Automated Malware Analysis IOC Report for

Details

Name:	00000001.00000002.204042221.0000000000E81000.00000020.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute read
Base address:	E81000
Size:	40960

Signature Hits	Behavior Group	Mitre Attack
Yara detected Emotet	E-Banking Fraud, Stealing of Sensitive Information

Details

Name:	00000000.00000002.197161113.0000000000E81000.00000020.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute read
Base address:	E81000
Size:	40960

Signature Hits	Behavior Group	Mitre Attack
Yara detected Emotet	E-Banking Fraud, Stealing of Sensitive Information

Details

Name:	00000001.00000000.196655416.0000000000E81000.00000020.00020000.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute read
Base address:	E81000
Size:	40960

Signature Hits	Behavior Group	Mitre Attack
Yara detected Emotet	E-Banking Fraud, Stealing of Sensitive Information

Details

Name:	00000003.00000002.463934168.0000000000E81000.00000020.00020000.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute read
Base address:	E81000
Size:	40960

Signature Hits	Behavior Group	Mitre Attack
Yara detected Emotet	E-Banking Fraud, Stealing of Sensitive Information

Details

Name:	00000002.00000002.203686958.0000000000E81000.00000020.00020000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute read
Base address:	E81000
Size:	40960

Signature Hits	Behavior Group	Mitre Attack
Yara detected Emotet	E-Banking Fraud, Stealing of Sensitive Information

Details

Name:	00000003.00000000.203264019.0000000000E81000.00000020.00020000.sdmp
TargetID:	3
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute read
Base address:	E81000
Size:	40960

Signature Hits	Behavior Group	Mitre Attack
Yara detected Emotet	E-Banking Fraud, Stealing of Sensitive Information

Details

Name:	00000000.00000000.195788006.0000000000E81000.00000020.00020000.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute read
Base address:	E81000
Size:	40960

Signature Hits	Behavior Group	Mitre Attack
Yara detected Emotet	E-Banking Fraud, Stealing of Sensitive Information

Details

Name:	00000002.00000000.202503920.0000000000E81000.00000020.00020000.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute read
Base address:	E81000
Size:	40960

Signature Hits	Behavior Group	Mitre Attack
Yara detected Emotet	E-Banking Fraud, Stealing of Sensitive Information

Details

Name:	00000003.00000002.464570486.0000000001A8A000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1A8A000
Size:	24576

Details

Name:	00000007.00000002.464320440.000001EA9A868000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1EA9A868000
Size:	20480

Details

Name:	00000008.00000002.466656007.00007FF50148E000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF50148E000
Size:	12288

Details

Name:	00000009.00000003.285857924.000001CE219E0000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CE219E0000
Size:	4096

Details

Name:	0000000A.00000002.463847853.0000005079E7F000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5079E7F000
Size:	4096

Details

Name:	0000000D.00000002.464757583.00007FF5741D7000.00000002.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5741D7000
Size:	8192

Details

Name:	0000000F.00000002.346837138.00007FF5C28D1000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C28D1000
Size:	4096

Details

Name:	0000000B.00000002.308242763.000001BC42000000.00000004.00000040.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	1BC42000000
Size:	4096

Details

Name:	00000008.00000002.466348377.00007FF5012DF000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5012DF000
Size:	16384

Details

Name:	00000003.00000003.212892848.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000004.00000002.464693672.00000201194E0000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	201194E0000
Size:	8192

Details

Name:	00000001.00000000.196592500.0000000000E80000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	E80000
Size:	4096

Details

Name:	0000000B.00000003.308124017.000001BC4225B000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BC4225B000
Size:	4096

Details

Name:	00000006.00000003.264496733.0000022914558000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	22914558000
Size:	8192

Details

Name:	00000003.00000003.212622845.0000000000E44000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	E44000
Size:	4096

Details

Name:	00000011.00000002.350859072.00007FF5D9B6C000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D9B6C000
Size:	12288

Details

Name:	0000000B.00000002.308672654.00007FF546BDD000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF546BDD000
Size:	12288

Details

Name:	0000000F.00000002.345228652.000001F003EF0000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003EF0000
Size:	69632

Details

Name:	00000007.00000002.465574506.00007FF59BAF5000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59BAF5000
Size:	12288

Details

Name:	0000000F.00000002.347037847.00007FF5C29B6000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C29B6000
Size:	20480

Details

Name:	00000011.00000002.350810499.00007FF5D9B25000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D9B25000
Size:	16384

Details

Name:	00000007.00000002.465330698.00007FF59BA4C000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59BA4C000
Size:	8192

Details

Name:	0000000B.00000002.308420615.000001BC4223B000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1BC4223B000
Size:	4096

Signature Hits	Behavior Group	Mitre Attack
Urls found in memory or binary data	Networking

Details

Name:	00000003.00000002.464024398.0000000000F8B000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	F8B000
Size:	20480

Details

Name:	00000008.00000002.464620549.0000026F17113000.00000004.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	26F17113000
Size:	4096

Details

Name:	0000000F.00000003.342495408.000001F005FFA000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005FFA000
Size:	4096

Details

Name:	00000011.00000002.349673723.00000092F26FE000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	92F26FE000
Size:	8192

Details

Name:	00000008.00000002.466441996.00007FF50137C000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF50137C000
Size:	4096

Details

Name:	00000003.00000003.212587325.0000000000E44000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	E44000
Size:	4096

Details

Name:	00000007.00000002.465470647.00007FF59BAD1000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59BAD1000
Size:	12288

Details

Name:	0000000F.00000003.339407141.000001F007310000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F007310000
Size:	311296

Details

Name:	00000003.00000003.213493612.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	8192

Details

Name:	00000007.00000002.465656102.00007FF59BB07000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59BB07000
Size:	8192

Details

Name:	00000009.00000002.466272572.00007FF5E63B2000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E63B2000
Size:	4096

Details

Name:	00000001.00000002.204503759.0000000002DB0000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2DB0000
Size:	294912

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	0000000D.00000002.464636407.00007FF57416E000.00000002.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57416E000
Size:	12288

Details

Name:	00000007.00000002.464348916.000001EA9A902000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1EA9A902000
Size:	45056

Details

Name:	00000006.00000002.467058082.00007FF58B16E000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B16E000
Size:	24576

Details

Name:	0000000F.00000003.342143950.000001F005FE0000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005FE0000
Size:	8192

Details

Name:	00000009.00000002.466501245.00007FF5E6445000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E6445000
Size:	24576

Details

Name:	0000000A.00000002.464220827.0000022A2D289000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22A2D289000
Size:	8192

Details

Name:	0000000F.00000002.346168519.000001F005FF4000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005FF4000
Size:	8192

Details

Name:	00000003.00000003.212637267.0000000000E44000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	E44000
Size:	4096

Details

Name:	00000008.00000002.464548812.0000026F170CB000.00000004.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	26F170CB000
Size:	102400

Details

Name:	0000000D.00000002.464420429.00000183628D0000.00000002.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	183628D0000
Size:	4096

Details

Name:	0000000A.00000002.465546505.00007FF51FDB9000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF51FDB9000
Size:	8192

Details

Name:	00000007.00000002.464193508.000001EA9A813000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1EA9A813000
Size:	86016

Details

Name:	00000006.00000002.467748768.00007FF58B983000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B983000
Size:	4096

Details

Name:	0000000F.00000002.346979143.00007FF5C296E000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C296E000
Size:	12288

Details

Name:	0000000B.00000002.308223429.0000004F9B47E000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4F9B47E000
Size:	8192

Details

Name:	0000000F.00000003.337484448.000001F005F67000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005F67000
Size:	32768

Details

Name:	0000000D.00000000.287970192.00007FF574239000.00000002.00000001.sdmp
TargetID:	13
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF574239000
Size:	20480

Details

Name:	00000006.00000003.258554314.0000022919264000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	22919264000
Size:	4096

Details

Name:	0000000F.00000003.342006470.000001F003EA9000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003EA9000
Size:	4096

Details

Name:	0000000A.00000002.463881975.000000507A07F000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	507A07F000
Size:	4096

Details

Name:	0000000B.00000003.308049457.000001BC42276000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BC42276000
Size:	45056

Details

Name:	00000006.00000002.467262163.00007FF58B63E000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B63E000
Size:	16384

Details

Name:	00000006.00000002.467639783.00007FF58B91C000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B91C000
Size:	12288

Details

Name:	0000000F.00000002.345159039.000001F003EA7000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003EA7000
Size:	4096

Details

Name:	00000006.00000002.464018545.0000022913BE0000.00000004.00000020.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	22913BE0000
Size:	12288

Details

Name:	0000000F.00000002.347096871.00007FF5C2A31000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C2A31000
Size:	28672

Details

Name:	00000006.00000000.258111509.00007FF58BAA9000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58BAA9000
Size:	20480

Details

Name:	0000000F.00000002.344707157.00000015DA7FF000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	15DA7FF000
Size:	4096

Details

Name:	0000000B.00000002.308617849.00007FF546B88000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF546B88000
Size:	65536

Details

Name:	0000000F.00000002.347004597.00007FF5C2989000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C2989000
Size:	8192

Details

Name:	0000000F.00000003.336648407.000001F003E97000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003E97000
Size:	24576

Details

Name:	00000007.00000002.463881246.000001EA9A6E0000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1EA9A6E0000
Size:	806912

Details

Name:	0000000A.00000002.465560122.00007FF51FE75000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF51FE75000
Size:	8192

Details

Name:	0000000F.00000002.346902722.00007FF5C2917000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C2917000
Size:	4096

Details

Name:	00000009.00000002.466122392.00007FF5E6258000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E6258000
Size:	8192

Details

Name:	0000000F.00000002.345243598.000001F003F02000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003F02000
Size:	65536

Details

Name:	0000000A.00000002.464515068.0000022A2D4D0000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	22A2D4D0000
Size:	4096

Details

Name:	00000006.00000002.466137300.0000022919314000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	22919314000
Size:	4096

Details

Name:	0000000F.00000002.346772183.00007FF5C278A000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C278A000
Size:	16384

Details

Name:	00000009.00000002.464679149.000001CE21B13000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1CE21B13000
Size:	12288

Details

Name:	0000000B.00000002.308574145.00007FF54634C000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF54634C000
Size:	8192

Details

Name:	0000000F.00000002.344685911.00000015DA77B000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	15DA77B000
Size:	20480

Details

Name:	00000008.00000002.464662947.0000026F17660000.00000008.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page write copy
Base address:	26F17660000
Size:	266240

Details

Name:	0000000F.00000003.343045351.000001F003F1E000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003F1E000
Size:	4096

Details

Name:	00000006.00000003.265461294.00000229194B6000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	229194B6000
Size:	4096

Details

Name:	00000003.00000003.213372712.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000003.00000003.212836771.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000006.00000002.466762944.00000229194AE000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	229194AE000
Size:	20480

Details

Name:	0000000A.00000002.463933373.0000022A2D140000.00000004.00000040.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	22A2D140000
Size:	4096

Details

Name:	00000008.00000002.466454514.00007FF5013CC000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5013CC000
Size:	12288

Details

Name:	0000000F.00000003.342059835.000001F003E74000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003E74000
Size:	8192

Details

Name:	0000000F.00000002.345975809.000001F005E02000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005E02000
Size:	4096

Details

Name:	00000007.00000002.465665494.00007FF59BB5E000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59BB5E000
Size:	4096

Details

Name:	0000000B.00000003.308066622.000001BC4227A000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BC4227A000
Size:	28672

Details

Name:	00000009.00000002.464368407.000001CE21960000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1CE21960000
Size:	4096

Details

Name:	0000000F.00000003.341909106.000001F003EEB000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003EEB000
Size:	16384

Details

Name:	0000000A.00000002.464549215.0000022A2DC00000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	22A2DC00000
Size:	3371008

Details

Name:	0000000A.00000002.464240896.0000022A2D313000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22A2D313000
Size:	4096

Details

Name:	0000000D.00000002.463902450.00000052ACFFD000.00000004.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	52ACFFD000
Size:	12288

Details

Name:	0000000F.00000003.335907410.000001F003ECD000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003ECD000
Size:	4096

Details

Name:	0000000A.00000002.463764915.00000050796FB000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	50796FB000
Size:	20480

Details

Name:	0000000F.00000002.345220830.000001F003EEC000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003EEC000
Size:	12288

Details

Name:	0000000A.00000002.465758980.00007FF51FF0A000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF51FF0A000
Size:	49152

Details

Name:	00000001.00000002.204557127.0000000002F50000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2F50000
Size:	634880

Details

Name:	00000009.00000002.466282207.00007FF5E63C2000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E63C2000
Size:	8192

Details

Name:	00000003.00000002.463912307.0000000000E80000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	E80000
Size:	4096

Details

Name:	00000003.00000003.212729449.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000008.00000002.466314781.00007FF5011A6000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5011A6000
Size:	4096

Details

Name:	0000000A.00000002.465833900.00007FF51FF56000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF51FF56000
Size:	12288

Details

Name:	0000000F.00000002.346362347.000001F006600000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1F006600000
Size:	1269760

Details

Name:	00000003.00000003.212356612.0000000000E44000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	E44000
Size:	4096

Details

Name:	00000004.00000002.465005641.00007FF5A3132000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5A3132000
Size:	61440

Details

Name:	00000001.00000002.204014445.0000000000DCC000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	DCC000
Size:	16384

Details

Name:	0000000B.00000002.308423829.000001BC4223E000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1BC4223E000
Size:	12288

Signature Hits	Behavior Group	Mitre Attack
Urls found in memory or binary data	Networking

Details

Name:	0000000A.00000002.464524517.0000022A2D860000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	22A2D860000
Size:	12288

Details

Name:	0000000F.00000002.346633999.00007FF5C256D000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C256D000
Size:	8192

Details

Name:	0000000F.00000002.344994035.000001F003E3F000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003E3F000
Size:	81920

Details

Name:	0000000F.00000003.342104765.000001F003EEB000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003EEB000
Size:	16384

Details

Name:	0000000F.00000003.340162441.000001F003E55000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003E55000
Size:	16384

Details

Name:	00000009.00000002.464375386.000001CE219A0000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1CE219A0000
Size:	8192

Details

Name:	00000007.00000002.465352558.00007FF59BA62000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59BA62000
Size:	4096

Details

Name:	00000004.00000002.464934243.00007FF5A30F1000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5A30F1000
Size:	12288

Details

Name:	00000008.00000002.466220562.00007FF5010C2000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5010C2000
Size:	4096

Details

Name:	00000003.00000002.463751039.0000000000B6C000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	B6C000
Size:	16384

Details

Name:	0000000A.00000002.463952423.0000022A2D1B0000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	22A2D1B0000
Size:	16384

Details

Name:	00000006.00000002.464444932.0000022913D25000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22913D25000
Size:	8192

Details

Name:	0000000F.00000002.346987682.00007FF5C2975000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C2975000
Size:	16384

Details

Name:	00000003.00000003.213324935.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000002.00000002.203659878.0000000000910000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	910000
Size:	4096

Details

Name:	0000000F.00000003.340336288.000001F007210000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F007210000
Size:	438272

Details

Name:	00000003.00000003.212484711.0000000000E44000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	E44000
Size:	4096

Details

Name:	0000000D.00000002.464600446.00007FF574107000.00000002.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF574107000
Size:	16384

Details

Name:	00000008.00000002.464246141.0000026F16F80000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	26F16F80000
Size:	16384

Details

Name:	00000006.00000002.466359829.0000022919400000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22919400000
Size:	69632

Details

Name:	00000009.00000002.465856724.00007DFD31044000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7DFD31044000
Size:	8192

Details

Name:	00000009.00000002.463846420.0000001CA64FC000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1CA64FC000
Size:	16384

Details

Name:	0000000F.00000003.342687125.000001F005F34000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005F34000
Size:	12288

Details

Name:	00000003.00000003.212773285.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000007.00000002.463847837.000001EA9A670000.00000004.00000040.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	1EA9A670000
Size:	4096

Details

Name:	00000001.00000001.196693315.0000000000E80000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	image loaded
Regiontype:	unkown image
Protect:	page readonly
Base address:	E80000
Size:	4096

Details

Name:	00000006.00000002.466988138.00000229196C0000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	229196C0000
Size:	40960

Details

Name:	00000003.00000003.212491921.0000000000E44000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	E44000
Size:	4096

