Automated Malware Analysis IOC Report for

Details

Name:	00000005.00000002.661245021.0000020549E66000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	20549E66000
Size:	94208

Details

Name:	00000000.00000002.637101486.0000000000A90000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	A90000
Size:	20480

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	00000005.00000002.662055634.00007FF5D7537000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D7537000
Size:	49152

Details

Name:	00000003.00000002.640938889.0000018F52113000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	18F52113000
Size:	20480

Details

Name:	00000005.00000002.662008963.00007FF5D7473000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D7473000
Size:	24576

Details

Name:	00000005.00000002.662124495.00007FF5D760A000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D760A000
Size:	12288

Details

Name:	00000004.00000002.645553083.00007FF4EABDD000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EABDD000
Size:	12288

Details

Name:	00000004.00000002.645668529.00007FF4EB3B8000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EB3B8000
Size:	24576

Details

Name:	00000005.00000002.661172037.0000020549E3C000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	20549E3C000
Size:	102400

Details

Name:	00000000.00000002.636923126.0000000000490000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	490000
Size:	806912

Details

Name:	00000003.00000003.639460802.0000018F5206C000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	18F5206C000
Size:	32768

Details

Name:	00000003.00000002.641596353.00007FF57E00A000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57E00A000
Size:	20480

Details

Name:	00000004.00000002.644989811.0000018880C02000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	18880C02000
Size:	65536

Details

Name:	00000005.00000002.661966238.00007FF5D70E6000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D70E6000
Size:	32768

Details

Name:	00000004.00000003.642985459.0000018880C68000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	18880C68000
Size:	40960

Details

Name:	00000005.00000002.661123057.0000020549DF0000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	20549DF0000
Size:	16384

Details

Name:	00000005.00000002.660991693.000000BB03B7E000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	BB03B7E000
Size:	8192

Details

Name:	00000000.00000002.637035766.0000000000580000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	580000
Size:	4096

Details

Name:	00000000.00000000.631839480.000000000048E000.00000008.00020000.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page write copy
Base address:	48E000
Size:	4096

Details

Name:	00000004.00000002.644176672.0000018880A80000.00000004.00000020.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	18880A80000
Size:	8192

Details

Name:	00000004.00000002.645593640.00007FF4EB146000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EB146000
Size:	4096

Details

Name:	00000004.00000002.645672906.00007FF4EB3C4000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EB3C4000
Size:	4096

Details

Name:	00000000.00000002.637310159.0000000002520000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2520000
Size:	4096

Details

Name:	00000004.00000003.643714105.0000018880C67000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	18880C67000
Size:	24576

Details

Name:	00000003.00000002.639744228.000000525967B000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	525967B000
Size:	20480

Details

Name:	00000003.00000003.639335382.0000018F5206E000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	18F5206E000
Size:	24576

Details

Name:	00000004.00000002.645699715.00007FF4EB3F9000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EB3F9000
Size:	12288

Details

Name:	00000004.00000002.645661935.00007FF4EB3AC000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EB3AC000
Size:	4096

Details

Name:	00000001.00000001.636690147.0000000000400000.00000040.00020000.sdmp
TargetID:	1
Dumpstage:	image loaded
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	400000
Size:	143360

Signature Hits	Behavior Group	Mitre Attack
Contains VNC / remote desktop functionality (version string found)	Remote Access Functionality	Remote Access Software Remote Desktop Protocol
Urls found in memory or binary data	Networking

Details

Name:	00000000.00000002.637152079.0000000002320000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2320000
Size:	16384

Details

Name:	00000001.00000002.637120126.00000000008BF000.00000004.00000010.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	8BF000
Size:	4096

Details

Name:	00000000.00000000.631796063.000000000044B000.00000080.00020000.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute and write copy
Base address:	44B000
Size:	274432

Details

Name:	00000005.00000002.661432928.000002054A4C0000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2054A4C0000
Size:	1269760

Details

Name:	00000005.00000002.661959445.00007FF5D70E0000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D70E0000
Size:	20480

Details

Name:	00000004.00000002.644193054.0000018880A90000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	18880A90000
Size:	806912

Details

Name:	00000003.00000002.641400497.00007FF57DC8A000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57DC8A000
Size:	16384

