Automated Malware Analysis IOC Report for

Details

Name:	00000000.00000002.1182794448.0000000004262000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	4262000
Size:	86016

Details

Name:	00000000.00000002.1172960837.00000000004E0000.00000020.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute read
Base address:	4E0000
Size:	40960

Details

Name:	00000000.00000002.1172950009.0000000000470000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	470000
Size:	8192

Details

Name:	00000000.00000002.1179971529.0000000003F80000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3F80000
Size:	454656

Details

Name:	00000000.00000002.1175321249.00000000030B0000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	30B0000
Size:	3805184

Details

Name:	00000000.00000002.1179558328.0000000003DE7000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3DE7000
Size:	40960

Details

Name:	00000000.00000002.1178687285.0000000003829000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3829000
Size:	53248

Details

Name:	00000000.00000002.1175098534.0000000002EF0000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2EF0000
Size:	733184

Details

Name:	00000000.00000002.1182770640.0000000004230000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	4230000
Size:	4096

Details

Name:	00000000.00000002.1178650157.00000000037E5000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	37E5000
Size:	49152

Details

Name:	00000000.00000002.1182598152.00000000041E0000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	41E0000
Size:	61440

Details

Name:	00000000.00000002.1173033979.0000000000540000.00000004.00000020.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	540000
Size:	32768

Details

Name:	00000000.00000002.1178304704.0000000003707000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3707000
Size:	368640

Details

Name:	00000000.00000002.1178552929.0000000003799000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3799000
Size:	53248

Details

Name:	00000000.00000002.1182496948.00000000041A0000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	41A0000
Size:	126976

Details

Name:	00000000.00000002.1179948017.0000000003F74000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3F74000
Size:	4096

Details

Name:	00000000.00000002.1178905220.0000000003969000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3969000
Size:	20480

Details

Name:	00000000.00000002.1173852011.0000000002130000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2130000
Size:	20480

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	00000000.00000002.1175070903.0000000002A60000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2A60000
Size:	8192

Details

Name:	00000000.00000002.1179823347.0000000003E90000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3E90000
Size:	4096

Details

Name:	00000000.00000002.1179906693.0000000003F34000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3F34000
Size:	4096

Details

Name:	00000000.00000002.1175067196.0000000002A40000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2A40000
Size:	4096

Details

Name:	00000000.00000002.1173972221.00000000021A0000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	21A0000
Size:	12288

Details

Name:	00000000.00000000.648189107.0000000000400000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	400000
Size:	4096

Details

Name:	00000000.00000002.1181562757.00000000040D0000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	40D0000
Size:	114688

Details

Name:	00000000.00000002.1172953440.0000000000480000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	480000
Size:	4096

Details

Name:	00000000.00000002.1179773886.0000000003E74000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3E74000
Size:	110592

Details

Name:	00000000.00000001.648235940.0000000000400000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	image loaded
Regiontype:	unkown image
Protect:	page readonly
Base address:	400000
Size:	4096

Details

Name:	00000000.00000002.1179957191.0000000003F7B000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3F7B000
Size:	16384

Details

Name:	00000000.00000002.1182775217.0000000004232000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	4232000
Size:	86016

Details

Name:	00000000.00000002.1173892032.0000000002149000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2149000
Size:	24576

Details

Name:	00000000.00000002.1173058161.000000000054A000.00000004.00000020.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	54A000
Size:	69632

Details

Name:	00000000.00000002.1173019574.0000000000530000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	530000
Size:	12288

Details

Name:	00000000.00000002.1175094798.0000000002E70000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2E70000
Size:	4096

Details

Name:	00000000.00000002.1179926148.0000000003F54000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3F54000
Size:	4096

Details

Name:	00000000.00000002.1179501517.0000000003D75000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3D75000
Size:	8192

Details

Name:	00000000.00000002.1179695223.0000000003E52000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3E52000
Size:	4096

Details

Name:	00000000.00000002.1179930253.0000000003F5B000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3F5B000
Size:	12288

Details

Name:	00000000.00000002.1173837597.00000000020B0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	20B0000
Size:	8192