Details

Name:	00000001.00000002.203898817.0000000000B01000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	B01000
Size:	118784

Details

Name:	00000009.00000002.463802894.0000001CA61FF000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1CA61FF000
Size:	4096

Details

Name:	00000006.00000002.468042333.00007FF58BAA9000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58BAA9000
Size:	20480

Details

Name:	00000008.00000002.466666333.00007FF501495000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF501495000
Size:	16384

Details

Name:	00000003.00000002.463792625.0000000000C4D000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	C4D000
Size:	4096

Details

Name:	00000009.00000002.464361933.000001CE21930000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1CE21930000
Size:	4096

Details

Name:	00000006.00000002.464038867.0000022913C00000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22913C00000
Size:	73728

Details

Name:	0000000A.00000002.465442532.00007FF51FCA5000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF51FCA5000
Size:	12288

Details

Name:	00000006.00000002.464941630.0000022914CD0000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	22914CD0000
Size:	65536

Details

Name:	00000007.00000002.463864361.000001EA9A6D0000.00000004.00000020.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	1EA9A6D0000
Size:	8192

Details

Name:	00000001.00000002.203796271.00000000007C1000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7C1000
Size:	4096

Details

Name:	00000008.00000002.466801597.00007FF5014E5000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5014E5000
Size:	24576

Details

Name:	00000003.00000003.212536057.0000000000E44000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	E44000
Size:	4096

Details

Name:	0000000F.00000003.340221477.000001F006242000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F006242000
Size:	122880

Details

Name:	00000007.00000002.464340611.000001EA9A900000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1EA9A900000
Size:	4096

Details

Name:	00000004.00000002.464951717.00007FF5A3106000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5A3106000
Size:	20480

Details

Name:	00000011.00000002.349682408.00000092F277E000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	92F277E000
Size:	8192

Details

Name:	00000006.00000002.467478590.00007FF58B82F000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B82F000
Size:	16384

Details

Name:	0000000A.00000002.465785970.00007FF51FF25000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF51FF25000
Size:	16384

Details

Name:	0000000A.00000002.465813917.00007FF51FF4D000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF51FF4D000
Size:	12288

Details

Name:	00000003.00000003.212546861.0000000000E44000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	E44000
Size:	4096

Details

Name:	00000009.00000002.466332632.00007FF5E63EE000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E63EE000
Size:	12288

Details

Name:	0000000A.00000002.465961285.00007FF51FF80000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF51FF80000
Size:	12288

Details

Name:	00000009.00000003.285555109.000001CE21A48000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CE21A48000
Size:	4096

Details

Name:	00000003.00000002.465470073.000000000228C000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	228C000
Size:	4096

Details

Name:	0000000A.00000002.465412329.00007FF51FC97000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF51FC97000
Size:	20480

Details

Name:	00000002.00000002.203554969.00000000004ED000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4ED000
Size:	12288

Details

Name:	0000000F.00000002.345257104.000001F003F14000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003F14000
Size:	32768

Details

Name:	0000000F.00000002.346843422.00007FF5C28DA000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C28DA000
Size:	8192

Details

Name:	00000011.00000002.350568273.00007FF5D93F5000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D93F5000
Size:	12288

Details

Name:	0000000F.00000002.346601428.00007FF5C2258000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C2258000
Size:	4096

Details

Name:	0000000F.00000003.342889210.000001F003F1F000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003F1F000
Size:	131072

Details

Name:	0000000F.00000002.344378482.00000015D9CFE000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	15D9CFE000
Size:	8192

Details

Name:	0000000F.00000002.346197439.000001F006000000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F006000000
Size:	40960

Details

Name:	0000000F.00000003.336175843.000001F003ECB000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003ECB000
Size:	16384

Details

Name:	00000003.00000003.212457951.0000000000E44000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	E44000
Size:	4096

Details

Name:	00000003.00000003.212763970.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000003.00000003.213135971.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000009.00000002.466221870.00007FF5E63A4000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E63A4000
Size:	8192

Details

Name:	00000011.00000002.350592546.00007FF5D9844000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D9844000
Size:	8192

Details

Name:	00000003.00000003.212794589.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000004.00000002.464859558.00007FF5A3098000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5A3098000
Size:	4096

Details

Name:	00000009.00000003.285728012.000001CE21A59000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CE21A59000
Size:	4096

Details

Name:	00000008.00000002.466776061.00007FF5014D6000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5014D6000
Size:	20480

Details

Name:	0000000A.00000002.463864411.0000005079F7D000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5079F7D000
Size:	12288

Details

Name:	00000008.00000002.464389478.0000026F17029000.00000004.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	26F17029000
Size:	90112

Details

Name:	0000000D.00000002.463927693.00000183624E0000.00000004.00000040.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	183624E0000
Size:	4096

Details

Name:	00000006.00000002.464862419.0000022914415000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22914415000
Size:	4096

Details

Name:	00000003.00000003.212370608.0000000000E50000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	E50000
Size:	126976

Details

Name:	00000004.00000002.464267933.0000020117B20000.00000004.00000040.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	20117B20000
Size:	12288

Details

Name:	00000003.00000003.212857885.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	0000000F.00000003.343644927.000001F006183000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F006183000
Size:	229376

Details

Name:	00000006.00000002.467367205.00007FF58B75E000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B75E000
Size:	4096

Details

Name:	00000001.00000002.204068259.000000000108E000.00000004.00000010.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	108E000
Size:	8192

Details

Name:	0000000F.00000002.346815558.00007FF5C2847000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C2847000
Size:	12288

Details

Name:	0000000D.00000002.464000104.0000018362602000.00000004.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	18362602000
Size:	65536

Details

Name:	0000000F.00000003.335570999.000001F003E87000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003E87000
Size:	24576

Details

Name:	00000003.00000003.212751012.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000006.00000002.467450667.00007FF58B80E000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B80E000
Size:	4096

Details

Name:	00000003.00000003.212968093.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000003.00000003.212558040.0000000000E44000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	E44000
Size:	4096

Details

Name:	0000000B.00000002.308496960.000001BC42A02000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1BC42A02000
Size:	4096

Details

Name:	0000000F.00000003.342671948.000001F005F28000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005F28000
Size:	45056

Details

Name:	00000003.00000002.464520308.0000000001740000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1740000
Size:	16384

Details

Name:	0000000F.00000002.346896933.00007FF5C2913000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C2913000
Size:	4096

Details

Name:	00000006.00000002.466783419.0000022919600000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	22919600000
Size:	368640

Signature Hits	Behavior Group	Mitre Attack
Urls found in memory or binary data	Networking

Details

Name:	00000006.00000002.467422769.00007FF58B7DC000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B7DC000
Size:	4096

Details

Name:	00000006.00000002.467776940.00007FF58B998000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B998000
Size:	4096

Details

Name:	00000004.00000002.465044759.00007FF5A3189000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5A3189000
Size:	20480

Details

Name:	00000008.00000002.466640627.00007FF50147A000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF50147A000
Size:	49152

Details

Name:	0000000A.00000002.465664149.00007FF51FED8000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF51FED8000
Size:	4096

Details

Name:	00000006.00000002.467982867.00007FF58BA40000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58BA40000
Size:	12288

Details

Name:	00000006.00000002.467216979.00007FF58B5E5000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B5E5000
Size:	8192

Details

Name:	0000000F.00000002.344488440.00000015DA17B000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	15DA17B000
Size:	20480

Details

Name:	0000000A.00000002.465777551.00007FF51FF1E000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF51FF1E000
Size:	12288

Details

Name:	0000000F.00000003.339941118.000001F007310000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F007310000
Size:	573440

Details

Name:	00000011.00000002.350755576.00007FF5D9ABA000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D9ABA000
Size:	4096

Details

Name:	0000000F.00000002.344731159.000001F003D30000.00000004.00000020.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	1F003D30000
Size:	12288

Details

Name:	00000003.00000003.213297068.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000004.00000002.464715677.0000020119500000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	20119500000
Size:	8192

Details

Name:	0000000F.00000003.339530474.000001F007510000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F007510000
Size:	393216

Details

Name:	00000004.00000002.464967157.00007FF5A3115000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5A3115000
Size:	24576

Details

Name:	0000000F.00000002.346964470.00007FF5C295A000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C295A000
Size:	49152

Details

Name:	0000000F.00000002.346050570.000001F005F5D000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005F5D000
Size:	28672

Details

Name:	00000008.00000002.466846005.00007FF50154E000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF50154E000
Size:	4096

Details

Name:	00000006.00000002.467189267.00007FF58B5E1000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B5E1000
Size:	4096

Details

Name:	00000006.00000002.466939824.0000022919680000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	22919680000
Size:	32768

Details

Name:	00000004.00000002.464795780.00007FF5A2E03000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5A2E03000
Size:	24576

Details

Name:	0000000A.00000002.463924620.000000507A47E000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	507A47E000
Size:	8192

Details

Name:	0000000D.00000002.463764305.00000052AC87B000.00000004.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	52AC87B000
Size:	20480

Details

Name:	00000007.00000002.464130326.000001EA9A7B0000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1EA9A7B0000
Size:	16384

Details

Name:	0000000F.00000003.339811835.000001F007110000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F007110000
Size:	491520

Details

Name:	00000006.00000002.464824135.0000022914350000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22914350000
Size:	4096

Details

Name:	0000000F.00000000.334965895.00007FF5C2A39000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C2A39000
Size:	20480

Details

Name:	0000000B.00000002.308412832.000001BC4222A000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1BC4222A000
Size:	57344

Details

Name:	00000006.00000003.262913152.0000022919240000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	22919240000
Size:	4096

Details

Name:	0000000D.00000002.463801497.00000052ACB7E000.00000004.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	52ACB7E000
Size:	8192

Details

Name:	0000000A.00000002.465373287.00007FF51F792000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF51F792000
Size:	12288

Details

Name:	00000006.00000002.464457309.0000022913E00000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	22913E00000
Size:	806912

Details

Name:	00000006.00000002.467520613.00007FF58B85C000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B85C000
Size:	16384

Details

Name:	00000001.00000002.204498175.0000000002DAE000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2DAE000
Size:	8192

Details

Name:	00000006.00000002.465957368.00000229190B0000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	229190B0000
Size:	4096

Details

Name:	00000011.00000002.350894150.00007FF5D9BE1000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D9BE1000
Size:	28672

Details

Name:	00000004.00000002.464492920.0000020119410000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	20119410000
Size:	733184

Details

Name:	0000000A.00000002.465707820.00007FF51FEF6000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF51FEF6000
Size:	4096

Details

Name:	00000011.00000002.350864284.00007FF5D9B77000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D9B77000
Size:	16384

Details

Name:	0000000F.00000002.345127089.000001F003E82000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003E82000
Size:	102400

Details

Name:	0000000F.00000003.342393919.000001F005FE0000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005FE0000
Size:	8192

Details

Name:	00000007.00000002.465675163.00007FF59BB60000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59BB60000
Size:	32768

Details

Name:	00000003.00000003.212343734.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	65536

Details

Name:	00000006.00000002.467842197.00007FF58B9CA000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B9CA000
Size:	49152

Details

Name:	0000000F.00000002.345993885.000001F005F15000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005F15000
Size:	4096

Details

Name:	0000000D.00000002.464608363.00007FF574130000.00000002.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF574130000
Size:	4096

Details

Name:	00000011.00000002.350105075.000002188AAE0000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2188AAE0000
Size:	4096

Details

Name:	00000007.00000000.283038416.00007FF59BB69000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59BB69000
Size:	20480

Details

Name:	00000003.00000003.213453461.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000001.00000002.203837203.0000000000A20000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	A20000
Size:	16384

Details

Name:	0000000B.00000002.308431563.000001BC42246000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1BC42246000
Size:	4096

Details

Name:	0000000F.00000003.340398482.000001F007310000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F007310000
Size:	573440

Details

Name:	0000000F.00000003.342724495.000001F005FFB000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005FFB000
Size:	4096

Details

Name:	00000003.00000003.213446094.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000006.00000002.467320428.00007FF58B6BC000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B6BC000
Size:	8192

Details

Name:	0000000F.00000002.344371765.00000015D9C7E000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	15D9C7E000
Size:	8192

Details

Name:	0000000F.00000002.346655647.00007FF5C2694000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C2694000
Size:	8192

Details

Name:	00000003.00000003.212528834.0000000000E44000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	E44000
Size:	4096

Details

Name:	0000000D.00000002.464576521.00007FF573E55000.00000002.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF573E55000
Size:	12288

Details

Name:	00000011.00000002.349703479.00000092F287A000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	92F287A000
Size:	24576

Details

Name:	00000004.00000002.464723233.0000020119520000.00000004.00000040.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	20119520000
Size:	4096

Details

Name:	0000000A.00000002.465796252.00007FF51FF2F000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF51FF2F000
Size:	16384

Details

Name:	0000000F.00000003.336215369.000001F003E8A000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003E8A000
Size:	16384

Details

Name:	00000001.00000002.204633723.000000000302E000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	302E000
Size:	8192

Details

Name:	00000009.00000003.285561144.000001CE21A58000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CE21A58000
Size:	4096

Details

Name:	00000008.00000002.466791900.00007FF5014DC000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5014DC000
Size:	12288

Details

Name:	0000000F.00000002.345980709.000001F005F00000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005F00000
Size:	73728

Details

Name:	00000006.00000002.463901207.0000007808D7F000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7808D7F000
Size:	4096

Details

Name:	0000000D.00000002.463870914.00000052ACEFD000.00000004.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	52ACEFD000
Size:	12288

Details

Name:	00000006.00000002.467664837.00007FF58B941000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B941000
Size:	4096

Details

Name:	0000000B.00000002.308451104.000001BC42269000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1BC42269000
Size:	4096

Details

Name:	0000000F.00000002.344419449.00000015D9EF9000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	15D9EF9000
Size:	28672

Details

Name:	00000009.00000002.464629544.000001CE21A8A000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1CE21A8A000
Size:	4096

Details

Name:	00000009.00000003.285796159.000001CE21A59000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CE21A59000
Size:	4096

Details

Name:	00000006.00000002.467170171.00007FF58B442000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B442000
Size:	4096

Details

Name:	0000000D.00000002.464521540.00007FF573DF0000.00000002.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF573DF0000
Size:	8192

Details

Name:	00000007.00000002.464408317.000001EA9B200000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1EA9B200000
Size:	3371008

Details

Name:	00000001.00000002.203824994.00000000009CE000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	9CE000
Size:	8192

Details

Name:	00000004.00000002.463781410.000000C36DE7D000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	C36DE7D000
Size:	12288

Details

Name:	0000000B.00000002.308445096.000001BC42261000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1BC42261000
Size:	20480

Details

Name:	00000003.00000003.212917482.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000009.00000002.466570804.00007FF5E64B1000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E64B1000
Size:	28672

Details

Name:	00000003.00000002.465403544.0000000001F0E000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F0E000
Size:	8192

Details

Name:	0000000F.00000002.347053054.00007FF5C29C5000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C29C5000
Size:	4096

Details

Name:	0000000D.00000002.464587831.00007FF573FBF000.00000002.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF573FBF000
Size:	16384

Details

Name:	00000006.00000002.464377607.0000022913CFC000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22913CFC000
Size:	20480

Details

Name:	00000011.00000002.349746508.0000021889002000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	21889002000
Size:	65536

Details

Name:	00000011.00000002.350736698.00007FF5D9A9A000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D9A9A000
Size:	20480

Details

Name:	0000000D.00000002.464624770.00007FF574148000.00000002.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF574148000
Size:	36864

Details

Name:	00000009.00000002.465949197.00007FF5E5C61000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E5C61000
Size:	4096

Details

Name:	00000003.00000000.203276580.0000000000E8B000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	E8B000
Size:	4096

Details

Name:	0000000F.00000002.344965828.000001F003E29000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003E29000
Size:	86016

Details

Name:	00000006.00000002.467303206.00007FF58B6B6000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B6B6000
Size:	12288

Details

Name:	00000001.00000003.201471132.0000000000AEC000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AEC000
Size:	4096

Details

Name:	00000007.00000002.465508379.00007FF59BADC000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59BADC000
Size:	12288

Details

Name:	0000000D.00000002.463812231.00000052ACC7E000.00000004.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	52ACC7E000
Size:	8192