Details

Name:	00000003.00000002.641526177.00007FF57DFC0000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57DFC0000
Size:	16384

Details

Name:	00000001.00000002.637146593.0000000002220000.00000004.00000040.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2220000
Size:	8192

Details

Name:	00000005.00000002.662001124.00007FF5D741E000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D741E000
Size:	4096

Details

Name:	00000003.00000003.638882863.0000018F5206C000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	18F5206C000
Size:	32768

Details

Name:	00000003.00000002.640372887.0000018F51DD0000.00000004.00000040.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	18F51DD0000
Size:	4096

Details

Name:	00000003.00000002.641376833.00007FF57D81D000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57D81D000
Size:	12288

Details

Name:	00000003.00000002.641602157.00007FF57E014000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57E014000
Size:	20480

Details

Name:	00000004.00000002.645703038.00007FF4EB3FD000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EB3FD000
Size:	16384

Details

Name:	00000000.00000002.637046403.00000000005AA000.00000004.00000020.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	5AA000
Size:	90112

Details

Name:	00000000.00000002.636834720.0000000000400000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	400000
Size:	4096

Details

Name:	00000004.00000003.643206662.0000018880C6A000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	18880C6A000
Size:	32768

Details

Name:	00000003.00000002.640167010.0000005259879000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5259879000
Size:	28672

Details

Name:	00000004.00000002.645560531.00007FF4EABE1000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EABE1000
Size:	4096

Details

Name:	00000004.00000002.645690966.00007FF4EB3EE000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EB3EE000
Size:	4096

Details

Name:	00000005.00000002.661973619.00007FF5D70F5000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D70F5000
Size:	4096

Details

Name:	00000003.00000002.640828318.0000018F51F10000.00000008.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page write copy
Base address:	18F51F10000
Size:	266240

Details

Name:	00000005.00000002.662080614.00007FF5D7564000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D7564000
Size:	4096

Details

Name:	00000003.00000002.641461080.00007FF57DE19000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57DE19000
Size:	4096

Details

Name:	00000004.00000002.645696694.00007FF4EB3F6000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EB3F6000
Size:	8192

Details

Name:	00000001.00000002.636930029.00000000001F0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F0000
Size:	4096

Details

Name:	00000005.00000002.662083794.00007FF5D756A000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D756A000
Size:	20480

Details

Name:	00000003.00000002.640862879.0000018F52002000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	18F52002000
Size:	65536

Details

Name:	00000000.00000002.637026682.0000000000560000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	560000
Size:	4096

Details

Name:	00000003.00000002.640951840.0000018F539A0000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	18F539A0000
Size:	4096

Details

Name:	00000003.00000002.640924752.0000018F52100000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	18F52100000
Size:	4096

Details

Name:	00000000.00000002.637073744.000000000091E000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	91E000
Size:	8192

Details

Name:	00000003.00000002.641565197.00007FF57DFD7000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57DFD7000
Size:	49152

Details

Name:	00000001.00000002.636942963.0000000000400000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	400000
Size:	143360

Details

Name:	00000004.00000003.643467320.0000018880C68000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	18880C68000
Size:	40960

Details

Name:	00000003.00000002.640871358.0000018F52013000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	18F52013000
Size:	86016

Details

Name:	00000005.00000002.661155128.0000020549E2A000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	20549E2A000
Size:	69632

Details

Name:	00000001.00000002.636938837.00000000002BE000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2BE000
Size:	4096

Details

Name:	00000004.00000002.645095191.0000018880C29000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	18880C29000
Size:	86016

Details

Name:	00000003.00000003.639362791.0000018F5206C000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	18F5206C000
Size:	32768

Details

Name:	00000003.00000002.640440405.0000018F51E30000.00000004.00000020.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	18F51E30000
Size:	8192

Details

Name:	00000003.00000003.639219528.0000018F5206C000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	18F5206C000
Size:	32768

Details

Name:	00000001.00000002.637143198.00000000021A0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	21A0000
Size:	4096

Details

Name:	00000004.00000002.645641387.00007FF4EB380000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EB380000
Size:	16384

Details

Name:	00000003.00000002.641669296.00007FF57E0A4000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57E0A4000
Size:	20480

