Automated Malware Analysis IOC Report for

Details

Name:	00000005.00000002.2597850360.0000000002100000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2100000
Size:	102400

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected Nanocore RAT	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
Installs a raw input device (often for capturing keystrokes)	Key, Mouse, Clipboard, Microphone and Screen Capturing	Input Capture
Yara signature match	System Summary

Details

Name:	00000005.00000002.2597305465.0000000000402000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	402000
Size:	118784

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected Nanocore RAT	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
Yara signature match	System Summary

Details

Name:	00000004.00000002.2397412433.00000000026EB000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	26EB000
Size:	126976

Signature Hits	Behavior Group	Mitre Attack
Yara detected AntiVM3	Malware Analysis System Evasion
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)	Malware Analysis System Evasion	Security Software Discovery
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery
SQL strings found in memory and binary data	System Summary
URLs found in memory or binary data	Networking

Details

Name:	00000005.00000002.2599211155.000000000387F000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	387F000
Size:	319488

Signature Hits	Behavior Group	Mitre Attack
Found malware configuration	AV Detection
Yara detected Nanocore RAT	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality

Details

Name:	00000004.00000002.2399354927.00000000036B1000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	36B1000
Size:	3813376

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected Nanocore RAT	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
Yara signature match	System Summary

Details

Name:	00000005.00000003.2595633225.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	32768

Details

Name:	00000005.00000002.2597939616.0000000002235000.00000040.00000040.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page execute and read and write
Base address:	2235000
Size:	4096

Details

Name:	00000005.00000003.2555650600.0000000005E12000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E12000
Size:	32768

Details

Name:	00000005.00000003.2395518765.00000000004D0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D0000
Size:	12288

Details

Name:	00000005.00000002.2597200692.000000000018A000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	18A000
Size:	8192

Details

Name:	00000004.00000002.2395239351.0000000000579000.00000004.00000040.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	579000
Size:	28672

Details

Name:	00000005.00000002.2600420977.000000000562F000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	562F000
Size:	4096

Details

Name:	00000005.00000003.2518034221.00000000038E4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	38E4000
Size:	36864

Details

Name:	00000004.00000002.2402223747.000000007EF43000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7EF43000
Size:	4096

Details

Name:	00000005.00000003.2492007663.0000000003964000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3964000
Size:	36864

Details

Name:	00000004.00000002.2395287836.00000000005C0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5C0000
Size:	4096

Details

Name:	00000004.00000002.2395449769.0000000000AA0000.00000004.00000040.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	AA0000
Size:	16384

Details

Name:	00000004.00000002.2402081025.00000000053BE000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	53BE000
Size:	8192

Details

Name:	00000005.00000003.2553249380.0000000003984000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3984000
Size:	36864

Details

Name:	00000005.00000002.2601029379.00000000069CE000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	69CE000
Size:	8192

Details

Name:	00000005.00000003.2587858961.00000000038E4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	38E4000
Size:	36864

Details

Name:	00000005.00000003.2493742675.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	32768

Details

Name:	00000005.00000003.2395236013.0000000000490000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	490000
Size:	16384

Details

Name:	00000004.00000003.2388471736.0000000000AC0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AC0000
Size:	65536

Details

Name:	00000005.00000003.2395247029.0000000000245000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	245000
Size:	8192

Details

Name:	00000005.00000003.2497264576.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	32768

Details

Name:	00000004.00000002.2402257021.000000007EF50000.00000040.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	7EF50000
Size:	4096

Details

Name:	00000005.00000003.2521352562.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	32768

Details

Name:	00000005.00000002.2599675624.0000000004E0F000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4E0F000
Size:	4096

Details

Name:	00000005.00000003.2482588598.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	32768

Details

Name:	00000005.00000003.2406304914.0000000003964000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3964000
Size:	40960

Details

Name:	00000005.00000003.2469053614.00000000038E4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	38E4000
Size:	36864

Details

Name:	00000004.00000002.2395220255.0000000000530000.00000004.00000040.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	530000
Size:	4096

Details

Name:	00000005.00000002.2598434168.000000000283D000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	283D000
Size:	913408

Signature Hits	Behavior Group	Mitre Attack
May try to detect the Windows Explorer process (often used for injection)	HIPS / PFW / Operating System Protection Evasion	Process Injection Process Discovery

Details

Name:	00000004.00000002.2401577982.0000000004A76000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4A76000
Size:	12288

Details

Name:	00000005.00000003.2494386605.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	32768

Details

Name:	00000005.00000003.2533541783.0000000003984000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3984000
Size:	36864

Details

Name:	00000005.00000002.2597267134.0000000000240000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	240000
Size:	8192

Details

Name:	00000005.00000003.2520765280.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	32768

Details

Name:	00000005.00000003.2397989518.0000000002130000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2130000
Size:	45056

Details

Name:	00000005.00000003.2569499349.00000000038E4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	38E4000
Size:	36864