Details

Name:	00000007.00000002.464398482.000001EA9B002000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1EA9B002000
Size:	4096

Details

Name:	00000009.00000002.466184883.00007FF5E62C7000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E62C7000
Size:	12288

Details

Name:	00000006.00000002.464004301.00000078094FF000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	78094FF000
Size:	4096

Details

Name:	0000000F.00000003.343164011.000001F003F6F000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003F6F000
Size:	69632

Details

Name:	0000000F.00000002.345383129.000001F0040D0000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1F0040D0000
Size:	28672

Details

Name:	00000007.00000002.465261770.00007FF59B6A5000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59B6A5000
Size:	8192

Details

Name:	00000003.00000003.212472606.0000000000E44000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	E44000
Size:	4096

Details

Name:	0000000F.00000003.339718905.000001F007010000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F007010000
Size:	782336

Details

Name:	0000000F.00000003.340241458.000001F006282000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F006282000
Size:	262144

Details

Name:	0000000B.00000002.308667036.00007FF546BC9000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF546BC9000
Size:	8192

Details

Name:	00000000.00000001.195821310.0000000000E80000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	image loaded
Regiontype:	unkown image
Protect:	page readonly
Base address:	E80000
Size:	4096

Details

Name:	00000006.00000002.465041635.0000022914D30000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	22914D30000
Size:	3371008

Details

Name:	0000000B.00000002.308434753.000001BC4224F000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1BC4224F000
Size:	28672

Signature Hits	Behavior Group	Mitre Attack
Urls found in memory or binary data	Networking

Details

Name:	0000000A.00000002.463791633.0000005079AFB000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5079AFB000
Size:	20480

Details

Name:	00000008.00000002.463847508.000000A761CFB000.00000004.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	A761CFB000
Size:	20480

Details

Name:	00000007.00000002.465553578.00007FF59BAEC000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59BAEC000
Size:	12288

Details

Name:	00000003.00000003.212785611.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000001.00000002.204063683.0000000000F8E000.00000004.00000010.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	F8E000
Size:	8192

Details

Name:	00000006.00000003.258604018.0000022919284000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	22919284000
Size:	4096

Details

Name:	0000000F.00000002.344355081.00000015D99FB000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	15D99FB000
Size:	20480

Details

Name:	00000008.00000002.466761288.00007FF5014CC000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5014CC000
Size:	12288

Details

Name:	00000003.00000003.212884481.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	0000000F.00000003.340022000.000001F007410000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F007410000
Size:	667648

Details

Name:	00000006.00000002.467557766.00007FF58B861000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B861000
Size:	4096

Details

Name:	0000000B.00000002.308565755.00007FF54634A000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF54634A000
Size:	4096

Details

Name:	0000000D.00000002.464743827.00007FF5741D4000.00000002.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5741D4000
Size:	8192

Details

Name:	00000006.00000002.466121402.0000022919310000.00000008.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page write copy
Base address:	22919310000
Size:	4096

Details

Name:	0000000F.00000003.342289956.000001F003EA9000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003EA9000
Size:	4096

Details

Name:	00000006.00000002.467712304.00007FF58B96B000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B96B000
Size:	4096

Details

Name:	00000008.00000002.466290246.00007FF501141000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF501141000
Size:	4096

Details

Name:	00000009.00000002.466397146.00007FF5E6409000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E6409000
Size:	8192

Details

Name:	00000008.00000002.466410010.00007FF501367000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF501367000
Size:	12288

Details

Name:	00000003.00000003.212504543.0000000000E44000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	E44000
Size:	4096

Details

Name:	00000009.00000002.465885598.00007FF5E5B8E000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E5B8E000
Size:	24576

Details

Name:	0000000B.00000003.308166377.000001BC42247000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BC42247000
Size:	8192

Details

Name:	0000000F.00000003.341858717.000001F003EE0000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003EE0000
Size:	40960

Details

Name:	0000000B.00000002.308590670.00007FF54699A000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF54699A000
Size:	4096

Details

Name:	00000008.00000002.466735270.00007FF5014C1000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5014C1000
Size:	12288

Details

Name:	0000000A.00000002.465883185.00007FF51FF5C000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF51FF5C000
Size:	12288

Details

Name:	0000000F.00000002.346793723.00007FF5C27BF000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C27BF000
Size:	16384

Details

Name:	0000000A.00000002.463964244.0000022A2D1C0000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	22A2D1C0000
Size:	4096

Details

Name:	0000000A.00000002.465509459.00007FF51FD88000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF51FD88000
Size:	8192

Details

Name:	00000011.00000002.350636355.00007FF5D98B0000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D98B0000
Size:	4096

Details

Name:	0000000F.00000002.345172101.000001F003EB0000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003EB0000
Size:	176128

Details

Name:	00000003.00000001.203305019.0000000000E80000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	image loaded
Regiontype:	unkown image
Protect:	page readonly
Base address:	E80000
Size:	4096

Details

Name:	0000000F.00000002.346180872.000001F005FF7000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005FF7000
Size:	4096

Details

Name:	00000000.00000002.197062659.0000000000800000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	800000
Size:	806912

Details

Name:	00000006.00000002.466274805.0000022919380000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22919380000
Size:	4096

Details

Name:	00000009.00000002.464329130.000001CE218F0000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1CE218F0000
Size:	16384

Details

Name:	00000001.00000002.203828990.0000000000A0E000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	A0E000
Size:	8192

Details

Name:	00000009.00000002.466429831.00007FF5E6426000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E6426000
Size:	12288

Details

Name:	00000003.00000003.212697875.0000000000E44000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	E44000
Size:	4096

Details

Name:	00000001.00000002.204549743.0000000002E40000.00000004.00000040.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2E40000
Size:	4096

Details

Name:	00000006.00000002.467817375.00007FF58B9B8000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B9B8000
Size:	65536

Details

Name:	00000008.00000002.465060812.0000026F17A00000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	26F17A00000
Size:	3371008

Details

Name:	00000001.00000002.204054749.0000000000E8C000.00000004.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	E8C000
Size:	4096

Details

Name:	0000000F.00000002.347065215.00007FF5C29D0000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C29D0000
Size:	12288

Details

Name:	00000006.00000002.463941341.0000007808FFA000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7808FFA000
Size:	24576

Details

Name:	00000007.00000002.465359058.00007FF59BA72000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59BA72000
Size:	8192

Details

Name:	00000003.00000003.212510859.0000000000E44000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	E44000
Size:	4096

Details

Name:	00000008.00000002.465047895.0000026F17900000.00000004.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	26F17900000
Size:	4096

Details

Name:	00000004.00000002.464430746.0000020118000000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	20118000000
Size:	282624

Details

Name:	00000011.00000002.350748387.00007FF5D9AA1000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D9AA1000
Size:	4096

Details

Name:	00000001.00000002.203801286.00000000007C4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7C4000
Size:	4096

Details

Name:	0000000B.00000002.308247360.000001BC42060000.00000004.00000020.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	1BC42060000
Size:	8192

Details

Name:	00000003.00000002.464503639.00000000013B0000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	13B0000
Size:	4096

Details

Name:	00000006.00000002.463925284.0000007808E7F000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7808E7F000
Size:	4096

Details

Name:	0000000F.00000002.347046184.00007FF5C29BC000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C29BC000
Size:	12288

Details

Name:	00000006.00000002.466530619.000002291943E000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2291943E000
Size:	49152

Details

Name:	00000003.00000003.213180099.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	0000000F.00000002.346935225.00007FF5C2942000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C2942000
Size:	8192

Details

Name:	00000003.00000003.212479031.0000000000E44000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	E44000
Size:	4096

Details

Name:	00000003.00000003.212522598.0000000000E44000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	E44000
Size:	4096

Details

Name:	00000002.00000000.202497607.0000000000E80000.00000002.00020000.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	E80000
Size:	4096

Details

Name:	00000006.00000002.465968077.00000229190F0000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	229190F0000
Size:	139264

Details

Name:	00000009.00000002.464647449.000001CE21B00000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1CE21B00000
Size:	4096

Details

Name:	00000008.00000002.466825060.00007FF5014F4000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5014F4000
Size:	8192

Details

Name:	0000000D.00000002.464671646.00007FF57419D000.00000002.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57419D000
Size:	12288

Details

Name:	0000000F.00000002.344822609.000001F003D90000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1F003D90000
Size:	16384

Details

Name:	0000000B.00000002.308384385.000001BC42200000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1BC42200000
Size:	4096

Details

Name:	00000006.00000003.264490195.0000022914518000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	22914518000
Size:	4096

Details

Name:	00000007.00000002.463811281.000000D4D08FE000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	D4D08FE000
Size:	8192

Details

Name:	00000011.00000002.350846532.00007FF5D9B5C000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D9B5C000
Size:	12288

Details

Name:	00000011.00000002.350080531.0000021889320000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	21889320000
Size:	28672

Details

Name:	00000001.00000002.204059449.0000000000E8D000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	E8D000
Size:	4096

Details

Name:	0000000A.00000002.465602296.00007FF51FEBA000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF51FEBA000
Size:	4096

Details

Name:	00000006.00000002.464884292.0000022914513000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22914513000
Size:	20480

Details

Name:	0000000F.00000002.346908955.00007FF5C291C000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C291C000
Size:	16384

Details

Name:	0000000F.00000003.339363627.000001F007210000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F007210000
Size:	315392

Details

Name:	0000000F.00000003.342158728.000001F005FE0000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005FE0000
Size:	8192

Details

Name:	00000004.00000002.463814754.000000C36DFFC000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	C36DFFC000
Size:	16384

Details

Name:	00000003.00000003.212996367.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	0000000D.00000002.464710233.00007FF5741B6000.00000002.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5741B6000
Size:	20480

Details

Name:	00000006.00000002.467626403.00007FF58B915000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B915000
Size:	12288

Details

Name:	00000003.00000003.212986229.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000006.00000003.264318933.0000022914518000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	22914518000
Size:	4096

Details

Name:	00000011.00000002.349837066.0000021889054000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	21889054000
Size:	90112

Details

Name:	00000009.00000002.463873807.0000001CA65FE000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1CA65FE000
Size:	8192

Details

Name:	00000001.00000002.204644199.000000000316E000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	316E000
Size:	8192

Details

Name:	00000008.00000002.463875841.000000A761DFD000.00000004.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	A761DFD000
Size:	12288

Details

Name:	0000000D.00000002.464533132.00007FF573DF3000.00000002.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF573DF3000
Size:	12288

Details

Name:	0000000F.00000003.336208826.000001F003E81000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003E81000
Size:	4096

Details

Name:	0000000B.00000002.308705751.00007FF546C05000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF546C05000
Size:	24576

Details

Name:	0000000B.00000002.308463201.000001BC42279000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1BC42279000
Size:	4096

Details

Name:	00000003.00000003.212705698.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000011.00000002.350110550.000002188ABE0000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2188ABE0000
Size:	3371008

Details

Name:	00000011.00000002.350667885.00007FF5D99F3000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D99F3000
Size:	4096

Details

Name:	00000003.00000003.278878218.00000000022A0000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	22A0000
Size:	126976

Details

Name:	00000001.00000002.203861205.0000000000AA0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	AA0000
Size:	4096

Details

Name:	00000006.00000002.464204430.0000022913C70000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22913C70000
Size:	4096

Details

Name:	00000006.00000002.463839493.0000007808AF9000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7808AF9000
Size:	28672

Details

Name:	00000003.00000003.212901715.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000009.00000002.463764087.0000001CA5B1B000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1CA5B1B000
Size:	20480

Details

Name:	0000000F.00000002.345913239.000001F005CF0000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1F005CF0000
Size:	12288

Details

Name:	00000003.00000003.212567329.0000000000E44000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	E44000
Size:	4096

Details

Name:	00000008.00000002.463915973.000000A761E7C000.00000004.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	A761E7C000
Size:	16384

Details

Name:	00000009.00000002.463912008.000001CE21820000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1CE21820000
Size:	806912

Details

Name:	00000011.00000002.350674317.00007FF5D99F7000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D99F7000
Size:	12288

Details

Name:	00000008.00000002.466582430.00007FF501462000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF501462000
Size:	8192

Details

Name:	00000006.00000002.467918799.00007FF58BA11000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58BA11000
Size:	12288

Details

Name:	00000009.00000002.466074897.00007FF5E6220000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E6220000
Size:	4096

Details

Name:	0000000F.00000002.346211133.000001F006012000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F006012000
Size:	139264

Details

Name:	00000006.00000002.464245180.0000022913C7A000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22913C7A000
Size:	4096

Details

Name:	00000009.00000002.463814220.0000001CA62FE000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1CA62FE000
Size:	8192

Details

Name:	0000000F.00000002.347018655.00007FF5C29A1000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C29A1000
Size:	12288

Details

Name:	0000000F.00000003.339693715.000001F006183000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F006183000
Size:	204800

Details

Name:	0000000A.00000002.465490698.00007FF51FD6F000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF51FD6F000
Size:	16384

Details

Name:	0000000B.00000002.308218293.0000004F9B1EE000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4F9B1EE000
Size:	8192

Details

Name:	00000006.00000002.467396461.00007FF58B770000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B770000
Size:	4096

Details

Name:	00000011.00000002.350778443.00007FF5D9AF8000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D9AF8000
Size:	4096

Details

Name:	0000000F.00000002.345948185.000001F005D30000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005D30000
Size:	8192

Details

Name:	0000000B.00000002.308482959.000001BC42302000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1BC42302000
Size:	16384

Details

Name:	00000003.00000003.212516426.0000000000E44000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	E44000
Size:	4096

Details

Name:	0000000A.00000002.465697215.00007FF51FEF2000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF51FEF2000
Size:	4096

Details

Name:	00000000.00000002.197028588.00000000003F0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3F0000
Size:	4096

Details

Name:	00000007.00000002.463834572.000000D4D09FE000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	D4D09FE000
Size:	8192

Details

Name:	00000006.00000002.463884787.0000007808CFB000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7808CFB000
Size:	20480

Details

Name:	00000004.00000002.464729474.00000201195B0000.00000004.00000040.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	201195B0000
Size:	4096

Details

Name:	00000009.00000002.466451265.00007FF5E6436000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E6436000
Size:	20480

Details

Name:	0000000F.00000002.347025548.00007FF5C29A6000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C29A6000
Size:	12288

Details

Name:	00000006.00000002.464269313.0000022913C8E000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22913C8E000
Size:	4096

Details

Name:	00000009.00000002.466210714.00007FF5E6345000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E6345000
Size:	8192

Details

Name:	00000009.00000003.285869372.000001CE219E0000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CE219E0000
Size:	4096

Details

Name:	0000000F.00000002.346765861.00007FF5C2778000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C2778000
Size:	4096

Details

Name:	00000006.00000002.467379407.00007FF58B765000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B765000
Size:	12288

Details

Name:	00000008.00000002.464630741.0000026F17200000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	26F17200000
Size:	4096

Details

Name:	00000008.00000002.465054330.0000026F17932000.00000004.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	26F17932000
Size:	8192

Details

Name:	00000006.00000002.466213024.000002291933C000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2291933C000
Size:	4096

Details

Name:	00000011.00000002.350904606.00007FF5D9BE9000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D9BE9000
Size:	20480

Details

Name:	00000003.00000003.212630800.0000000000E44000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	E44000
Size:	4096

Details

Name:	0000000F.00000002.344668547.00000015DA6FC000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	15DA6FC000
Size:	16384

Details

Name:	0000000D.00000002.464779435.00007FF574239000.00000002.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF574239000
Size:	20480

Details

Name:	0000000B.00000002.308472916.000001BC42283000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1BC42283000
Size:	28672

Details

Name:	00000001.00000002.203841890.0000000000A30000.00000004.00000040.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	A30000
Size:	16384

Details

Name:	0000000F.00000002.345107242.000001F003E77000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003E77000
Size:	40960

Details

Name:	0000000F.00000003.336611372.000001F003EDD000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003EDD000
Size:	4096

Details

Name:	00000006.00000002.464173017.0000022913C53000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22913C53000
Size:	8192

Details

Name:	00000009.00000002.465958024.00007FF5E5C68000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E5C68000
Size:	16384

Details

Name:	0000000D.00000002.464169165.0000018362702000.00000004.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	18362702000
Size:	28672

Signature Hits	Behavior Group	Mitre Attack
AV process strings found (often used to terminate AV products)	Lowering of HIPS / PFW / Operating System Security Settings	Security Software Discovery