Details

Name:	00000003.00000002.641450124.00007FF57DDE1000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57DDE1000
Size:	12288

Details

Name:	00000005.00000002.661954327.00007FF5D6C29000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D6C29000
Size:	4096

Details

Name:	00000004.00000002.645649240.00007FF4EB38B000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EB38B000
Size:	45056

Details

Name:	00000004.00000003.642963005.0000018880C6C000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	18880C6C000
Size:	24576

Details

Name:	00000003.00000002.640859473.0000018F52000000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	18F52000000
Size:	4096

Details

Name:	00000004.00000003.643630977.0000018880C6A000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	18880C6A000
Size:	32768

Details

Name:	00000003.00000002.640060598.00000052597FA000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	52597FA000
Size:	24576

Details

Name:	00000003.00000002.641655736.00007FF57E03D000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57E03D000
Size:	16384

Details

Name:	00000003.00000002.641627423.00007FF57E031000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57E031000
Size:	4096

Details

Name:	00000004.00000003.643228046.0000018880C6A000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	18880C6A000
Size:	32768

Details

Name:	00000004.00000002.645566672.00007FF4EB03C000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EB03C000
Size:	8192

Details

Name:	00000004.00000002.645578742.00007FF4EB04F000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EB04F000
Size:	8192

Details

Name:	00000004.00000002.645655342.00007FF4EB397000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EB397000
Size:	49152

Details

Name:	00000004.00000003.643435978.0000018880C6A000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	18880C6A000
Size:	32768

Details

Name:	00000004.00000002.644165063.0000018880A20000.00000004.00000040.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	18880A20000
Size:	4096

Details

Name:	00000005.00000002.661006435.000000BB03D7B000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	BB03D7B000
Size:	20480

Details

Name:	00000004.00000003.643757133.0000018880C6E000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	18880C6E000
Size:	16384

Details

Name:	00000000.00000002.637191444.0000000002420000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2420000
Size:	733184

Details

Name:	00000003.00000002.641541045.00007FF57DFC5000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57DFC5000
Size:	12288

Details

Name:	00000003.00000002.639957332.000000525977E000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	525977E000
Size:	8192

Details

Name:	00000004.00000002.645605613.00007FF4EB1D9000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EB1D9000
Size:	4096

Details

Name:	00000000.00000002.637163301.0000000002358000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2358000
Size:	159744

Details

Name:	00000004.00000002.644139952.0000006A3DE7F000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6A3DE7F000
Size:	4096

Details

Name:	00000005.00000002.660986409.000000BB03AFE000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	BB03AFE000
Size:	8192

Details

Name:	00000005.00000002.661028494.000000BB040FE000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	BB040FE000
Size:	8192

Details

Name:	00000005.00000002.661011916.000000BB03DFF000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	BB03DFF000
Size:	4096

Details

Name:	00000000.00000002.637125276.00000000022BD000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22BD000
Size:	12288

Details

Name:	00000005.00000002.662022058.00007FF5D750A000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D750A000
Size:	4096

Details

Name:	00000004.00000002.645620597.00007FF4EB288000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EB288000
Size:	4096

Details

Name:	00000004.00000002.645631840.00007FF4EB343000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EB343000
Size:	8192

Details

Name:	00000000.00000002.637059439.00000000006DE000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6DE000
Size:	8192

Details

Name:	00000004.00000002.645146714.0000018880E00000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	18880E00000
Size:	36864

Details

Name:	00000003.00000002.641490527.00007FF57DF60000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57DF60000
Size:	4096

Details

Name:	00000003.00000002.641614391.00007FF57E028000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57E028000
Size:	12288

Details

Name:	00000003.00000002.641466261.00007FF57DEA1000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57DEA1000
Size:	4096

Details

Name:	00000005.00000002.661576489.000002054A800000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2054A800000
Size:	3371008

Details

Name:	00000001.00000002.637124367.00000000008FE000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	8FE000
Size:	8192

Details

Name:	00000000.00000002.637753462.000000000296D000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	296D000
Size:	12288

Details

Name:	00000003.00000002.641455386.00007FF57DDE5000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57DDE5000
Size:	4096

Details

Name:	00000003.00000002.641641830.00007FF57E039000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57E039000
Size:	12288