Details

Name:	00000000.00000002.1179320293.0000000003B9B000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3B9B000
Size:	1859584

Details

Name:	00000000.00000002.1172807135.000000000019C000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	19C000
Size:	16384

Details

Name:	00000000.00000002.1182389535.0000000004182000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	4182000
Size:	102400

Details

Name:	00000000.00000002.1177020240.0000000003472000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3472000
Size:	69632

Details

Name:	00000000.00000002.1179491455.0000000003D62000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3D62000
Size:	73728

Details

Name:	00000000.00000002.1178546389.0000000003792000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3792000
Size:	24576

Details

Name:	00000000.00000002.1174020133.00000000021B0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	21B0000
Size:	4096

Details

Name:	00000000.00000002.1174024704.00000000025B0000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	25B0000
Size:	3371008

Details

Name:	00000000.00000002.1179128185.00000000039EC000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	39EC000
Size:	1474560

Details

Name:	00000000.00000002.1182645930.00000000041F0000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	41F0000
Size:	110592

Details

Name:	00000000.00000002.1181956447.0000000004109000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	4109000
Size:	12288

Details

Name:	00000000.00000002.1175077951.0000000002A70000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2A70000
Size:	16384

Details

Name:	00000000.00000002.1181981153.000000000410D000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	410D000
Size:	73728

Details

Name:	00000000.00000002.1178695958.0000000003845000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3845000
Size:	1191936

Details

Name:	00000000.00000002.1179833088.0000000003E94000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3E94000
Size:	307200

Details

Name:	00000000.00000002.1178001401.0000000003612000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3612000
Size:	86016

Details

Name:	00000000.00000002.1182884602.00000000043DF000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	43DF000
Size:	4096

Details

Name:	00000000.00000002.1175315956.0000000003090000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3090000
Size:	12288

Details

Name:	00000000.00000002.1173641561.0000000000CA0000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	CA0000
Size:	339968

Signature Hits	Behavior Group	Mitre Attack
May try to detect the Windows Explorer process (often used for injection)	HIPS / PFW / Operating System Protection Evasion	Process Injection Process Discovery

Details

Name:	00000000.00000002.1177412984.0000000003484000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3484000
Size:	4096

Details

Name:	00000000.00000002.1176364207.0000000003452000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3452000
Size:	69632

Details

Name:	00000000.00000002.1172842814.00000000001F0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F0000
Size:	4096

Details

Name:	00000000.00000002.1178256721.00000000036D7000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	36D7000
Size:	40960

Details

Name:	00000000.00000002.1182905410.000000000451F000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	451F000
Size:	4096

Details

Name:	00000000.00000002.1178566253.00000000037B5000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	37B5000
Size:	49152

Details

Name:	00000000.00000002.1179757800.0000000003E70000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3E70000
Size:	4096

Details

Name:	00000000.00000002.1178911600.000000000396F000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	396F000
Size:	483328

Details

Name:	00000000.00000002.1179613096.0000000003E19000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3E19000
Size:	24576

Details

Name:	00000000.00000002.1181788745.0000000004102000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	4102000
Size:	12288

Details

Name:	00000000.00000002.1182853629.00000000042B0000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	42B0000
Size:	77824

Details

Name:	00000000.00000002.1176681485.0000000003464000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3464000
Size:	4096

Details

Name:	00000000.00000002.1179596898.0000000003E05000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3E05000
Size:	8192

Details

Name:	00000000.00000002.1182826012.0000000004290000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	4290000
Size:	126976

Details

Name:	00000000.00000002.1173105153.0000000000561000.00000004.00000020.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	561000
Size:	159744

Details

Name:	00000000.00000002.1175231325.0000000002FBE000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2FBE000
Size:	811008

Details

Name:	00000000.00000002.1179917395.0000000003F42000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3F42000
Size:	69632

Details

Name:	00000000.00000002.1182874036.00000000042D0000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	42D0000
Size:	61440

Details

Name:	00000000.00000002.1172978079.0000000000510000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	510000
Size:	4096

Details

Name:	00000000.00000002.1182277265.0000000004152000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	4152000
Size:	192512