Details

Name:	00000011.00000002.349689010.00000092F27FA000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	92F27FA000
Size:	24576

Details

Name:	00000004.00000002.464279456.0000020117B25000.00000004.00000040.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	20117B25000
Size:	12288

Details

Name:	00000003.00000002.464536688.000000000184D000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	184D000
Size:	12288

Details

Name:	00000006.00000002.466958121.00000229196A0000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	229196A0000
Size:	73728

Details

Name:	00000003.00000002.465441007.000000000214F000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	214F000
Size:	4096

Details

Name:	00000003.00000003.212498746.0000000000E44000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	E44000
Size:	4096

Details

Name:	00000011.00000002.350641231.00007FF5D993A000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D993A000
Size:	16384

Details

Name:	0000000F.00000002.345935109.000001F005D10000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005D10000
Size:	8192

Details

Name:	00000003.00000003.213157063.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	0000000F.00000002.344403765.00000015D9DFA000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	15D9DFA000
Size:	24576

Details

Name:	0000000B.00000003.308076101.000001BC42266000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BC42266000
Size:	16384

Details

Name:	0000000F.00000003.342696199.000001F005F18000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005F18000
Size:	4096

Details

Name:	00000009.00000002.466364543.00007FF5E63FF000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E63FF000
Size:	16384

Details

Name:	00000006.00000002.467116310.00007FF58B24C000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B24C000
Size:	4096

Details

Name:	00000007.00000002.465416904.00007FF59BAA5000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59BAA5000
Size:	16384

Details

Name:	0000000A.00000002.464094285.0000022A2D22A000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22A2D22A000
Size:	81920

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000006.00000002.466064899.0000022919140000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22919140000
Size:	4096

Details

Name:	00000001.00000000.196667713.0000000000E8B000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	E8B000
Size:	4096

Details

Name:	00000007.00000002.464388874.000001EA9AD90000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1EA9AD90000
Size:	16384

Details

Name:	00000001.00000002.204009323.0000000000D8E000.00000004.00000010.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	D8E000
Size:	8192

Details

Name:	0000000F.00000003.341405537.000001F007410000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F007410000
Size:	667648

Details

Name:	0000000B.00000003.308129197.000001BC4225A000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BC4225A000
Size:	4096

Details

Name:	0000000A.00000002.465686911.00007FF51FEE2000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF51FEE2000
Size:	4096

Details

Name:	00000006.00000002.467804337.00007FF58B9B2000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B9B2000
Size:	8192

Details

Name:	00000009.00000002.466310907.00007FF5E63C8000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E63C8000
Size:	40960

Details

Name:	00000003.00000003.213222152.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	0000000F.00000003.336068655.000001F003ECD000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003ECD000
Size:	4096

Details

Name:	0000000F.00000002.344600139.00000015DA4FB000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	15DA4FB000
Size:	20480

Details

Name:	0000000B.00000003.308111994.000001BC4225E000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BC4225E000
Size:	4096

Details

Name:	00000004.00000002.463882344.00000201179B0000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	201179B0000
Size:	16384

Details

Name:	00000002.00000002.203705593.0000000000E8D000.00000002.00020000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	E8D000
Size:	4096

Details

Name:	0000000F.00000002.345165876.000001F003EA9000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003EA9000
Size:	4096

Details

Name:	0000000B.00000002.308714129.00007FF546C10000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF546C10000
Size:	12288

Details

Name:	0000000F.00000003.343802584.000001F006183000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F006183000
Size:	229376

Details

Name:	0000000F.00000002.346917105.00007FF5C2928000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C2928000
Size:	4096

Details

Name:	0000000D.00000003.288489985.00000183625A0000.00000004.00000001.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	183625A0000
Size:	4096

Details

Name:	00000009.00000002.464420235.000001CE21A13000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1CE21A13000
Size:	90112

Details

Name:	00000008.00000002.466474837.00007FF5013D7000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5013D7000
Size:	4096

Details

Name:	00000011.00000002.350599955.00007FF5D9853000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D9853000
Size:	12288

Details

Name:	0000000F.00000002.344537231.00000015DA2FB000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	15DA2FB000
Size:	20480

Details

Name:	00000006.00000002.467766174.00007FF58B98C000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B98C000
Size:	16384

Details

Name:	0000000F.00000003.335564343.000001F003E82000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003E82000
Size:	12288

Details

Name:	00000003.00000003.213165329.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	0000000F.00000002.344412630.00000015D9E7E000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	15D9E7E000
Size:	8192

Details

Name:	00000006.00000002.466239066.0000022919360000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22919360000
Size:	4096

Details

Name:	00000009.00000002.466295290.00007FF5E63C6000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E63C6000
Size:	4096

Details

Name:	00000006.00000002.463989019.00000078092FC000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	78092FC000
Size:	16384

Details

Name:	00000006.00000002.465013905.0000022914D10000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	22914D10000
Size:	65536

Details

Name:	00000003.00000003.213248526.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000004.00000002.464823039.00007FF5A302E000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5A302E000
Size:	8192

Details

Name:	00000000.00000002.197170815.0000000000E8B000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	E8B000
Size:	4096

Details

Name:	0000000A.00000002.464200280.0000022A2D271000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22A2D271000
Size:	16384

Details

Name:	00000008.00000002.463814180.000000A761B7E000.00000004.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	A761B7E000
Size:	8192

Details

Name:	00000003.00000002.464101050.0000000000FEA000.00000004.00000020.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	FEA000
Size:	106496

Details

Name:	00000006.00000003.258637348.0000022919310000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	22919310000
Size:	4096

Details

Name:	00000011.00000002.350876011.00007FF5D9B84000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D9B84000
Size:	8192

Details

Name:	0000000B.00000003.308132894.000001BC4223D000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BC4223D000
Size:	49152

Signature Hits	Behavior Group	Mitre Attack
Urls found in memory or binary data	Networking

Details

Name:	00000004.00000002.464775059.00007FF5A291C000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5A291C000
Size:	4096

Details

Name:	0000000D.00000002.463958892.0000018362550000.00000002.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	18362550000
Size:	16384

Details

Name:	00000008.00000002.464273343.0000026F16FA0000.00000004.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	26F16FA0000
Size:	4096

Details

Name:	00000002.00000002.203664963.0000000000A10000.00000004.00000020.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	A10000
Size:	20480

Details

Name:	00000003.00000003.213121818.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	0000000F.00000002.346747015.00007FF5C2700000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C2700000
Size:	4096

Details

Name:	0000000F.00000003.342376629.000001F005FE0000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005FE0000
Size:	8192

Details

Name:	00000006.00000002.464255249.0000022913C8A000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22913C8A000
Size:	12288

Details

Name:	00000011.00000002.350762583.00007FF5D9ABC000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D9ABC000
Size:	4096

Details

Name:	00000009.00000002.464705364.000001CE21C00000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1CE21C00000
Size:	28672

Details

Name:	00000006.00000003.258517355.000002291924E000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2291924E000
Size:	73728

Details

Name:	0000000D.00000002.464664104.00007FF574189000.00000002.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF574189000
Size:	8192

Details

Name:	00000009.00000002.465915134.00007FF5E5B95000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E5B95000
Size:	8192

Details

Name:	0000000A.00000002.465459385.00007FF51FCB0000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF51FCB0000
Size:	4096

Details

Name:	00000003.00000003.212602398.0000000000E44000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	E44000
Size:	4096

Details

Name:	00000006.00000002.465938055.00000229150A0000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	229150A0000
Size:	4096

Details

Name:	0000000F.00000002.346317425.000001F0060A4000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F0060A4000
Size:	65536

Details

Name:	0000000F.00000003.336154462.000001F003ECF000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003ECF000
Size:	4096

Details

Name:	0000000B.00000002.308388283.000001BC42202000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1BC42202000
Size:	65536

Details

Name:	00000001.00000002.204654616.00000000032AE000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	32AE000
Size:	8192

Details

Name:	0000000F.00000002.346356911.000001F006400000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F006400000
Size:	4096

Details

Name:	00000004.00000002.464907267.00007FF5A30BE000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5A30BE000
Size:	12288

Details

Name:	0000000F.00000003.339576392.000001F006442000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F006442000
Size:	262144

Details

Name:	0000000D.00000003.288501637.00000183625A0000.00000004.00000001.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	183625A0000
Size:	4096

Details

Name:	0000000A.00000002.463940486.0000022A2D1A0000.00000004.00000020.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	22A2D1A0000
Size:	8192

Details

Name:	0000000F.00000003.342732929.000001F003E56000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003E56000
Size:	4096

Details

Name:	00000003.00000000.203283717.0000000000E8D000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	E8D000
Size:	4096

Details

Name:	00000003.00000002.464139905.000000000103C000.00000004.00000020.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	103C000
Size:	4096

Details

Name:	00000004.00000002.465025037.00007FF5A317E000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5A317E000
Size:	4096

Details

Name:	00000003.00000003.212580539.0000000000E44000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	E44000
Size:	4096

Details

Name:	00000006.00000002.467131644.00007FF58B250000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B250000
Size:	8192

Details

Name:	00000002.00000002.203670045.0000000000BF0000.00000004.00000020.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	BF0000
Size:	32768

Details

Name:	00000003.00000002.464057449.0000000000FA7000.00000004.00000020.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	FA7000
Size:	253952

Details

Name:	0000000B.00000000.286002061.00007FF546C79000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF546C79000
Size:	20480

Details

Name:	00000008.00000002.464474006.0000026F1706B000.00000004.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	26F1706B000
Size:	110592

Details

Name:	0000000D.00000002.463790910.00000052ACAFE000.00000004.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	52ACAFE000
Size:	8192

Details

Name:	0000000F.00000002.345958726.000001F005D50000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1F005D50000
Size:	73728

Details

Name:	00000003.00000002.463830407.0000000000E20000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	E20000
Size:	16384

Details

Name:	00000009.00000002.465972445.00007FF5E5CF5000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E5CF5000
Size:	16384

Details

Name:	00000003.00000003.213233576.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000007.00000002.465696011.00007FF59BB69000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59BB69000
Size:	20480

Details

Name:	0000000F.00000002.346800919.00007FF5C2828000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C2828000
Size:	8192

Details

Name:	00000003.00000003.213267534.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000001.00000002.204032232.0000000000E70000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	E70000
Size:	16384

Details

Name:	0000000B.00000002.308690497.00007FF546BF6000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF546BF6000
Size:	20480

Details

Name:	00000006.00000002.467949159.00007FF58BA26000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58BA26000
Size:	20480

Details

Name:	00000009.00000002.466347805.00007FF5E63F5000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E63F5000
Size:	16384

Details

Name:	0000000F.00000003.342308601.000001F005FE0000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005FE0000
Size:	8192

Details

Name:	0000000B.00000002.308454330.000001BC4226C000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1BC4226C000
Size:	40960

Details

Name:	0000000F.00000002.344579600.00000015DA47B000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	15DA47B000
Size:	20480

Details

Name:	0000000A.00000002.463895322.000000507A17E000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	507A17E000
Size:	8192

Details

Name:	00000011.00000002.350773471.00007FF5D9AF6000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D9AF6000
Size:	4096

Details

Name:	00000003.00000003.213240304.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000006.00000002.466032274.0000022919120000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22919120000
Size:	4096

Details

Name:	00000003.00000003.212959852.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000008.00000002.466545638.00007FF501450000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF501450000
Size:	4096

Details

Name:	0000000D.00000002.464458060.0000018363000000.00000004.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	18363000000
Size:	4096

Details

Name:	00000007.00000002.465305683.00007FF59BA17000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59BA17000
Size:	8192

Details

Name:	00000003.00000003.212909360.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000006.00000003.258586609.0000022919270000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	22919270000
Size:	8192

Details

Name:	00000003.00000002.465489646.000000000228E000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	228E000
Size:	8192

Details

Name:	00000008.00000002.466678131.00007FF50149F000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF50149F000
Size:	16384

Details

Name:	00000006.00000003.258487017.0000022919240000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	22919240000
Size:	28672

Details

Name:	00000008.00000002.466487721.00007FF5013E5000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5013E5000
Size:	8192

Details

Name:	0000000B.00000002.308751340.00007FF546C79000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF546C79000
Size:	20480

Details

Name:	00000003.00000003.213107878.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000008.00000002.464645129.0000026F17590000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	26F17590000
Size:	12288

Details

Name:	00000006.00000002.467908432.00007FF58BA0D000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58BA0D000
Size:	12288

Details

Name:	0000000F.00000002.346780829.00007FF5C279E000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C279E000
Size:	4096

Details

Name:	00000011.00000002.350652113.00007FF5D9950000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D9950000
Size:	4096

Details

Name:	00000003.00000003.213147331.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000003.00000002.464122886.000000000100B000.00000004.00000020.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	100B000
Size:	8192

Details

Name:	00000008.00000002.464038970.0000026F16EA0000.00000004.00000020.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	26F16EA0000
Size:	8192

Details

Name:	00000004.00000002.464837818.00007FF5A3080000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5A3080000
Size:	4096

Details

Name:	0000000B.00000002.308468098.000001BC4227D000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1BC4227D000
Size:	16384

Details

Name:	00000011.00000002.350782407.00007FF5D9AFA000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D9AFA000
Size:	57344

Details

Name:	0000000A.00000002.463902097.000000507A27E000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	507A27E000
Size:	8192

Details

Name:	0000000D.00000002.464080604.0000018362635000.00000004.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	18362635000
Size:	28672

Details

Name:	00000007.00000002.464301567.000001EA9A857000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1EA9A857000
Size:	28672

Details

Name:	0000000F.00000003.340200656.000001F006202000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F006202000
Size:	118784

Details

Name:	0000000D.00000002.464644023.00007FF574175000.00000002.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF574175000
Size:	16384

Details

Name:	00000008.00000002.463990337.000000A76217D000.00000004.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	A76217D000
Size:	12288

Details

Name:	00000001.00000002.204079767.000000000292D000.00000004.00000010.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	292D000
Size:	12288

Details

Name:	0000000F.00000002.346186240.000001F005FF9000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005FF9000
Size:	16384

Details

Name:	00000009.00000002.466436786.00007FF5E642C000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E642C000
Size:	12288

Details

Name:	00000006.00000002.466080956.0000022919260000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22919260000
Size:	4096

Details

Name:	00000004.00000002.464757258.000002011997F000.00000004.00000040.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2011997F000
Size:	4096

Details

Name:	0000000B.00000002.308721258.00007FF546C14000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF546C14000
Size:	8192

Details

Name:	0000000F.00000003.341957995.000001F003EEB000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003EEB000
Size:	16384

Details

Name:	0000000D.00000002.464450919.0000018362E02000.00000004.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	18362E02000
Size:	4096

Details

Name:	0000000A.00000003.285542478.0000022A2D269000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	22A2D269000
Size:	16384

Details

Name:	00000007.00000002.464168532.000001EA9A802000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1EA9A802000
Size:	65536

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000009.00000002.466136337.00007FF5E627A000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E627A000
Size:	4096

Details

Name:	00000003.00000003.212647181.0000000000E44000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	E44000
Size:	4096

Details

Name:	00000009.00000002.464583645.000001CE21A63000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1CE21A63000
Size:	16384

Details

Name:	00000006.00000002.464429404.0000022913D13000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22913D13000
Size:	4096

Details

Name:	0000000A.00000002.464051941.0000022A2D213000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22A2D213000
Size:	90112

Details

Name:	0000000F.00000002.346059840.000001F005F65000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005F65000
Size:	61440

Details

Name:	0000000F.00000003.340744768.000001F007310000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F007310000
Size:	802816

Details

Name:	00000001.00000002.204072709.0000000001090000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1090000
Size:	28672

Details

Name:	0000000F.00000002.345941677.000001F005D20000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005D20000
Size:	8192

Details

Name:	00000002.00000002.203564713.0000000000758000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	758000
Size:	8192

Details

Name:	0000000F.00000003.342705240.000001F005FF9000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005FF9000
Size:	4096

Details

Name:	00000008.00000002.464284690.0000026F16FD0000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	26F16FD0000
Size:	40960

Details

Name:	00000009.00000002.466480367.00007FF5E643C000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E643C000
Size:	12288

Details

Name:	0000000F.00000002.346256999.000001F006053000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F006053000
Size:	65536