Details

Name:	00000005.00000002.662110232.00007FF5D7599000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D7599000
Size:	12288

Details

Name:	00000005.00000002.662048488.00007FF5D752B000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D752B000
Size:	45056

Details

Name:	00000001.00000002.637135541.0000000000A00000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	A00000
Size:	36864

Details

Name:	00000000.00000002.636914146.000000000048D000.00000080.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and write copy
Base address:	48D000
Size:	4096

Details

Name:	00000004.00000002.645583678.00007FF4EB057000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EB057000
Size:	4096

Details

Name:	00000000.00000002.637039600.00000000005A0000.00000004.00000020.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	5A0000
Size:	32768

Details

Name:	00000005.00000002.662128603.00007FF5D7611000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D7611000
Size:	20480

Details

Name:	00000000.00000002.636803713.000000000019C000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	19C000
Size:	16384

Details

Name:	00000005.00000000.649848311.00007FF5D7612000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D7612000
Size:	16384

Details

Name:	00000000.00000002.636908133.0000000000486000.00000040.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	486000
Size:	28672

Details

Name:	00000003.00000002.640954823.0000018F53AA0000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	18F53AA0000
Size:	3371008

Details

Name:	00000004.00000002.645626963.00007FF4EB322000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EB322000
Size:	24576

Details

Name:	00000004.00000002.645588171.00007FF4EB13B000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EB13B000
Size:	12288

Details

Name:	00000004.00000002.645675622.00007FF4EB3CA000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EB3CA000
Size:	20480

Details

Name:	00000004.00000002.644159305.0000006A3DEFF000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6A3DEFF000
Size:	4096

Details

Name:	00000003.00000000.638313330.00007FF57E0B2000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57E0B2000
Size:	16384

Details

Name:	00000005.00000002.661416177.000002054A460000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2054A460000
Size:	4096

Details

Name:	00000004.00000002.644099142.0000006A3DD79000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6A3DD79000
Size:	28672

Details

Name:	00000000.00000002.637030652.0000000000570000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	570000
Size:	16384

Details

Name:	00000000.00000002.637069521.000000000081E000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	81E000
Size:	8192

Details

Name:	00000005.00000002.662036590.00007FF5D7520000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D7520000
Size:	16384

Details

Name:	00000000.00000002.637083676.0000000000A5F000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	A5F000
Size:	4096

Details

Name:	00000004.00000002.645664733.00007FF4EB3AF000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EB3AF000
Size:	16384

Details

Name:	00000004.00000002.644073367.0000006A3DC7E000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6A3DC7E000
Size:	8192

Details

Name:	00000004.00000000.642237792.00007FF4EB472000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EB472000
Size:	16384

Details

Name:	00000003.00000003.639285268.0000018F5206E000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	18F5206E000
Size:	24576

Details

Name:	00000003.00000002.641413867.00007FF57DC8F000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57DC8F000
Size:	8192

Details

Name:	00000005.00000002.662070009.00007FF5D754F000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D754F000
Size:	16384

Details

Name:	00000003.00000002.640905928.0000018F52055000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	18F52055000
Size:	94208

Details

Name:	00000004.00000002.645706731.00007FF4EB464000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EB464000
Size:	20480

Details

Name:	00000004.00000003.643823056.0000018880C67000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	18880C67000
Size:	45056

Details

Name:	00000005.00000002.662119675.00007FF5D7604000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D7604000
Size:	20480

Details

Name:	00000004.00000003.643796924.0000018880C67000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	18880C67000
Size:	45056

Details

Name:	00000005.00000002.661389800.0000020549F08000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	20549F08000
Size:	12288

Details

Name:	00000004.00000002.645080752.0000018880C13000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	18880C13000
Size:	86016

Details

Name:	00000000.00000001.631853602.0000000000400000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	image loaded
Regiontype:	unkown image
Protect:	page readonly
Base address:	400000
Size:	4096

Details

Name:	00000003.00000002.641431881.00007FF57DD7B000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57DD7B000
Size:	12288

Details

Name:	00000001.00000002.637151798.0000000002250000.00000004.00000040.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2250000
Size:	4096

Details

Name:	00000000.00000003.631996430.0000000002324000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2324000
Size:	172032