Details

Name:	00000000.00000002.1181863971.0000000004106000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	4106000
Size:	8192

Details

Name:	00000000.00000002.1179288432.0000000003B5C000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3B5C000
Size:	253952

Details

Name:	00000000.00000002.1182911485.00000000047E0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	47E0000
Size:	4096

Details

Name:	00000000.00000002.1179935059.0000000003F60000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3F60000
Size:	4096

Details

Name:	00000000.00000002.1179282221.0000000003B55000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3B55000
Size:	20480

Details

Name:	00000000.00000002.1182787283.0000000004257000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	4257000
Size:	4096

Details

Name:	00000000.00000002.1179519597.0000000003D92000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3D92000
Size:	73728

Details

Name:	00000000.00000002.1182479437.000000000419D000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	419D000
Size:	4096

Details

Name:	00000000.00000002.1172990126.0000000000520000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	520000
Size:	40960

Details

Name:	00000000.00000002.1172862983.000000000025D000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	25D000
Size:	4096

Details

Name:	00000000.00000002.1179762933.0000000003E72000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3E72000
Size:	4096

Details

Name:	00000000.00000002.1172940359.0000000000420000.00000040.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	420000
Size:	32768

Signature Hits	Behavior Group	Mitre Attack
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)	Malware Analysis System Evasion	Security Software Discovery
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000000.00000002.1179895327.0000000003F22000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3F22000
Size:	69632

Details

Name:	00000000.00000002.1178525266.0000000003785000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3785000
Size:	49152

Details

Name:	00000000.00000002.1172888362.0000000000401000.00000020.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute read
Base address:	401000
Size:	69632

Details

Name:	00000000.00000002.1178426333.0000000003762000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3762000
Size:	24576

Details

Name:	00000000.00000002.1179890819.0000000003F20000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3F20000
Size:	4096

Details

Name:	00000000.00000002.1178673301.0000000003815000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3815000
Size:	49152

Details

Name:	00000000.00000002.1180395317.0000000003FF0000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3FF0000
Size:	319488

Details

Name:	00000000.00000002.1179536720.0000000003DB7000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3DB7000
Size:	40960

Details

Name:	00000000.00000002.1182806380.0000000004287000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	4287000
Size:	4096

Details

Name:	00000000.00000002.1182751350.0000000004210000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	4210000
Size:	53248

Details

Name:	00000000.00000002.1173611773.0000000000910000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	910000
Size:	36864

Details

Name:	00000000.00000002.1175050835.0000000002A2E000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2A2E000
Size:	8192

Details

Name:	00000000.00000002.1179119975.00000000039E6000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	39E6000
Size:	20480

Details

Name:	00000000.00000002.1172875834.0000000000400000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	400000
Size:	4096

Details

Name:	00000000.00000002.1173913374.0000000002150000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2150000
Size:	8192

Details

Name:	00000000.00000002.1179828462.0000000003E92000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3E92000
Size:	4096

Details

Name:	00000000.00000002.1179530364.0000000003DA5000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3DA5000
Size:	8192

Details

Name:	00000000.00000002.1179506180.0000000003D87000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3D87000
Size:	40960

Details

Name:	00000000.00000002.1178056084.0000000003642000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3642000
Size:	86016

Details

Name:	00000000.00000002.1178455526.0000000003769000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3769000
Size:	53248

Details

Name:	00000000.00000002.1181363705.00000000040B0000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	40B0000
Size:	118784

Details

Name:	00000000.00000002.1173994404.00000000021A8000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	21A8000
Size:	16384

Details

Name:	00000000.00000002.1175074518.0000000002A64000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2A64000
Size:	8192

Details

Name:	00000000.00000002.1177448889.000000000348B000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	348B000
Size:	1597440

Details

Name:	00000000.00000002.1172788056.0000000000098000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	98000
Size:	32768

Details

Name:	00000000.00000002.1176814401.000000000346B000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	346B000
Size:	24576

Details

Name:	00000000.00000002.1180877023.0000000004040000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	4040000
Size:	323584