Details

Name:	0000000F.00000002.346130168.000001F005FC6000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005FC6000
Size:	98304

Details

Name:	00000006.00000002.465919979.0000022915090000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22915090000
Size:	8192

Details

Name:	00000004.00000002.464996939.00007FF5A312D000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5A312D000
Size:	16384

Details

Name:	0000000F.00000002.347058328.00007FF5C29C7000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C29C7000
Size:	16384

Details

Name:	00000004.00000002.464920693.00007FF5A30D9000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5A30D9000
Size:	8192

Details

Name:	00000006.00000002.467353443.00007FF58B757000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B757000
Size:	20480

Details

Name:	0000000F.00000003.336201048.000001F003ED8000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003ED8000
Size:	4096

Details

Name:	00000003.00000002.465331103.0000000001DE0000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1DE0000
Size:	200704

Details

Name:	0000000B.00000002.308228914.0000004F9B67E000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4F9B67E000
Size:	8192

Details

Name:	00000000.00000002.197021276.000000000039D000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	39D000
Size:	12288

Details

Name:	0000000F.00000002.346674601.00007FF5C26A7000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C26A7000
Size:	12288

Details

Name:	0000000F.00000003.339671388.000001F006143000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F006143000
Size:	204800

Details

Name:	00000003.00000002.463959772.0000000000E8B000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	E8B000
Size:	4096

Details

Name:	0000000F.00000003.341325136.000001F006282000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F006282000
Size:	262144

Details

Name:	0000000B.00000002.308427916.000001BC42242000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1BC42242000
Size:	8192

Details

Name:	00000003.00000002.464145969.00000000010A0000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	10A0000
Size:	806912

Details

Name:	0000000A.00000002.465981413.00007FF51FF87000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF51FF87000
Size:	8192

Details

Name:	00000009.00000003.285722262.000001CE21A49000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CE21A49000
Size:	4096

Details

Name:	00000003.00000003.213256506.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000009.00000002.465994040.00007FF5E5FF5000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E5FF5000
Size:	8192

Details

Name:	00000009.00000002.466085466.00007FF5E623F000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E623F000
Size:	16384

Details

Name:	00000006.00000002.467872469.00007FF58B9E5000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B9E5000
Size:	16384

Details

Name:	0000000F.00000003.342536974.000001F003F3F000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003F3F000
Size:	65536

Details

Name:	00000004.00000002.464913509.00007FF5A30C5000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5A30C5000
Size:	16384

Details

Name:	0000000B.00000002.308251592.000001BC42070000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1BC42070000
Size:	806912

Details

Name:	00000006.00000002.464149632.0000022913C3F000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22913C3F000
Size:	77824

Details

Name:	0000000B.00000002.308441069.000001BC42258000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1BC42258000
Size:	8192

Signature Hits	Behavior Group	Mitre Attack
Urls found in memory or binary data	Networking

Details

Name:	00000008.00000002.466300094.00007FF50118E000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF50118E000
Size:	4096

Details

Name:	00000006.00000003.258503459.0000022919248000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	22919248000
Size:	16384

Details

Name:	0000000B.00000002.308582599.00007FF546413000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF546413000
Size:	4096

Details

Name:	00000002.00000002.203697111.0000000000E8B000.00000002.00020000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	E8B000
Size:	4096

Details

Name:	00000007.00000002.465291500.00007FF59B93A000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59B93A000
Size:	4096

Details

Name:	0000000B.00000003.308025349.000001BC4226A000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BC4226A000
Size:	94208

Details

Name:	0000000F.00000003.341978355.000001F003E97000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003E97000
Size:	61440

Details

Name:	0000000B.00000002.308211951.0000004F9B16C000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4F9B16C000
Size:	16384

Details

Name:	00000008.00000002.466195237.00007FF5010BE000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5010BE000
Size:	12288

Details

Name:	00000000.00000000.195803828.0000000000E8D000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	E8D000
Size:	4096

Details

Name:	00000003.00000003.212826174.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000003.00000003.212737352.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000008.00000000.283895489.00007FF501559000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF501559000
Size:	20480

Details

Name:	00000001.00000002.204092018.0000000002A30000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2A30000
Size:	3371008

Details

Name:	00000007.00000002.464308316.000001EA9A85F000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1EA9A85F000
Size:	32768

Details

Name:	00000008.00000002.464503291.0000026F170BA000.00000004.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	26F170BA000
Size:	24576

Details

Name:	00000003.00000003.212574723.0000000000E44000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	E44000
Size:	4096

Details

Name:	0000000B.00000003.286359870.000001BC42232000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BC42232000
Size:	40960

Signature Hits	Behavior Group	Mitre Attack
Urls found in memory or binary data	Networking

Details

Name:	00000003.00000003.212657515.0000000000E44000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	E44000
Size:	4096

Details

Name:	00000003.00000003.212552119.0000000000E44000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	E44000
Size:	4096

Details

Name:	0000000F.00000002.345274949.000001F004000000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1F004000000
Size:	806912

Details

Name:	00000008.00000002.463941219.000000A761F7C000.00000004.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	A761F7C000
Size:	16384

Details

Name:	00000003.00000003.213082854.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000006.00000002.466683065.0000022919488000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22919488000
Size:	81920

Details

Name:	0000000A.00000002.465401008.00007FF51FBB8000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF51FBB8000
Size:	4096

Details

Name:	00000008.00000002.464493075.0000026F17087000.00000004.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	26F17087000
Size:	12288

Details

Name:	0000000F.00000003.341877915.000001F003EEB000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003EEB000
Size:	16384

Details

Name:	0000000F.00000002.347088990.00007FF5C2A2E000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C2A2E000
Size:	4096

Details

Name:	00000006.00000002.464843779.0000022914400000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22914400000
Size:	4096

Details

Name:	00000008.00000002.466322223.00007FF501284000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF501284000
Size:	8192

Details

Name:	00000003.00000003.213468257.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	0000000F.00000002.344940708.000001F003E13000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003E13000
Size:	86016

Details

Name:	00000001.00000002.204667151.00000000034EC000.00000004.00000010.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	34EC000
Size:	16384

Details

Name:	00000009.00000002.463882529.0000001CA66FD000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1CA66FD000
Size:	12288

Details

Name:	00000003.00000002.463779917.0000000000C49000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	C49000
Size:	8192

Details

Name:	00000004.00000002.464803031.00007FF5A2E0C000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5A2E0C000
Size:	4096

Details

Name:	00000003.00000003.212616750.0000000000E44000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	E44000
Size:	4096

Details

Name:	00000008.00000002.466596247.00007FF501466000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF501466000
Size:	4096

Details

Name:	0000000F.00000003.341937391.000001F003EE2000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003EE2000
Size:	32768

Details

Name:	00000008.00000002.466704386.00007FF5014BD000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5014BD000
Size:	12288

Details

Name:	00000004.00000002.464892032.00007FF5A30AA000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5A30AA000
Size:	49152

Details

Name:	00000009.00000002.464595314.000001CE21A68000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1CE21A68000
Size:	57344

Details

Name:	0000000F.00000002.344908105.000001F003E00000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003E00000
Size:	73728

Details

Name:	0000000D.00000002.464678754.00007FF5741A1000.00000002.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5741A1000
Size:	12288

Details

Name:	00000007.00000002.465311664.00007FF59BA1A000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59BA1A000
Size:	20480

Details

Name:	00000008.00000002.466604885.00007FF501468000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF501468000
Size:	65536

Details

Name:	00000006.00000002.464116673.0000022913C2A000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22913C2A000
Size:	81920

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000000.00000002.197049351.0000000000700000.00000004.00000020.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	700000
Size:	32768

Details

Name:	0000000F.00000003.342615192.000001F005F18000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005F18000
Size:	110592

Details

Name:	0000000F.00000002.345400797.000001F005970000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1F005970000
Size:	3371008

Details

Name:	00000003.00000003.213201558.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	0000000F.00000002.344839812.000001F003DD0000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1F003DD0000
Size:	32768

Details

Name:	0000000B.00000002.308234005.0000004F9B77F000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4F9B77F000
Size:	4096

Details

Name:	00000011.00000002.349730705.0000021888F90000.00000004.00000040.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	21888F90000
Size:	4096

Details

Name:	00000006.00000002.467931228.00007FF58BA16000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58BA16000
Size:	12288

Details

Name:	0000000F.00000002.346072764.000001F005F75000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005F75000
Size:	16384

Details

Name:	0000000F.00000002.345268161.000001F003F1D000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003F1D000
Size:	4096

Details

Name:	00000001.00000002.203791503.00000000007B1000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7B1000
Size:	8192

Details

Name:	00000011.00000002.349712356.00000092F28FF000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	92F28FF000
Size:	4096

Details

Name:	00000006.00000002.464802618.0000022914330000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	22914330000
Size:	4096

Details

Name:	0000000F.00000002.346709081.00007FF5C26E7000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C26E7000
Size:	20480

Details

Name:	00000006.00000002.467607906.00007FF58B879000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B879000
Size:	8192

Details

Name:	0000000A.00000002.464174066.0000022A2D25A000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22A2D25A000
Size:	61440

Details

Name:	0000000F.00000002.344386754.00000015D9D79000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	15D9D79000
Size:	28672

Details

Name:	00000009.00000002.464691367.000001CE21B18000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1CE21B18000
Size:	20480

Details

Name:	00000009.00000002.465938961.00007FF5E5C55000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E5C55000
Size:	8192

Details

Name:	0000000F.00000002.347082272.00007FF5C29D7000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C29D7000
Size:	8192

Details

Name:	00000004.00000002.464743317.0000020119880000.00000004.00000040.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	20119880000
Size:	4096

Details

Name:	0000000F.00000003.337800043.000001F005D00000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005D00000
Size:	4096

Details

Name:	00000006.00000002.467860832.00007FF58B9DE000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B9DE000
Size:	12288

Details

Name:	00000000.00000002.197175636.0000000000E8C000.00000004.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	E8C000
Size:	4096

Details

Name:	0000000B.00000002.308735571.00007FF546C6E000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF546C6E000
Size:	4096

Details

Name:	0000000D.00000002.464104258.000001836263D000.00000004.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1836263D000
Size:	86016

Signature Hits	Behavior Group	Mitre Attack
AV process strings found (often used to terminate AV products)	Lowering of HIPS / PFW / Operating System Security Settings	Security Software Discovery

Details

Name:	0000000F.00000003.339457241.000001F007410000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F007410000
Size:	569344

Details

Name:	00000001.00000002.204658286.00000000033AF000.00000004.00000010.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	33AF000
Size:	4096

Details

Name:	0000000A.00000002.464165721.0000022A2D258000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22A2D258000
Size:	4096

Details

Name:	00000006.00000002.467433842.00007FF58B7E8000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B7E8000
Size:	4096

Details

Name:	00000009.00000002.464715555.000001CE21F90000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1CE21F90000
Size:	282624

Signature Hits	Behavior Group	Mitre Attack
May try to detect the Windows Explorer process (often used for injection)	HIPS / PFW / Operating System Protection Evasion	Process Injection Process Discovery

Details

Name:	00000001.00000002.203870439.0000000000AC8000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	AC8000
Size:	163840

Details

Name:	0000000B.00000003.308155039.000001BC42241000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BC42241000
Size:	16384

Details

Name:	00000008.00000002.463791302.000000A7619FC000.00000004.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	A7619FC000
Size:	16384

Details

Name:	00000006.00000002.464876236.0000022914502000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22914502000
Size:	32768

Details

Name:	00000001.00000002.203856962.0000000000A9E000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	A9E000
Size:	8192

Details

Name:	0000000F.00000002.347031688.00007FF5C29AC000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C29AC000
Size:	12288

Details

Name:	00000006.00000002.467227917.00007FF58B620000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B620000
Size:	8192

Details

Name:	00000003.00000002.464044175.0000000000FA0000.00000004.00000020.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	FA0000
Size:	20480

Details

Name:	00000006.00000002.467756449.00007FF58B987000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B987000
Size:	4096

Details

Name:	00000009.00000002.464816014.000001CE23402000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1CE23402000
Size:	4096

Details

Name:	00000008.00000002.464440169.0000026F17040000.00000004.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	26F17040000
Size:	172032

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery
Urls found in memory or binary data	Networking

Details

Name:	00000009.00000002.466554952.00007FF5E64AE000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E64AE000
Size:	4096

Details

Name:	00000003.00000003.212685607.0000000000E44000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	E44000
Size:	4096

Details

Name:	00000011.00000002.349764860.0000021889013000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	21889013000
Size:	86016

Details

Name:	00000011.00000002.349659372.00000092F267B000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	92F267B000
Size:	20480

Details

Name:	00000008.00000002.464600304.0000026F17102000.00000004.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	26F17102000
Size:	32768

Details

Name:	0000000B.00000003.308141402.000001BC42257000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BC42257000
Size:	12288

Details

Name:	00000006.00000002.464961922.0000022914CE0000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	22914CE0000
Size:	65536

Details

Name:	00000003.00000002.465416744.000000000200F000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	200F000
Size:	4096

Details

Name:	00000001.00000002.204662250.00000000033EE000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	33EE000
Size:	8192

Details

Name:	00000007.00000002.464161370.000001EA9A800000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1EA9A800000
Size:	4096

Details

Name:	0000000F.00000002.344551296.00000015DA37B000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	15DA37B000
Size:	20480

Details

Name:	0000000A.00000002.465433177.00007FF51FC9E000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF51FC9E000
Size:	4096

Details

Name:	0000000D.00000002.464023034.0000018362613000.00000004.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	18362613000
Size:	86016

Details

Name:	00000006.00000002.464215617.0000022913C75000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22913C75000
Size:	4096

Details

Name:	00000004.00000002.464245894.0000020117AE0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	20117AE0000
Size:	4096

Details

Name:	0000000F.00000002.344504832.00000015DA1FB000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	15DA1FB000
Size:	20480

Details

Name:	00000003.00000003.212818627.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000008.00000002.464743444.0000026F176B0000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	26F176B0000
Size:	1269760

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000003.00000002.463852479.0000000000E40000.00000004.00000020.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	E40000
Size:	16384

Details

Name:	0000000B.00000002.308679059.00007FF546BE6000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF546BE6000
Size:	12288

Details

Name:	00000006.00000003.258545147.0000022919261000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	22919261000
Size:	4096

Details

Name:	00000001.00000002.204649013.000000000326F000.00000004.00000010.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	326F000
Size:	4096

Details

Name:	0000000D.00000002.464722816.00007FF5741BC000.00000002.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5741BC000
Size:	12288

Details

Name:	00000006.00000003.258808192.00000229193A0000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	229193A0000
Size:	4096

Details

Name:	0000000F.00000003.339624052.000001F007510000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F007510000
Size:	393216

Details

Name:	00000008.00000002.466239998.00007FF50112F000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF50112F000
Size:	8192

Details

Name:	0000000F.00000002.346737918.00007FF5C26F5000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C26F5000
Size:	12288

Details

Name:	00000006.00000002.467288351.00007FF58B6AD000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B6AD000
Size:	4096

Details

Name:	0000000F.00000002.344751922.000001F003D40000.00000008.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page write copy
Base address:	1F003D40000
Size:	266240

Details

Name:	00000003.00000002.463981317.0000000000E8C000.00000004.00020000.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	E8C000
Size:	4096

Details

Name:	00000006.00000002.465025249.0000022914D20000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	22914D20000
Size:	65536

Details

Name:	0000000F.00000002.344651336.00000015DA67C000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	15DA67C000
Size:	16384

Details

Name:	00000001.00000002.204553214.0000000002F4F000.00000004.00000010.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2F4F000
Size:	4096

Details

Name:	00000004.00000002.464958453.00007FF5A310C000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5A310C000
Size:	12288

Details

Name:	00000006.00000002.467335033.00007FF58B6BF000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B6BF000
Size:	4096

Details

Name:	00000008.00000002.466554983.00007FF501452000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF501452000
Size:	4096

Details

Name:	00000008.00000002.466693051.00007FF5014A9000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5014A9000
Size:	8192

Details

Name:	0000000D.00000002.464686790.00007FF5741A6000.00000002.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5741A6000
Size:	12288

Details

Name:	0000000A.00000002.465470764.00007FF51FD4E000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF51FD4E000
Size:	4096

Details

Name:	00000006.00000002.464927381.0000022914BF0000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22914BF0000
Size:	4096