Details

Name:	00000004.00000002.644122861.0000006A3DDF9000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6A3DDF9000
Size:	28672

Details

Name:	00000003.00000003.639434399.0000018F5206E000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	18F5206E000
Size:	24576

Details

Name:	00000001.00000002.637084137.00000000005AE000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5AE000
Size:	8192

Details

Name:	00000005.00000003.660908490.0000020549E61000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20549E61000
Size:	114688

Details

Name:	00000004.00000002.645635350.00007FF4EB37A000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EB37A000
Size:	8192

Details

Name:	00000000.00000002.637187090.0000000002383000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2383000
Size:	8192

Details

Name:	00000000.00000002.637116434.0000000000AE0000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	AE0000
Size:	36864

Details

Name:	00000004.00000002.644836569.0000018880B60000.00000008.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page write copy
Base address:	18880B60000
Size:	266240

Details

Name:	00000003.00000002.641622996.00007FF57E02E000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57E02E000
Size:	4096

Details

Name:	00000003.00000002.640473073.0000018F51E40000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	18F51E40000
Size:	806912

Details

Name:	00000001.00000002.637128879.00000000009FF000.00000004.00000010.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	9FF000
Size:	4096

Details

Name:	00000004.00000002.645638637.00007FF4EB37E000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EB37E000
Size:	4096

Details

Name:	00000005.00000002.662017587.00007FF5D748C000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D748C000
Size:	8192

Details

Name:	00000000.00000002.637147464.0000000002310000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2310000
Size:	8192

Details

Name:	00000004.00000002.644895466.0000018880BB0000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	18880BB0000
Size:	16384

Details

Name:	00000004.00000002.645572278.00007FF4EB04A000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EB04A000
Size:	16384

Details

Name:	00000005.00000002.661337037.0000020549E9F000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	20549E9F000
Size:	12288

Details

Name:	00000003.00000002.641676684.00007FF57E0AA000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57E0AA000
Size:	12288

Details

Name:	00000003.00000002.641576615.00007FF57DFEC000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57DFEC000
Size:	4096

Details

Name:	00000001.00000002.637073334.0000000000560000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	560000
Size:	16384

Details

Name:	00000003.00000002.641593400.00007FF57E004000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57E004000
Size:	4096

Details

Name:	00000004.00000003.643874706.0000018880C6C000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	18880C6C000
Size:	24576

Details

Name:	00000001.00000000.635929081.0000000000400000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	400000
Size:	4096

Details

Name:	00000005.00000002.661409633.000002054A000000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2054A000000
Size:	4096

Details

Name:	00000004.00000002.645117943.0000018880C55000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	18880C55000
Size:	94208

Details

Name:	00000005.00000002.662014299.00007FF5D7484000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D7484000
Size:	4096

Details

Name:	00000000.00000002.637087759.0000000000A60000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	A60000
Size:	12288

Details

Name:	00000000.00000002.636827086.000000000021E000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	21E000
Size:	8192

Details

Name:	00000004.00000002.644948064.0000018880C00000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	18880C00000
Size:	4096

Details

Name:	00000004.00000002.645687559.00007FF4EB3E8000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EB3E8000
Size:	12288

Details

Name:	00000005.00000002.661032410.0000020549CB0000.00000004.00000040.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	20549CB0000
Size:	4096

Details

Name:	00000005.00000002.662032667.00007FF5D751E000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D751E000
Size:	4096

Details

Name:	00000001.00000000.635970817.000000000048E000.00000008.00020000.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page write copy
Base address:	48E000
Size:	4096

Details

Name:	00000004.00000002.645130570.0000018880D00000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	18880D00000
Size:	4096

Details

Name:	00000005.00000002.661128223.0000020549E00000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	20549E00000
Size:	73728

Details

Name:	00000003.00000002.641554977.00007FF57DFCB000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57DFCB000
Size:	45056

Details

Name:	00000004.00000002.645645637.00007FF4EB385000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EB385000
Size:	12288

Details

Name:	00000001.00000002.637093921.00000000005C8000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	5C8000
Size:	94208

Details

Name:	00000004.00000002.644091350.0000006A3DCFE000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6A3DCFE000
Size:	8192