Details

Name:	00000000.00000002.1178664414.00000000037F9000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	37F9000
Size:	53248

Details

Name:	00000000.00000002.1179911110.0000000003F3B000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3F3B000
Size:	24576

Details

Name:	00000000.00000002.1173927354.0000000002160000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2160000
Size:	4096

Details

Name:	00000000.00000002.1182559000.00000000041C0000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	41C0000
Size:	126976

Details

Name:	00000000.00000002.1179863023.0000000003EE0000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3EE0000
Size:	258048

Details

Name:	00000000.00000002.1178111864.0000000003667000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3667000
Size:	303104

Details

Name:	00000000.00000002.1182790809.0000000004260000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	4260000
Size:	4096

Details

Name:	00000000.00000002.1179603304.0000000003E17000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3E17000
Size:	4096

Details

Name:	00000000.00000002.1178657994.00000000037F2000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	37F2000
Size:	24576

Details

Name:	00000000.00000002.1182078826.0000000004120000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	4120000
Size:	180224

Details

Name:	00000000.00000002.1178202689.00000000036B2000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	36B2000
Size:	86016

Details

Name:	00000000.00000003.648477314.0000000000571000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	571000
Size:	73728

Details

Name:	00000000.00000002.1175038078.00000000028F0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	28F0000
Size:	20480

Details

Name:	00000000.00000002.1181230339.0000000004090000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	4090000
Size:	118784

Details

Name:	00000000.00000002.1173866654.0000000002140000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2140000
Size:	28672

Details

Name:	00000000.00000002.1182762810.0000000004220000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	4220000
Size:	49152

Details

Name:	00000000.00000002.1179543839.0000000003DC2000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3DC2000
Size:	73728

Details

Name:	00000000.00000002.1178575220.00000000037C2000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	37C2000
Size:	24576

Details

Name:	00000000.00000002.1179709780.0000000003E54000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3E54000
Size:	110592

Details

Name:	00000000.00000002.1173956806.0000000002180000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2180000
Size:	4096

Details

Name:	00000000.00000002.1172935059.0000000000413000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	413000
Size:	8192

Details

Name:	00000000.00000002.1173201450.0000000000640000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	640000
Size:	806912

Details

Name:	00000000.00000002.1178681305.0000000003822000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3822000
Size:	24576

Details

Name:	00000000.00000002.1173943602.0000000002170000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2170000
Size:	8192

Details

Name:	00000000.00000002.1179626499.0000000003E20000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3E20000
Size:	200704

Details

Name:	00000000.00000002.1179564871.0000000003DF2000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3DF2000
Size:	73728

Details

Name:	00000000.00000002.1179938999.0000000003F62000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3F62000
Size:	69632

Details

Name:	00000000.00000002.1172945632.0000000000460000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	460000
Size:	16384

Details

Name:	00000000.00000002.1178286877.00000000036E2000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	36E2000
Size:	86016

Details

Name:	00000000.00000002.1181713495.00000000040F0000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	40F0000
Size:	57344

Details

Name:	00000000.00000000.648205098.0000000000413000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	413000
Size:	8192

Details

Name:	00000000.00000002.1178581127.00000000037C9000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	37C9000
Size:	53248

Details

Name:	00000000.00000002.1173980441.00000000021A5000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	21A5000
Size:	8192

Details

Name:	00000000.00000002.1178029295.0000000003637000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3637000
Size:	40960

Details

Name:	00000000.00000002.1172856142.0000000000259000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	259000
Size:	12288

Details

Name:	00000000.00000002.1172956590.0000000000490000.00000004.00000020.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	490000
Size:	20480

Details

Name:	00000000.00000002.1182891430.000000000441E000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	441E000
Size:	8192

Details

Name:	00000000.00000002.1179552791.0000000003DD5000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3DD5000
Size:	8192

Details

Name:	00000000.00000002.1172922827.0000000000412000.00000004.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	412000
Size:	4096

Details

Name:	00000000.00000000.648194255.0000000000401000.00000020.00020000.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute read
Base address:	401000
Size:	69632

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOCReport

Processes

Memdumps