Details

Name:	0000000A.00000002.463910803.000000507A37F000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	507A37F000
Size:	4096

Details

Name:	0000000F.00000002.344898142.000001F003DF0000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003DF0000
Size:	8192

Details

Name:	0000000F.00000002.346330847.000001F006100000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F006100000
Size:	8192

Details

Name:	0000000F.00000002.346144941.000001F005FE0000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005FE0000
Size:	8192

Details

Name:	00000006.00000002.466222215.0000022919350000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22919350000
Size:	4096

Details

Name:	0000000B.00000003.308105877.000001BC4225F000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BC4225F000
Size:	4096

Details

Name:	00000007.00000002.465431847.00007FF59BAAF000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59BAAF000
Size:	16384

Details

Name:	0000000F.00000003.337820509.000001F005D00000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005D00000
Size:	4096

Details

Name:	0000000A.00000002.465731948.00007FF51FEF8000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF51FEF8000
Size:	65536

Details

Name:	0000000D.00000002.464612839.00007FF574132000.00000002.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF574132000
Size:	4096

Details

Name:	00000002.00000001.202532902.0000000000E80000.00000002.00020000.sdmp
TargetID:	2
Dumpstage:	image loaded
Regiontype:	unkown image
Protect:	page readonly
Base address:	E80000
Size:	4096

Details

Name:	00000008.00000002.466265409.00007FF501132000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF501132000
Size:	32768

Details

Name:	0000000B.00000003.308084718.000001BC42249000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BC42249000
Size:	53248

Details

Name:	0000000A.00000002.465927454.00007FF51FF6C000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF51FF6C000
Size:	12288

Details

Name:	00000006.00000002.467276736.00007FF58B678000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B678000
Size:	4096

Details

Name:	00000001.00000002.204640337.000000000312F000.00000004.00000010.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	312F000
Size:	4096

Details

Name:	00000011.00000002.350870715.00007FF5D9B80000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D9B80000
Size:	12288

Details

Name:	0000000B.00000002.308652323.00007FF546BB5000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF546BB5000
Size:	16384

Details

Name:	0000000D.00000002.464510725.00007FF5738FB000.00000002.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5738FB000
Size:	4096

Details

Name:	0000000A.00000002.465972682.00007FF51FF84000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF51FF84000
Size:	8192

Details

Name:	0000000F.00000003.341847620.000001F005F53000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005F53000
Size:	8192

Details

Name:	0000000B.00000003.308117767.000001BC4225C000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BC4225C000
Size:	8192

Signature Hits	Behavior Group	Mitre Attack
Urls found in memory or binary data	Networking

Details

Name:	0000000F.00000002.346109098.000001F005FB5000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005FB5000
Size:	65536

Details

Name:	00000009.00000002.466024535.00007FF5E6175000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E6175000
Size:	12288

Details

Name:	0000000D.00000003.288496024.00000183625A0000.00000004.00000001.sdmp
TargetID:	13
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	183625A0000
Size:	4096

Details

Name:	0000000F.00000002.346024102.000001F005F38000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005F38000
Size:	106496

Details

Name:	00000004.00000000.242916876.00007FF5A3189000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5A3189000
Size:	20480

Details

Name:	0000000A.00000002.464126918.0000022A2D23F000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22A2D23F000
Size:	98304

Details

Name:	00000006.00000002.464402618.0000022913D02000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22913D02000
Size:	49152

Details

Name:	0000000F.00000002.345210350.000001F003EE3000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003EE3000
Size:	28672

Details

Name:	00000004.00000002.464412927.0000020117C70000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	20117C70000
Size:	28672

Details

Name:	00000000.00000002.197033886.00000000005D2000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5D2000
Size:	8192

Details

Name:	00000009.00000002.465743237.000001CE23940000.00000008.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page write copy
Base address:	1CE23940000
Size:	266240

Details

Name:	00000006.00000002.466570430.000002291944B000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2291944B000
Size:	61440

Details

Name:	00000006.00000002.467590410.00007FF58B870000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B870000
Size:	4096

Details

Name:	0000000F.00000002.346923305.00007FF5C2930000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C2930000
Size:	4096

Details

Name:	00000006.00000002.464031151.0000022913BF0000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	22913BF0000
Size:	16384

Details

Name:	00000008.00000002.464028444.0000026F16E40000.00000004.00000040.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	26F16E40000
Size:	4096

Details

Name:	00000007.00000002.465364974.00007FF59BA76000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59BA76000
Size:	4096

Details

Name:	00000011.00000002.350726567.00007FF5D9A97000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D9A97000
Size:	8192

Details

Name:	0000000F.00000002.344453905.00000015DA07A000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	15DA07A000
Size:	24576

Details

Name:	0000000D.00000002.463989449.0000018362600000.00000004.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	18362600000
Size:	4096

Details

Name:	00000006.00000002.467671229.00007FF58B957000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B957000
Size:	32768

Details

Name:	00000006.00000002.466609085.000002291945D000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2291945D000
Size:	8192

Details

Name:	0000000D.00000002.463828588.00000052ACD7D000.00000004.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	52ACD7D000
Size:	12288

Details

Name:	0000000F.00000003.343855144.000001F007010000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F007010000
Size:	475136

Details

Name:	0000000A.00000002.464540832.0000022A2DA02000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22A2DA02000
Size:	4096

Details

Name:	0000000F.00000002.346592340.00007FF5C2254000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C2254000
Size:	12288

Details

Name:	00000009.00000002.466015646.00007FF5E611D000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E611D000
Size:	8192

Details

Name:	0000000F.00000003.342280898.000001F003EA7000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003EA7000
Size:	4096

Details

Name:	0000000F.00000002.344631599.00000015DA5FB000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	15DA5FB000
Size:	20480

Details

Name:	0000000B.00000003.308097971.000001BC42260000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BC42260000
Size:	24576

Signature Hits	Behavior Group	Mitre Attack
Urls found in memory or binary data	Networking

Details

Name:	0000000F.00000002.346041727.000001F005F56000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005F56000
Size:	24576

Details

Name:	0000000F.00000002.344617280.00000015DA57D000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	15DA57D000
Size:	12288

Details

Name:	0000000F.00000003.341996780.000001F003EA7000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003EA7000
Size:	4096

Details

Name:	00000003.00000003.213423196.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000003.00000002.465311247.0000000001DD0000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD0000
Size:	40960

Details

Name:	0000000F.00000002.347071404.00007FF5C29D4000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C29D4000
Size:	8192

Details

Name:	00000006.00000002.466285049.00000229193A0000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	229193A0000
Size:	20480

Details

Name:	00000009.00000002.463828619.0000001CA63FC000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1CA63FC000
Size:	16384

Details

Name:	0000000D.00000002.464138230.0000018362658000.00000004.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	18362658000
Size:	53248

Details

Name:	00000004.00000002.463859337.000000C36E07E000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	C36E07E000
Size:	8192

Details

Name:	0000000A.00000002.463991400.0000022A2D200000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22A2D200000
Size:	4096

Details

Name:	00000011.00000002.350887571.00007FF5D9BDE000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D9BDE000
Size:	4096

Details

Name:	0000000B.00000002.308698020.00007FF546BFC000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF546BFC000
Size:	12288

Details

Name:	0000000F.00000002.346875400.00007FF5C28F1000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C28F1000
Size:	4096

Details

Name:	00000002.00000002.203701135.0000000000E8C000.00000004.00020000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	E8C000
Size:	4096

Details

Name:	00000008.00000002.466833820.00007FF5014F7000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5014F7000
Size:	8192

Details

Name:	0000000F.00000002.346018006.000001F005F34000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005F34000
Size:	12288

Details

Name:	0000000D.00000002.464545154.00007FF573DF7000.00000002.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF573DF7000
Size:	4096

Details

Name:	00000006.00000003.265444483.00000229194B4000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	229194B4000
Size:	4096

Details

Name:	00000006.00000002.466306574.00000229193E0000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	229193E0000
Size:	65536

Details

Name:	0000000D.00000002.464764564.00007FF57422E000.00000002.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57422E000
Size:	4096

Details

Name:	00000011.00000002.349718205.00000092F297A000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	92F297A000
Size:	24576

Details

Name:	00000008.00000002.464051119.0000026F16EB0000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	26F16EB0000
Size:	806912

Details

Name:	00000009.00000003.285789289.000001CE21A49000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CE21A49000
Size:	4096

Details

Name:	00000009.00000002.466546420.00007FF5E6457000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E6457000
Size:	4096

Details

Name:	0000000F.00000002.346942745.00007FF5C2946000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C2946000
Size:	4096

Details

Name:	0000000A.00000002.464247637.0000022A2D400000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	22A2D400000
Size:	806912

Details

Name:	00000006.00000002.463933235.0000007808EFE000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7808EFE000
Size:	8192

Details

Name:	0000000F.00000002.345151012.000001F003EA3000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003EA3000
Size:	12288

Details

Name:	00000011.00000002.350584971.00007FF5D93F9000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D93F9000
Size:	4096

Details

Name:	00000009.00000002.464822358.000001CE23600000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1CE23600000
Size:	3371008

Details

Name:	00000006.00000002.467786258.00007FF58B9A0000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B9A0000
Size:	4096

Details

Name:	00000006.00000002.467999705.00007FF58BA47000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58BA47000
Size:	8192

Details

Name:	00000009.00000002.466006073.00007FF5E605D000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E605D000
Size:	8192

Details

Name:	00000006.00000002.465928132.0000022915093000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22915093000
Size:	4096

Details

Name:	0000000F.00000003.335946521.000001F003ECD000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003ECD000
Size:	4096

Details

Name:	00000009.00000002.466052326.00007FF5E61E3000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E61E3000
Size:	8192

Details

Name:	00000004.00000002.463751788.000000C36DA9C000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	C36DA9C000
Size:	16384

Details

Name:	0000000F.00000003.340471199.000001F007410000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F007410000
Size:	667648

Details

Name:	00000002.00000002.203676603.0000000000BFA000.00000004.00000020.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	BFA000
Size:	12288

Details

Name:	00000003.00000002.463802282.0000000000E00000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	E00000
Size:	4096

Details

Name:	0000000F.00000002.346823064.00007FF5C28A5000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C28A5000
Size:	12288

Details

Name:	0000000F.00000003.343153791.000001F003F5F000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003F5F000
Size:	4096

Details

Name:	00000006.00000002.464913118.0000022914B10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22914B10000
Size:	4096

Details

Name:	0000000B.00000002.308490785.000001BC42400000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1BC42400000
Size:	4096

Details

Name:	00000007.00000002.465405285.00007FF59BA9E000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59BA9E000
Size:	12288

Details

Name:	00000007.00000002.465270370.00007FF59B738000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59B738000
Size:	4096

Details

Name:	0000000B.00000002.308741644.00007FF546C71000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF546C71000
Size:	28672

Details

Name:	00000011.00000002.350852346.00007FF5D9B66000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D9B66000
Size:	20480

Details

Name:	0000000F.00000003.341286866.000001F006242000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F006242000
Size:	122880

Details

Name:	00000000.00000000.195782316.0000000000E80000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	E80000
Size:	4096

Details

Name:	00000003.00000002.464578073.0000000001A90000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1A90000
Size:	3371008

Details

Name:	0000000A.00000002.463980866.0000022A2D1F0000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	22A2D1F0000
Size:	4096

Details

Name:	0000000F.00000003.341563626.000001F007310000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F007310000
Size:	802816

Details

Name:	0000000F.00000002.346928481.00007FF5C2932000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C2932000
Size:	4096

Details

Name:	0000000F.00000002.346151815.000001F005FE3000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005FE3000
Size:	65536

Details

Name:	0000000D.00000002.464769346.00007FF574231000.00000002.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF574231000
Size:	28672

Details

Name:	00000006.00000002.467795533.00007FF58B9A2000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B9A2000
Size:	4096

Details

Name:	00000006.00000002.464286996.0000022913C91000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22913C91000
Size:	40960

Details

Name:	0000000D.00000002.463845646.00000052ACDFF000.00000004.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	52ACDFF000
Size:	4096

Details

Name:	00000001.00000002.204083830.0000000002A29000.00000004.00000010.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2A29000
Size:	28672

Details

Name:	00000011.00000000.348547286.00007FF5D9BE9000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D9BE9000
Size:	20480

Details

Name:	00000009.00000002.466061317.00007FF5E6205000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E6205000
Size:	4096

Details

Name:	00000007.00000002.464367618.000001EA9A913000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1EA9A913000
Size:	16384

Details

Name:	00000004.00000002.464320779.0000020117B7B000.00000004.00000020.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	20117B7B000
Size:	139264

Details

Name:	00000008.00000002.464345509.0000026F17013000.00000004.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	26F17013000
Size:	86016

Details

Name:	00000007.00000002.465637418.00007FF59BB04000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59BB04000
Size:	8192

Details

Name:	0000000F.00000003.337812211.000001F005D00000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005D00000
Size:	4096

Details

Name:	0000000D.00000002.463946526.0000018362540000.00000004.00000020.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	18362540000
Size:	8192

Details

Name:	00000009.00000002.464339529.000001CE21900000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1CE21900000
Size:	4096

Details

Name:	00000006.00000002.467897596.00007FF58B9F9000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B9F9000
Size:	8192

Details

Name:	00000006.00000002.467992527.00007FF58BA44000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58BA44000
Size:	8192

Details

Name:	00000009.00000002.464451281.000001CE21A2A000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1CE21A2A000
Size:	73728

Details

Name:	00000001.00000002.203810584.00000000007D3000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7D3000
Size:	4096

Details

Name:	00000003.00000002.464093260.0000000000FE6000.00000004.00000020.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	FE6000
Size:	12288

Details

Name:	00000008.00000002.466380659.00007FF5012F8000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5012F8000
Size:	8192

Details

Name:	00000007.00000002.465323461.00007FF59BA21000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59BA21000
Size:	4096

Details

Name:	00000008.00000002.466397435.00007FF50131B000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF50131B000
Size:	4096

Details

Name:	00000003.00000002.465454760.000000000218E000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	218E000
Size:	8192

Details

Name:	00000011.00000002.350840893.00007FF5D9B56000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D9B56000
Size:	12288

Details

Name:	00000001.00000002.203846812.0000000000A50000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	A50000
Size:	16384

Details

Name:	0000000A.00000000.285124363.00007FF51FFE9000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF51FFE9000
Size:	20480

Details

Name:	00000006.00000002.466343454.00000229193F0000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	229193F0000
Size:	12288

Details

Name:	0000000F.00000003.336237577.000001F003EA3000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003EA3000
Size:	4096

Details

Name:	00000011.00000002.350090209.0000021889520000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	21889520000
Size:	16384

Details

Name:	00000001.00000002.203890137.0000000000AF1000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	AF1000
Size:	61440

Details

Name:	0000000A.00000002.465943149.00007FF51FF75000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF51FF75000
Size:	24576

Details

Name:	00000003.00000002.463888531.0000000000E50000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	E50000
Size:	4096

Details

Name:	00000001.00000002.203852085.0000000000A55000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	A55000
Size:	16384

Details

Name:	00000006.00000002.466094264.0000022919270000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22919270000
Size:	4096

Details

Name:	0000000A.00000002.464209559.0000022A2D276000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22A2D276000
Size:	24576

Details

Name:	0000000D.00000002.464594397.00007FF5740FB000.00000002.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5740FB000
Size:	4096

Details

Name:	00000004.00000002.464946547.00007FF5A30FC000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5A30FC000
Size:	12288

Details

Name:	0000000B.00000002.308371984.000001BC42150000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1BC42150000
Size:	4096

Details

Name:	0000000D.00000002.464184801.0000018362800000.00000002.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	18362800000
Size:	806912

Details

Name:	0000000B.00000003.308161845.000001BC42244000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BC42244000
Size:	4096

Details

Name:	0000000F.00000003.341814907.000001F005F13000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005F13000
Size:	12288

Details

Name:	00000006.00000002.463818896.00000078089FD000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	78089FD000
Size:	12288

Details

Name:	00000007.00000002.464328628.000001EA9A879000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1EA9A879000
Size:	16384

Details

Name:	00000003.00000003.212610355.0000000000E44000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	E44000
Size:	4096

Details

Name:	00000006.00000002.464237202.0000022913C77000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22913C77000
Size:	8192