Details

Name:	00000005.00000002.661302068.0000020549E9B000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	20549E9B000
Size:	12288

Details

Name:	00000005.00000002.661982739.00007FF5D7371000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D7371000
Size:	12288

Details

Name:	00000005.00000002.661035823.0000020549D10000.00000004.00000020.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	20549D10000
Size:	8192

Details

Name:	00000005.00000002.661572958.000002054A602000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2054A602000
Size:	4096

Details

Name:	00000005.00000002.662075384.00007FF5D7557000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D7557000
Size:	28672

Details

Name:	00000005.00000002.661428748.000002054A470000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2054A470000
Size:	4096

Details

Name:	00000005.00000002.660978486.000000BB03A7C000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	BB03A7C000
Size:	16384

Details

Name:	00000005.00000002.661360191.0000020549F00000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	20549F00000
Size:	4096

Details

Name:	00000004.00000003.643127723.0000018880C6D000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	18880C6D000
Size:	20480

Details

Name:	00000003.00000002.640893215.0000018F52041000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	18F52041000
Size:	28672

Details

Name:	00000004.00000003.643312419.0000018880C6A000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	18880C6A000
Size:	32768

Details

Name:	00000000.00000003.632023344.0000000002338000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2338000
Size:	270336

Details

Name:	00000005.00000002.662004296.00007FF5D746D000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D746D000
Size:	20480

Details

Name:	00000003.00000003.639165277.0000018F5206E000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	18F5206E000
Size:	24576

Details

Name:	00000005.00000002.662025268.00007FF5D750C000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D750C000
Size:	8192

Details

Name:	00000004.00000002.645156864.00000188826A0000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	188826A0000
Size:	3371008

Details

Name:	00000004.00000002.645153436.00000188825A0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	188825A0000
Size:	4096

Details

Name:	00000003.00000002.641389622.00007FF57DC7C000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57DC7C000
Size:	8192

Details

Name:	00000000.00000002.637314381.0000000002523000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2523000
Size:	8192

Details

Name:	00000003.00000002.641520957.00007FF57DFBE000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57DFBE000
Size:	4096

Details

Name:	00000005.00000002.662106688.00007FF5D7596000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D7596000
Size:	8192

Details

Name:	00000004.00000002.645693826.00007FF4EB3F1000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EB3F1000
Size:	4096

Details

Name:	00000005.00000002.662089306.00007FF5D7574000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D7574000
Size:	20480

Details

Name:	00000000.00000002.636820068.00000000001F0000.00000004.00000020.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	1F0000
Size:	20480

Details

Name:	00000005.00000002.661398340.0000020549F13000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	20549F13000
Size:	8192

Details

Name:	00000005.00000002.661239450.0000020549E5E000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	20549E5E000
Size:	12288

Details

Name:	00000004.00000002.645617219.00007FF4EB283000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EB283000
Size:	8192

Details

Name:	00000003.00000002.639898444.00000052596FF000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	52596FF000
Size:	4096

Details

Name:	00000005.00000002.661978338.00007FF5D7297000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D7297000
Size:	8192

Details

Name:	00000003.00000002.640853793.0000018F51F60000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	18F51F60000
Size:	16384

Details

Name:	00000004.00000002.645684026.00007FF4EB3DE000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EB3DE000
Size:	12288

Details

Name:	00000005.00000002.661991947.00007FF5D7401000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D7401000
Size:	4096

Details

Name:	00000001.00000002.637067206.0000000000540000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	540000
Size:	16384

Details

Name:	00000000.00000002.637292990.00000000024E0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	24E0000
Size:	143360

Signature Hits	Behavior Group	Mitre Attack
Contains VNC / remote desktop functionality (version string found)	Remote Access Functionality	Remote Access Software Remote Desktop Protocol
May initialize a security null descriptor	Lowering of HIPS / PFW / Operating System Security Settings
Urls found in memory or binary data	Networking

Details

Name:	00000004.00000003.643345023.0000018880C6D000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	18880C6D000
Size:	20480

Details

Name:	00000005.00000002.662098162.00007FF5D7588000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D7588000
Size:	12288

Details

Name:	00000000.00000002.636796389.000000000009C000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	9C000
Size:	16384

