:	8192

Details

Name:	00000001.00000003.202533450.0000000002A50000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2A50000
Size:	135168

Details

Name:	00000004.00000002.214439636.00007FF589D67000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589D67000
Size:	4096

Details

Name:	00000002.00000003.203092073.00000232F2A6D000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	232F2A6D000
Size:	24576

Details

Name:	00000004.00000002.213894179.00007FF589A24000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589A24000
Size:	8192

Details

Name:	00000001.00000002.210968269.0000000002950000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2950000
Size:	184320

Details

Name:	00000001.00000003.205792473.0000000002B96000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2B96000
Size:	487424

Details

Name:	00000001.00000003.209278203.0000000002AB0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2AB0000
Size:	1130496

Details

Name:	00000005.00000002.231051160.00007FF591840000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF591840000
Size:	4096

Details

Name:	00000004.00000002.214097300.00007FF589CD2000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589CD2000
Size:	8192

Details

Name:	00000001.00000003.206133081.0000000002AB0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2AB0000
Size:	1130496

Details

Name:	00000002.00000002.206762887.00007FF593923000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF593923000
Size:	12288

Details

Name:	00000001.00000002.210112543.000000000040A000.00000004.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	40A000
Size:	69632

Details

Name:	00000003.00000002.211934361.00000000006C0000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6C0000
Size:	184320

Details

Name:	00000004.00000002.213952733.00007FF589A85000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589A85000
Size:	12288

Details

Name:	00000002.00000002.206834670.00007FF593AC3000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF593AC3000
Size:	4096

Details

Name:	00000003.00000002.210979033.000000000009D000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	9D000
Size:	12288

Details

Name:	00000002.00000003.205483783.00000232F2A6C000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	232F2A6C000
Size:	28672

Details

Name:	00000001.00000002.210150471.0000000000438000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	438000
Size:	4096

Details

Name:	00000002.00000003.205530740.00000232F2A6D000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	232F2A6D000
Size:	24576

Details

Name:	00000004.00000003.209522737.00000231F046B000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	231F046B000
Size:	32768

Details

Name:	00000001.00000002.211078275.0000000073781000.00000080.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and write copy
Base address:	73781000
Size:	4096

Details

Name:	00000002.00000002.205722787.000000A406BFE000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	A406BFE000
Size:	8192

Details

Name:	00000005.00000002.230280602.000002A21344F000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2A21344F000
Size:	8192

Details

Name:	00000002.00000002.206051671.00000232F44C0000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	232F44C0000
Size:	4096

Details

Name:	00000005.00000002.231055011.00007FF591842000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF591842000
Size:	4096

Details

Name:	00000002.00000002.207494323.00007FF593C3C000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF593C3C000
Size:	12288

Details

Name:	00000001.00000002.210164060.0000000000490000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	490000
Size:	16384

Details

Name:	00000004.00000002.213901111.00007FF589A33000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589A33000
Size:	12288

Details

Name:	00000004.00000002.212967951.00000231F1EA0000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	231F1EA0000
Size:	3371008

Details

Name:	00000001.00000003.203794503.0000000002D2B000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2D2B000
Size:	4096

Details

Name:	00000001.00000003.204790353.0000000002D2B000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2D2B000
Size:	4096

Details

Name:	00000001.00000002.211175377.00000000740D5000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	740D5000
Size:	4096

Details

Name:	00000002.00000002.207528272.00007FF593C47000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF593C47000
Size:	16384

Details

Name:	00000002.00000002.205707238.000000A406AFE000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	A406AFE000
Size:	8192

Details

Name:	00000002.00000002.205758912.00000232F2A02000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	232F2A02000
Size:	65536

Details

Name:	00000002.00000002.206885097.00007FF593B6A000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF593B6A000
Size:	20480

Details

Name:	00000001.00000002.210373644.00000000021B0000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	21B0000
Size:	4096

Details

Name:	00000002.00000002.205728986.000000A406C7D000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	A406C7D000
Size:	12288

Details

Name:	00000001.00000003.209752778.0000000002D5F000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2D5F000
Size:	462848

Details

Name:	00000005.00000002.231136506.00007FF5918AD000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5918AD000
Size:	12288

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOCReport

Files

Processes

URLs

Memdumps