Details

Name:	00000003.00000003.212720987.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000006.00000003.264503240.0000022914559000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	22914559000
Size:	4096

Details

Name:	00000008.00000002.466893614.00007FF501559000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF501559000
Size:	20480

Details

Name:	0000000F.00000002.344440020.00000015D9FFA000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	15D9FFA000
Size:	24576

Details

Name:	00000007.00000002.465297212.00007FF59BA07000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59BA07000
Size:	4096

Details

Name:	0000000F.00000002.344718671.000001F003CD0000.00000004.00000040.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	1F003CD0000
Size:	4096

Details

Name:	00000006.00000002.467812056.00007FF58B9B6000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B9B6000
Size:	4096

Details

Name:	00000011.00000002.349877437.0000021889200000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	21889200000
Size:	806912

Details

Name:	00000008.00000002.464018438.000000A76227F000.00000004.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	A76227F000
Size:	4096

Details

Name:	00000003.00000003.212426088.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	163840

Details

Name:	00000003.00000003.388202108.0000000000BC0000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	BC0000
Size:	118784

Details

Name:	00000006.00000002.466618432.0000022919460000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22919460000
Size:	143360

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000008.00000002.466571493.00007FF50145D000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF50145D000
Size:	4096

Details

Name:	0000000A.00000003.285523751.0000022A2D266000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	22A2D266000
Size:	53248

Details

Name:	00000004.00000002.464851289.00007FF5A3096000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5A3096000
Size:	4096

Details

Name:	00000006.00000002.466053041.0000022919130000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22919130000
Size:	4096

Details

Name:	00000008.00000002.466746384.00007FF5014C6000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5014C6000
Size:	12288

Details

Name:	0000000A.00000002.465676532.00007FF51FEE0000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF51FEE0000
Size:	4096

Details

Name:	00000008.00000002.464526402.0000026F170C2000.00000004.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	26F170C2000
Size:	32768

Details

Name:	00000003.00000003.213485156.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	0000000F.00000003.342323944.000001F005FE0000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005FE0000
Size:	8192

Details

Name:	00000009.00000002.464803960.000001CE233E0000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1CE233E0000
Size:	4096

Details

Name:	00000009.00000002.466531080.00007FF5E6454000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E6454000
Size:	8192

Details

Name:	00000006.00000002.466420456.0000022919412000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22919412000
Size:	36864

Signature Hits	Behavior Group	Mitre Attack
Urls found in memory or binary data	Networking

Details

Name:	00000006.00000002.467080798.00007FF58B178000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B178000
Size:	4096

Details

Name:	00000006.00000002.466731046.000002291949F000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2291949F000
Size:	57344

Details

Name:	0000000D.00000002.464561267.00007FF573E04000.00000002.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF573E04000
Size:	4096

Details

Name:	00000007.00000002.465455641.00007FF59BACD000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59BACD000
Size:	12288

Details

Name:	00000003.00000002.464554854.000000000194C000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	194C000
Size:	16384

Details

Name:	00000011.00000002.350830469.00007FF5D9B39000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D9B39000
Size:	8192

Details

Name:	00000006.00000002.463974470.00000078091FD000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	78091FD000
Size:	12288

Details

Name:	00000008.00000002.466857250.00007FF501550000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF501550000
Size:	32768

Details

Name:	00000009.00000002.466259835.00007FF5E63B0000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E63B0000
Size:	4096

Details

Name:	00000001.00000002.203864506.0000000000AC0000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	AC0000
Size:	24576

Details

Name:	0000000F.00000002.346850902.00007FF5C28E4000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C28E4000
Size:	4096

Details

Name:	00000004.00000002.464286614.0000020117B30000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	20117B30000
Size:	4096

Details

Name:	00000009.00000002.464349981.000001CE21910000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1CE21910000
Size:	4096

Details

Name:	0000000F.00000003.340972067.000001F007410000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F007410000
Size:	667648

Details

Name:	00000006.00000002.466178851.0000022919324000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	22919324000
Size:	4096

Details

Name:	00000006.00000002.468024515.00007FF58BAA0000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58BAA0000
Size:	32768

Details

Name:	0000000A.00000002.466005127.00007FF51FFE1000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF51FFE1000
Size:	28672

Details

Name:	00000004.00000002.464983283.00007FF5A3124000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5A3124000
Size:	8192

Details

Name:	0000000F.00000002.345922506.000001F005D00000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1F005D00000
Size:	40960

Details

Name:	00000006.00000002.463753646.000000780867C000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	780867C000
Size:	16384

Details

Name:	00000009.00000002.464401765.000001CE21A02000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1CE21A02000
Size:	65536

Details

Name:	00000009.00000002.466517134.00007FF5E6452000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E6452000
Size:	4096

Details

Name:	00000003.00000003.213309709.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000011.00000002.350660175.00007FF5D99D8000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D99D8000
Size:	8192

Details

Name:	00000006.00000003.258572368.0000022919390000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	22919390000
Size:	4096

Details

Name:	00000003.00000002.464562477.000000000198D000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	198D000
Size:	12288

Details

Name:	0000000F.00000003.342225326.000001F005FE0000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005FE0000
Size:	8192

Details

Name:	0000000F.00000003.342213258.000001F005F77000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005F77000
Size:	8192

Details

Name:	0000000F.00000002.346754079.00007FF5C275B000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C275B000
Size:	4096

Details

Name:	00000004.00000002.464738778.00000201196A0000.00000004.00000040.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	201196A0000
Size:	4096

Details

Name:	00000006.00000002.464316016.0000022913C9C000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22913C9C000
Size:	122880

Details

Name:	0000000F.00000003.339286575.000001F007110000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F007110000
Size:	634880

Details

Name:	0000000F.00000002.346623358.00007FF5C2543000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C2543000
Size:	16384

Details

Name:	00000007.00000002.465385387.00007FF59BA78000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59BA78000
Size:	40960

Details

Name:	0000000A.00000002.465393176.00007FF51FB23000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF51FB23000
Size:	4096

Details

Name:	00000006.00000002.467938176.00007FF58BA1C000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58BA1C000
Size:	12288

Details

Name:	00000003.00000003.213477408.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	0000000F.00000002.346338819.000001F006200000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F006200000
Size:	8192

Details

Name:	0000000D.00000002.463780019.00000052AC9FF000.00000004.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	52AC9FF000
Size:	4096

Details

Name:	00000006.00000002.463965085.00000078090FF000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	78090FF000
Size:	4096

Details

Name:	0000000F.00000002.346097572.000001F005FA4000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005FA4000
Size:	40960

Details

Name:	00000009.00000002.466156254.00007FF5E6289000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E6289000
Size:	8192

Details

Name:	00000004.00000002.464779787.00007FF5A293E000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5A293E000
Size:	4096

Details

Name:	00000003.00000002.465427130.000000000204E000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	204E000
Size:	8192

Details

Name:	00000001.00000002.204538418.0000000002E00000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2E00000
Size:	69632

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	00000008.00000002.463764885.000000A76159B000.00000004.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	A76159B000
Size:	20480

Details

Name:	00000003.00000000.203256016.0000000000E80000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	E80000
Size:	4096

Details

Name:	0000000A.00000002.464011051.0000022A2D202000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22A2D202000
Size:	65536

Details

Name:	00000006.00000002.467884865.00007FF58B9EF000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B9EF000
Size:	16384

Details

Name:	0000000F.00000002.346809197.00007FF5C2843000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C2843000
Size:	4096

Details

Name:	00000006.00000002.467578191.00007FF58B868000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B868000
Size:	4096

Details

Name:	0000000D.00000002.464617004.00007FF574142000.00000002.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF574142000
Size:	8192

Details

Name:	00000009.00000000.284805465.00007FF5E64B9000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E64B9000
Size:	20480

Details

Name:	0000000B.00000002.308399355.000001BC42213000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1BC42213000
Size:	90112

Signature Hits	Behavior Group	Mitre Attack
Urls found in memory or binary data	Networking

Details

Name:	0000000F.00000002.346291438.000001F006084000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F006084000
Size:	65536

Details

Name:	00000006.00000002.468016193.00007FF58BA9E000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58BA9E000
Size:	4096

Details

Name:	0000000F.00000003.341888920.000001F003EE1000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003EE1000
Size:	36864

Details

Name:	00000006.00000002.466260288.0000022919370000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22919370000
Size:	4096

Details

Name:	00000011.00000002.349807875.0000021889035000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	21889035000
Size:	36864

Details

Name:	0000000B.00000002.308238349.0000004F9B87F000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4F9B87F000
Size:	4096

Details

Name:	00000007.00000002.465275755.00007FF59B79E000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59B79E000
Size:	4096

Details

Name:	00000004.00000002.464255683.0000020117B00000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	20117B00000
Size:	8192

Details

Name:	00000009.00000003.285863829.000001CE219E0000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CE219E0000
Size:	4096

Details

Name:	00000004.00000002.464376291.0000020117BAC000.00000004.00000020.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	20117BAC000
Size:	57344

Details

Name:	00000003.00000002.465504591.0000000002290000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2290000
Size:	12288

Details

Name:	00000003.00000003.212691162.0000000000E44000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	E44000
Size:	4096

Details

Name:	00000006.00000003.258796722.00000229193A0000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	229193A0000
Size:	4096

Details

Name:	0000000A.00000002.463972515.0000022A2D1D0000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22A2D1D0000
Size:	4096

Details

Name:	00000003.00000003.213438738.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000009.00000002.464653522.000001CE21B02000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1CE21B02000
Size:	49152

Details

Name:	00000006.00000002.467736040.00007FF58B977000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B977000
Size:	16384

Details

Name:	00000007.00000002.464271726.000001EA9A83C000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1EA9A83C000
Size:	106496

Details

Name:	0000000F.00000002.346830708.00007FF5C28AC000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C28AC000
Size:	4096

Details

Name:	00000006.00000003.258454021.00000229193A0000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	229193A0000
Size:	8192

Details

Name:	00000008.00000002.466814924.00007FF5014F0000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5014F0000
Size:	12288

Details

Name:	00000003.00000003.212946011.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	0000000A.00000002.464228822.0000022A2D302000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22A2D302000
Size:	32768

Details

Name:	00000006.00000002.467956266.00007FF58BA2C000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58BA2C000
Size:	12288

Details

Name:	00000006.00000002.466442555.000002291941E000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2291941E000
Size:	53248

Details

Name:	00000008.00000002.464262668.0000026F16F90000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	26F16F90000
Size:	4096

Details

Name:	00000003.00000003.213172624.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000003.00000003.213361990.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	0000000F.00000002.346948354.00007FF5C2948000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C2948000
Size:	65536

Details

Name:	0000000F.00000003.341922659.000001F005F53000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005F53000
Size:	8192

Details

Name:	00000004.00000002.464810733.00007FF5A302A000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5A302A000
Size:	8192

Details

Name:	00000007.00000002.465253320.00007FF59B6A3000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59B6A3000
Size:	4096

Details

Name:	0000000B.00000002.308365496.000001BC42140000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1BC42140000
Size:	16384

Details

Name:	0000000A.00000002.465638245.00007FF51FECC000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF51FECC000
Size:	16384

Details

Name:	00000009.00000002.465983174.00007FF5E5FF1000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E5FF1000
Size:	4096

Details

Name:	00000001.00000002.203819791.000000000093C000.00000004.00000010.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	93C000
Size:	16384

Details

Name:	00000001.00000002.204050483.0000000000E8B000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	E8B000
Size:	4096

Details

Name:	0000000F.00000002.346759992.00007FF5C276C000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C276C000
Size:	4096

Details

Name:	00000008.00000002.463965675.000000A76207E000.00000004.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	A76207E000
Size:	8192

Details

Name:	00000008.00000002.466338222.00007FF5012BE000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5012BE000
Size:	4096

Details

Name:	00000003.00000003.212877267.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	0000000F.00000003.341930630.000001F005F54000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005F54000
Size:	4096

Details

Name:	0000000F.00000002.346889481.00007FF5C290C000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C290C000
Size:	4096

Details

Name:	00000003.00000003.213190510.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	0000000F.00000003.339222620.000001F006342000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F006342000
Size:	118784

Details

Name:	0000000F.00000003.335880991.000001F003ECA000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003ECA000
Size:	8192

Details

Name:	00000006.00000002.465000443.0000022914D00000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	22914D00000
Size:	65536

Details

Name:	0000000F.00000002.346857397.00007FF5C28E7000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C28E7000
Size:	8192

Details

Name:	00000006.00000002.464979529.0000022914CF0000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	22914CF0000
Size:	65536

Details

Name:	0000000D.00000002.463971923.0000018362560000.00000002.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	18362560000
Size:	4096

Details

Name:	00000006.00000002.465948465.00000229190A0000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	229190A0000
Size:	4096

Details

Name:	00000007.00000002.465245203.00007FF59B6A1000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59B6A1000
Size:	4096

Details

Name:	0000000F.00000003.339884604.000001F007210000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F007210000
Size:	315392

Details

Name:	00000000.00000002.197055868.000000000070A000.00000004.00000020.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	70A000
Size:	36864

Details

Name:	00000006.00000002.467093916.00007FF58B244000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B244000
Size:	28672

Details

Name:	0000000F.00000003.337477122.000001F005F64000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005F64000
Size:	4096

Details

Name:	0000000F.00000002.345071212.000001F003E66000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003E66000
Size:	57344

Details

Name:	0000000F.00000002.345045614.000001F003E54000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003E54000
Size:	20480

Details

Name:	0000000F.00000003.342238649.000001F003E9F000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003E9F000
Size:	28672

Details

Name:	00000006.00000002.464181331.0000022913C56000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22913C56000
Size:	77824

Details

Name:	0000000F.00000003.335441537.000001F003E59000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003E59000
Size:	4096

Details

Name:	00000008.00000002.465037397.0000026F17802000.00000004.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	26F17802000
Size:	4096

Details

Name:	00000004.00000002.464788028.00007FF5A2D9C000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5A2D9C000
Size:	4096

Details

Name:	00000011.00000002.349738840.0000021889000000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	21889000000
Size:	4096

Details

Name:	0000000B.00000003.308147167.000001BC42245000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BC42245000
Size:	16384

Details

Name:	00000008.00000002.466423173.00007FF501370000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF501370000
Size:	28672

Details

Name:	0000000F.00000002.344427998.00000015D9F7A000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	15D9F7A000
Size:	24576

Details

Name:	0000000F.00000003.342654405.000001F005F34000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005F34000
Size:	12288

Details

Name:	00000004.00000002.464297539.0000020117B40000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	20117B40000
Size:	12288

Details

Name:	00000000.00000002.197180237.0000000000E8D000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	E8D000
Size:	4096

Details

Name:	00000007.00000002.463787466.000000D4D07FB000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	D4D07FB000
Size:	20480

Details

Name:	00000004.00000002.464927012.00007FF5A30ED000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5A30ED000
Size:	12288

Details

Name:	00000006.00000002.464793062.0000022914260000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	22914260000
Size:	16384

Details

Name:	00000011.00000002.349790958.0000021889029000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	21889029000
Size:	45056

Details

Name:	0000000F.00000002.345999668.000001F005F17000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005F17000
Size:	114688

Details

Name:	00000003.00000003.212466357.0000000000E44000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	E44000
Size:	4096

Details

Name:	00000009.00000002.464394410.000001CE21A00000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1CE21A00000
Size:	4096

Details

Name:	00000008.00000002.464308796.0000026F17000000.00000004.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	26F17000000
Size:	73728

Details

Name:	0000000B.00000002.308632572.00007FF546B9A000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF546B9A000
Size:	49152

Details

Name:	00000003.00000003.213094969.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	0000000D.00000002.464699540.00007FF5741AC000.00000002.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5741AC000
Size:	12288

Details

Name:	00000006.00000002.464811172.0000022914340000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22914340000
Size:	4096

Details

Name:	0000000A.00000002.465903680.00007FF51FF66000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF51FF66000
Size:	20480

Details

Name:	0000000F.00000003.342187380.000001F005FE0000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005FE0000
Size:	8192

Details

Name:	0000000F.00000003.335916949.000001F003EC9000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003EC9000
Size:	12288

Details

Name:	00000009.00000002.463789691.0000001CA60FF000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1CA60FF000
Size:	4096

Details

Name:	00000003.00000002.464132164.000000000101C000.00000004.00000020.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	101C000
Size:	4096