Details

Name:	00000000.00000002.637064192.00000000007DF000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7DF000
Size:	4096

Details

Name:	00000001.00000002.636967590.0000000000430000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	430000
Size:	806912

Details

Name:	00000005.00000002.661016888.000000BB03EF7000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	BB03EF7000
Size:	36864

Details

Name:	00000001.00000002.636962090.0000000000425000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	425000
Size:	8192

Details

Name:	00000003.00000002.640943090.0000018F52119000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	18F52119000
Size:	4096

Details

Name:	00000003.00000002.641428210.00007FF57DC97000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57DC97000
Size:	4096

Details

Name:	00000005.00000003.660925596.0000020549E5B000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20549E5B000
Size:	24576

Details

Name:	00000003.00000002.641486767.00007FF57DEC8000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57DEC8000
Size:	4096

Details

Name:	00000005.00000002.661039349.0000020549D20000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	20549D20000
Size:	806912

Details

Name:	00000003.00000002.641441859.00007FF57DD86000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57DD86000
Size:	4096

Details

Name:	00000004.00000003.643196227.0000018880C6A000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	18880C6A000
Size:	12288

Details

Name:	00000000.00000002.637107849.0000000000AA0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	AA0000
Size:	4096

Details

Name:	00000004.00000002.645609206.00007FF4EB261000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EB261000
Size:	4096

Details

Name:	00000005.00000002.661138495.0000020549E13000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	20549E13000
Size:	90112

Details

Name:	00000003.00000002.641586555.00007FF57DFF8000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57DFF8000
Size:	24576

Details

Name:	00000001.00000002.636934089.00000000002BA000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2BA000
Size:	8192

Details

Name:	00000005.00000002.662102453.00007FF5D758E000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D758E000
Size:	16384

Details

Name:	00000004.00000003.643421316.0000018880C6A000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	18880C6A000
Size:	12288

Details

Name:	00000005.00000002.662028843.00007FF5D751A000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D751A000
Size:	8192

Details

Name:	00000003.00000002.641384979.00007FF57D821000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57D821000
Size:	4096

Details

Name:	00000005.00000002.662094764.00007FF5D757F000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D757F000
Size:	8192

Details

Name:	00000001.00000002.637088422.00000000005C0000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	5C0000
Size:	24576

Details

Name:	00000004.00000003.643030972.0000018880C6C000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	18880C6C000
Size:	24576

Details

Name:	00000004.00000002.645623818.00007FF4EB320000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EB320000
Size:	4096

Details

Name:	00000003.00000002.641477826.00007FF57DEBB000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57DEBB000
Size:	4096

Details

Name:	00000005.00000002.661367222.0000020549F02000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	20549F02000
Size:	16384

Details

Name:	00000001.00000002.636919922.000000000009D000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	9D000
Size:	12288

Details

Name:	00000004.00000003.643585555.0000018880C6A000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	18880C6A000
Size:	32768

Details

Name:	00000005.00000002.661024026.000000BB03FFE000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	BB03FFE000
Size:	8192

Details

Name:	00000004.00000002.645716538.00007FF4EB471000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EB471000
Size:	20480

Details

Name:	00000000.00000002.637097604.0000000000A80000.00000040.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	A80000
Size:	4096

Details

Name:	00000004.00000002.645613521.00007FF4EB27B000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EB27B000
Size:	4096

Details

Name:	00000003.00000002.640881891.0000018F52029000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	18F52029000
Size:	94208

Details

Name:	00000004.00000002.645108422.0000018880C3F000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	18880C3F000
Size:	57344

Details

Name:	00000003.00000002.641495724.00007FF57DF62000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57DF62000
Size:	24576

Details

Name:	00000000.00000002.637093057.0000000000A70000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	A70000
Size:	4096

Details

Name:	00000000.00000000.631788786.0000000000400000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	400000
Size:	4096

Details

Name:	00000005.00000002.662066712.00007FF5D754C000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D754C000
Size:	4096

Details

Name:	00000004.00000002.645597424.00007FF4EB1A1000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EB1A1000
Size:	12288

Details

Name:	00000001.00000002.637110353.00000000005E0000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	5E0000
Size:	12288

Details

Name:	00000000.00000002.636831323.0000000000222000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	222000
Size:	4096

Details

Name:	00000005.00000002.661996699.00007FF5D741B000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D741B000
Size:	8192

Details

Name:	00000004.00000002.645680106.00007FF4EB3D4000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EB3D4000
Size:	20480

Details

Name:	00000000.00000002.637078693.000000000095E000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	95E000
Size:	8192

Details

Name:	00000000.00000002.637157319.0000000002334000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2334000
Size:	16384

Details

Name:	00000001.00000002.637078705.0000000000565000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	565000
Size:	12288

Details

Name:	00000003.00000002.640929929.0000018F52102000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	18F52102000
Size:	40960

Details

Name:	00000003.00000002.641510636.00007FF57DFBA000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57DFBA000
Size:	8192

Details

Name:	00000003.00000002.641637831.00007FF57E036000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57E036000
Size:	8192

Details

Name:	00000001.00000002.637062207.000000000053E000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	53E000
Size:	8192

Details

Name:	00000004.00000002.645711052.00007FF4EB46A000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EB46A000
Size:	12288

Details

Name:	00000003.00000002.641502061.00007FF57DF83000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57DF83000
Size:	8192

Details

Name:	00000004.00000002.645134247.0000018880D02000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	18880D02000
Size:	40960

Details

Name:	00000003.00000002.640917929.0000018F52072000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	18F52072000
Size:	8192

Details

Name:	00000001.00000002.637115952.00000000007BF000.00000004.00000010.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7BF000
Size:	4096

Details

Name:	00000001.00000001.636784720.0000000000425000.00000040.00020000.sdmp
TargetID:	1
Dumpstage:	image loaded
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	425000
Size:	8192

Details

Name:	00000001.00000002.636925044.000000000019C000.00000004.00000010.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	19C000
Size:	16384

Details

Name:	00000003.00000002.640945999.0000018F52200000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	18F52200000
Size:	36864

Details

Name:	00000004.00000003.643062727.0000018880C6A000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	18880C6A000
Size:	32768

Details

Name:	00000003.00000002.641481592.00007FF57DEC3000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57DEC3000
Size:	8192

Details

Name:	00000004.00000002.644052972.0000006A3D9EB000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6A3D9EB000
Size:	20480

Details

Name:	00000004.00000002.645141966.0000018880D13000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	18880D13000
Size:	16384

Details

Name:	00000005.00000002.661230561.0000020549E56000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	20549E56000
Size:	20480

Details

Name:	00000001.00000000.635937039.000000000044B000.00000080.00020000.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute and write copy
Base address:	44B000
Size:	274432

Details

Name:	00000005.00000002.661987973.00007FF5D73C3000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D73C3000
Size:	8192

Details

Name:	00000004.00000002.645601949.00007FF4EB1A5000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF4EB1A5000
Size:	4096

Details

Name:	00000005.00000002.660996357.000000BB03C75000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	BB03C75000
Size:	45056

Details

Name:	00000005.00000002.662114652.00007FF5D759D000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D759D000
Size:	16384

Details

Name:	00000003.00000002.640315262.00000052598FF000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	52598FF000
Size:	4096

Details

Name:	00000000.00000002.637130800.00000000022C0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22C0000
Size:	94208

Details

Name:	00000005.00000002.662043541.00007FF5D7525000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5D7525000
Size:	12288

Details

Name:	00000003.00000002.641581054.00007FF57DFEF000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57DFEF000
Size:	16384

Details

Name:	00000003.00000002.641683813.00007FF57E0B1000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57E0B1000
Size:	20480

Details

Name:	00000000.00000002.636901812.0000000000477000.00000040.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	477000
Size:	24576

Details

Name:	00000000.00000002.636918902.000000000048E000.00000004.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	48E000
Size:	4096

Details

Name:	00000000.00000002.636838515.0000000000401000.00000040.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	401000
Size:	471040

Details

Name:	00000000.00000002.637356410.0000000002530000.00000002.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2530000
Size:	3371008

Details

Name:	00000003.00000002.641609115.00007FF57E01E000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57E01E000
Size:	12288

Details

Name:	00000000.00000002.637112304.0000000000AD0000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	AD0000
Size:	8192

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOCReport

Processes

Memdumps