Details

Name:	00000008.00000002.466513140.00007FF50143C000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF50143C000
Size:	8192

Details

Name:	00000004.00000002.464832390.00007FF5A3034000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5A3034000
Size:	4096

Details

Name:	00000003.00000003.212976256.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	0000000F.00000002.344520636.00000015DA27B000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	15DA27B000
Size:	20480

Details

Name:	00000009.00000002.463896052.000001CE217B0000.00000004.00000040.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	1CE217B0000
Size:	4096

Details

Name:	0000000F.00000003.343593062.000001F006143000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F006143000
Size:	229376

Details

Name:	00000006.00000002.464855024.0000022914402000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22914402000
Size:	4096

Details

Name:	00000004.00000002.464866161.00007FF5A309A000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5A309A000
Size:	57344

Details

Name:	00000011.00000002.350767211.00007FF5D9AF2000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D9AF2000
Size:	8192

Details

Name:	0000000B.00000002.308685947.00007FF546BEC000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF546BEC000
Size:	4096

Details

Name:	00000009.00000002.464483202.000001CE21A3D000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1CE21A3D000
Size:	151552

Details

Name:	00000006.00000002.464870909.0000022914500000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22914500000
Size:	4096

Details

Name:	0000000F.00000002.346996231.00007FF5C297F000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C297F000
Size:	16384

Details

Name:	0000000F.00000002.345201216.000001F003EDC000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003EDC000
Size:	20480

Details

Name:	00000004.00000002.464975404.00007FF5A3120000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5A3120000
Size:	12288

Details

Name:	0000000F.00000002.345953289.000001F005D40000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005D40000
Size:	8192

Details

Name:	00000001.00000002.203833005.0000000000A10000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	A10000
Size:	4096

Details

Name:	00000007.00000002.465345653.00007FF59BA60000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59BA60000
Size:	4096

Details

Name:	00000008.00000002.466530167.00007FF501448000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF501448000
Size:	4096

Details

Name:	0000000F.00000003.341833971.000001F005F55000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005F55000
Size:	28672

Details

Name:	00000007.00000002.463763432.000000D4D047C000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	D4D047C000
Size:	16384

Details

Name:	00000003.00000003.213462064.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000011.00000002.350616858.00007FF5D98A5000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D98A5000
Size:	12288

Details

Name:	00000007.00000002.465280274.00007FF59B897000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59B897000
Size:	8192

Details

Name:	00000001.00000002.204020715.0000000000E0C000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	E0C000
Size:	16384

Details

Name:	00000007.00000002.464153653.000001EA9A7D0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1EA9A7D0000
Size:	4096

Details

Name:	0000000F.00000002.346080078.000001F005F7D000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005F7D000
Size:	24576

Details

Name:	0000000F.00000002.347011608.00007FF5C299D000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C299D000
Size:	12288

Details

Name:	00000003.00000003.212809929.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000006.00000002.467239459.00007FF58B637000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B637000
Size:	20480

Details

Name:	00000006.00000002.467152008.00007FF58B2E5000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B2E5000
Size:	16384

Details

Name:	00000003.00000003.212802252.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	0000000B.00000002.308659525.00007FF546BBF000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF546BBF000
Size:	16384

Details

Name:	00000003.00000003.213278212.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000001.00000002.204037667.0000000000E80000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	E80000
Size:	4096

Details

Name:	00000001.00000002.203806393.00000000007CA000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7CA000
Size:	4096

Details

Name:	00000006.00000002.466159689.0000022919320000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	22919320000
Size:	4096

Details

Name:	0000000B.00000002.308605800.00007FF546B70000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF546B70000
Size:	4096

Details

Name:	00000006.00000002.466488091.000002291942C000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2291942C000
Size:	57344

Details

Name:	00000011.00000002.350797574.00007FF5D9B0A000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D9B0A000
Size:	49152

Details

Name:	0000000F.00000003.343053095.000001F003F2E000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003F2E000
Size:	69632

Details

Name:	00000000.00000002.197156447.0000000000E80000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	E80000
Size:	4096

Details

Name:	00000006.00000002.464081135.0000022913C13000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22913C13000
Size:	90112

Details

Name:	00000006.00000002.464779821.0000022913ED0000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	22913ED0000
Size:	4096

Details

Name:	00000011.00000002.350032019.00000218892D0000.00000008.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page write copy
Base address:	218892D0000
Size:	266240

Details

Name:	0000000F.00000002.346692469.00007FF5C26BC000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C26BC000
Size:	4096

Details

Name:	00000002.00000000.202515291.0000000000E8B000.00000002.00020000.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	E8B000
Size:	4096

Details

Name:	0000000B.00000002.308597569.00007FF5469FF000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5469FF000
Size:	16384

Details

Name:	00000011.00000002.350881788.00007FF5D9B87000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D9B87000
Size:	4096

Details

Name:	0000000F.00000002.346882482.00007FF5C290A000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C290A000
Size:	4096

Details

Name:	00000002.00000002.203682627.0000000000E80000.00000002.00020000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	E80000
Size:	4096

Details

Name:	00000011.00000002.350611040.00007FF5D9857000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D9857000
Size:	12288

Details

Name:	00000006.00000002.463864994.0000007808BFE000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7808BFE000
Size:	8192

Details

Name:	00000007.00000002.465286683.00007FF59B8D0000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59B8D0000
Size:	4096

Details

Name:	00000001.00000002.203815709.000000000083C000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	83C000
Size:	16384

Details

Name:	00000004.00000002.463919401.0000020117A10000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	20117A10000
Size:	806912

Details

Name:	0000000F.00000003.342822869.000001F003F60000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003F60000
Size:	131072

Details

Name:	00000004.00000002.464308098.0000020117B70000.00000004.00000020.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	20117B70000
Size:	40960

Details

Name:	0000000D.00000002.464734167.00007FF5741C5000.00000002.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5741C5000
Size:	12288

Details

Name:	00000006.00000002.464891249.0000022914701000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22914701000
Size:	4096

Details

Name:	0000000F.00000002.346787365.00007FF5C27A0000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C27A0000
Size:	4096

Details

Name:	00000009.00000002.463901937.000001CE21810000.00000004.00000020.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	1CE21810000
Size:	8192

Details

Name:	00000006.00000003.265425341.00000229194B2000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	229194B2000
Size:	4096

Details

Name:	0000000F.00000002.347117338.00007FF5C2A39000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C2A39000
Size:	20480

Details

Name:	0000000F.00000002.344565198.00000015DA3FA000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	15DA3FA000
Size:	24576

Details

Name:	0000000B.00000002.308728478.00007FF546C17000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF546C17000
Size:	4096

Details

Name:	0000000D.00000002.463980423.0000018362570000.00000004.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	18362570000
Size:	4096

Details

Name:	00000003.00000003.212866741.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000007.00000002.464217145.000001EA9A829000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1EA9A829000
Size:	73728

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000006.00000002.466193355.0000022919338000.00000008.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page write copy
Base address:	22919338000
Size:	4096

Details

Name:	00000004.00000002.464939457.00007FF5A30F6000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5A30F6000
Size:	12288

Details

Name:	00000011.00000002.349816773.000002188903F000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2188903F000
Size:	53248

Details

Name:	00000003.00000003.213317348.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	0000000B.00000002.308611867.00007FF546B86000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF546B86000
Size:	4096

Details

Name:	00000007.00000002.465493136.00007FF59BAD6000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59BAD6000
Size:	12288

Details

Name:	0000000F.00000003.340102418.000001F006402000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F006402000
Size:	122880

Details

Name:	00000001.00000000.196674000.0000000000E8D000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	E8D000
Size:	4096

Details

Name:	00000006.00000002.465908838.0000022915071000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22915071000
Size:	4096

Details

Name:	00000004.00000002.464843125.00007FF5A3082000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5A3082000
Size:	4096

Details

Name:	0000000A.00000002.463812158.0000005079C7E000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5079C7E000
Size:	8192

Details

Name:	0000000F.00000002.346721042.00007FF5C26EE000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C26EE000
Size:	4096

Details

Name:	0000000B.00000003.308170541.000001BC4224E000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BC4224E000
Size:	32768

Details

Name:	00000001.00000002.203916542.0000000000BC0000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	BC0000
Size:	806912

Details

Name:	00000003.00000003.213215892.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	0000000F.00000002.346544173.000001F007000000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F007000000
Size:	4096

Details

Name:	00000000.00000002.197038808.00000000006A0000.00000004.00000020.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	6A0000
Size:	20480

Details

Name:	00000009.00000002.464386016.000001CE219F0000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1CE219F0000
Size:	4096

Details

Name:	00000008.00000002.466505194.00007FF50142A000.00000002.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF50142A000
Size:	4096

Details

Name:	00000003.00000003.212935728.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000003.00000003.213344690.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	0000000A.00000003.285549236.0000022A2D26F000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	22A2D26F000
Size:	16384

Details

Name:	0000000D.00000002.464654518.00007FF57417F000.00000002.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57417F000
Size:	16384

Details

Name:	00000000.00000002.197014217.000000000029D000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	29D000
Size:	12288

Details

Name:	00000004.00000002.463802438.000000C36DF7E000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	C36DF7E000
Size:	8192

Details

Name:	00000003.00000003.213287738.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000006.00000003.258788908.00000229193A0000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	229193A0000
Size:	4096

Details

Name:	0000000B.00000002.308376925.000001BC42160000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1BC42160000
Size:	4096

Details

Name:	00000004.00000002.465032450.00007FF5A3181000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5A3181000
Size:	28672

Details

Name:	00000007.00000002.464382304.000001EA9AA00000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1EA9AA00000
Size:	4096

Details

Name:	00000006.00000002.466672267.0000022919484000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22919484000
Size:	4096

Details

Name:	00000011.00000002.349852709.0000021889102000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	21889102000
Size:	36864

Details

Name:	0000000D.00000002.464430345.0000018362C60000.00000002.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	18362C60000
Size:	12288

Details

Name:	00000009.00000002.466239803.00007FF5E63A8000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E63A8000
Size:	4096

Details

Name:	00000008.00000002.463834636.000000A761C7F000.00000004.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	A761C7F000
Size:	4096

Details

Name:	0000000F.00000003.336024237.000001F003ECD000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003ECD000
Size:	4096

Details

Name:	00000006.00000002.467500218.00007FF58B84E000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B84E000
Size:	12288

Details

Name:	00000006.00000002.463910808.0000007808DFF000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7808DFF000
Size:	4096

Details

Name:	0000000A.00000002.465528366.00007FF51FDA8000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF51FDA8000
Size:	4096

Details

Name:	0000000F.00000003.340617038.000001F007210000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F007210000
Size:	438272

Details

Name:	00000011.00000002.350805766.00007FF5D9B1E000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D9B1E000
Size:	12288

Details

Name:	00000002.00000002.203560147.00000000005ED000.00000004.00000010.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	5ED000
Size:	12288

Details

Name:	0000000F.00000002.346864718.00007FF5C28EA000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C28EA000
Size:	20480

Details

Name:	00000003.00000003.212926576.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	0000000D.00000002.464058213.0000018362629000.00000004.00000001.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	18362629000
Size:	45056

Details

Name:	0000000F.00000002.346663501.00007FF5C26A3000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5C26A3000
Size:	12288

Details

Name:	0000000F.00000003.340273706.000001F007110000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F007110000
Size:	491520

Details

Name:	00000000.00000000.195798452.0000000000E8B000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	E8B000
Size:	4096

Details

Name:	00000007.00000002.464143628.000001EA9A7C0000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1EA9A7C0000
Size:	4096

Details

Name:	00000006.00000002.464011697.0000022913B80000.00000004.00000040.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	22913B80000
Size:	4096

Details

Name:	00000011.00000002.350836180.00007FF5D9B4D000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D9B4D000
Size:	12288

Details

Name:	00000006.00000002.467347196.00007FF58B72C000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B72C000
Size:	4096

Details

Name:	00000003.00000003.212712701.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000009.00000002.465928319.00007FF5E5C53000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E5C53000
Size:	4096

Details

Name:	00000003.00000003.213352723.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	0000000F.00000002.346348874.000001F006300000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F006300000
Size:	8192

Details

Name:	0000000F.00000003.339243211.000001F006382000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F006382000
Size:	262144

Details

Name:	0000000F.00000002.345393990.000001F005870000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005870000
Size:	4096

Details

Name:	00000001.00000002.204026497.0000000000E30000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	E30000
Size:	16384

Details

Name:	00000003.00000002.463812458.0000000000E10000.00000004.00000040.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	E10000
Size:	16384

Details

Name:	00000003.00000003.213333077.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000007.00000002.465448077.00007FF59BAB9000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59BAB9000
Size:	8192

Details

Name:	00000011.00000002.349734528.0000021888FF0000.00000004.00000020.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	21888FF0000
Size:	8192

Details

Name:	00000003.00000003.212663774.0000000000E44000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	E44000
Size:	4096

Details

Name:	00000009.00000002.466595865.00007FF5E64B9000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E64B9000
Size:	20480

Details

Name:	00000006.00000002.463956584.000000780907F000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	780907F000
Size:	4096

Details

Name:	00000002.00000000.202520387.0000000000E8D000.00000002.00020000.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	E8D000
Size:	4096

Details

Name:	00000002.00000002.203569673.0000000000840000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	840000
Size:	806912

Details

Name:	0000000A.00000002.466016474.00007FF51FFE9000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF51FFE9000
Size:	20480

Details

Name:	0000000F.00000002.346088697.000001F005F9B000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F005F9B000
Size:	32768

Details

Name:	00000003.00000003.212850040.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000003.00000003.213208384.0000000001DD1000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD1000
Size:	4096

Details

Name:	00000006.00000002.467697607.00007FF58B961000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B961000
Size:	4096

Details

Name:	0000000A.00000002.465806681.00007FF51FF39000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF51FF39000
Size:	8192

Details

Name:	00000006.00000002.463783769.0000007808877000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7808877000
Size:	36864

Details

Name:	00000004.00000002.464705415.00000201194F0000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	201194F0000
Size:	12288

Details

Name:	00000009.00000002.466045395.00007FF5E6180000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E6180000
Size:	4096

Details

Name:	0000000F.00000003.342741696.000001F006302000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F006302000
Size:	262144

Details

Name:	00000006.00000002.467409907.00007FF58B7CB000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B7CB000
Size:	4096

Details

Name:	00000009.00000002.466414132.00007FF5E641D000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E641D000
Size:	12288

Details

Name:	00000004.00000002.464989308.00007FF5A3127000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5A3127000
Size:	4096

Details

Name:	0000000F.00000002.344874877.000001F003DE0000.00000004.00000040.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	1F003DE0000
Size:	4096

Details

Name:	00000006.00000002.467965863.00007FF58BA35000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58BA35000
Size:	24576

Details

Name:	0000000A.00000002.463827384.0000005079D7B000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5079D7B000
Size:	20480

Details

Name:	0000000B.00000002.308644994.00007FF546BAE000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF546BAE000
Size:	12288

Details

Name:	0000000F.00000002.344464256.00000015DA0FA000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	15DA0FA000
Size:	24576

Details

Name:	00000007.00000002.465339152.00007FF59BA58000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59BA58000
Size:	4096

Details

Name:	0000000F.00000003.335894240.000001F003ECD000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003ECD000
Size:	4096

Details

Name:	00000006.00000002.467657729.00007FF58B927000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B927000
Size:	4096

Details

Name:	0000000F.00000003.344223387.000001F003F1F000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1F003F1F000
Size:	69632

Details

Name:	00000007.00000002.465528430.00007FF59BAE6000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59BAE6000
Size:	20480

Details

Name:	0000000A.00000002.465994486.00007FF51FFDE000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF51FFDE000
Size:	4096

Details

Name:	00000011.00000002.350817418.00007FF5D9B2F000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D9B2F000
Size:	16384

Details

Name:	00000006.00000002.467201058.00007FF58B5E3000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF58B5E3000
Size:	4096

Details

Name:	00000003.00000003.212595295.0000000000E44000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	E44000
Size:	4096

Details

Name:	00000006.00000003.258599155.0000022919280000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	22919280000
Size:	4096

Details

Name:	00000003.00000002.464005751.0000000000E8D000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	E8D000
Size:	4096

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOCReport

Files

Processes

URLs

IPs

Registry

Memdumps