Details

Name:	00000004.00000003.2388447820.0000000000B10000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	B10000
Size:	16384

Details

Name:	00000004.00000003.2388459852.0000000000B16000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	B16000
Size:	40960

Details

Name:	00000005.00000003.2538405063.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	32768

Details

Name:	00000005.00000003.2496499877.0000000005E11000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E11000
Size:	36864

Details

Name:	00000005.00000003.2509624362.0000000003984000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3984000
Size:	36864

Details

Name:	00000004.00000002.2395073552.000000000028A000.00000040.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	28A000
Size:	8192

Details

Name:	00000005.00000003.2595330311.00000000039C4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39C4000
Size:	36864

Details

Name:	00000005.00000002.2597222356.00000000001A2000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1A2000
Size:	4096

Details

Name:	00000004.00000002.2395599982.000000000204C000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	204C000
Size:	114688

Details

Name:	00000005.00000002.2597919023.0000000002200000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2200000
Size:	167936

Signature Hits	Behavior Group	Mitre Attack
Detected Nanocore Rat	Remote Access Functionality	Remote Access Software
Malicious sample detected (through community Yara rule)	System Summary
Yara signature match	System Summary

Details

Name:	00000005.00000003.2481423929.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	32768

Details

Name:	00000004.00000002.2395454998.0000000000AB1000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	AB1000
Size:	20480

Details

Name:	00000004.00000002.2395233530.0000000000570000.00000004.00000040.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	570000
Size:	24576

Details

Name:	00000005.00000002.2598254039.0000000002754000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2754000
Size:	212992

Details

Name:	00000005.00000003.2540278508.0000000005E11000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E11000
Size:	32768

Details

Name:	00000005.00000003.2444138921.00000000038E4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	38E4000
Size:	36864

Details

Name:	00000005.00000003.2533484577.00000000038E4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	38E4000
Size:	36864

Details

Name:	00000004.00000003.2385704725.00000000005B0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5B0000
Size:	32768

Details

Name:	00000005.00000003.2398144236.0000000002138000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2138000
Size:	24576

Details

Name:	00000005.00000002.2600375632.00000000054FD000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	54FD000
Size:	12288

Details

Name:	00000005.00000003.2451377991.00000000039A4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39A4000
Size:	36864

Details

Name:	00000005.00000002.2597408225.0000000000510000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	510000
Size:	4096

Details

Name:	00000005.00000003.2396876893.00000000004D0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D0000
Size:	28672

Details

Name:	00000005.00000002.2597692834.00000000008B3000.00000004.00000020.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	8B3000
Size:	217088

Signature Hits	Behavior Group	Mitre Attack
May try to detect the Windows Explorer process (often used for injection)	HIPS / PFW / Operating System Protection Evasion	Process Injection Process Discovery

Details

Name:	00000004.00000002.2401528944.00000000049E0000.00000004.00000040.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	49E0000
Size:	16384

Details

Name:	00000005.00000003.2587960351.00000000039E4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39E4000
Size:	36864

Details

Name:	00000005.00000002.2597933962.0000000002230000.00000040.00000040.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page execute and read and write
Base address:	2230000
Size:	8192

Details

Name:	00000005.00000002.2599421219.00000000048EE000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	48EE000
Size:	8192

Details

Name:	00000005.00000003.2553223530.0000000003923000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3923000
Size:	40960

Details

Name:	00000005.00000003.2395224928.0000000000240000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	240000
Size:	24576

Details

Name:	00000005.00000003.2395523555.00000000004D4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D4000
Size:	49152

Details

Name:	00000004.00000002.2395134689.00000000003A0000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3A0000
Size:	421888

Details

Name:	00000005.00000002.2597234400.00000000001FA000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1FA000
Size:	24576

Details

Name:	00000005.00000003.2525269105.0000000003984000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3984000
Size:	36864

Details

Name:	00000005.00000003.2396089020.00000000004D7000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D7000
Size:	12288

Details

Name:	00000005.00000003.2519362478.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	32768

Details

Name:	00000004.00000002.2395818620.00000000023E0000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	23E0000
Size:	2945024

Details

Name:	00000005.00000003.2587916531.0000000003964000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3964000
Size:	36864

Details

Name:	00000005.00000003.2397204035.00000000004F5000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4F5000
Size:	8192

Details

Name:	00000004.00000003.2389772433.0000000000490000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	490000
Size:	12288

Details

Name:	00000005.00000002.2597050627.00000000000A0000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	A0000
Size:	421888

Details

Name:	00000005.00000003.2489448259.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	32768

Details

Name:	00000005.00000002.2597434292.000000000058E000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	58E000
Size:	8192

Details

Name:	00000005.00000003.2533504447.0000000003944000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3944000
Size:	36864

Details

Name:	00000005.00000003.2406353307.0000000003A24000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3A24000
Size:	40960

Details

Name:	00000005.00000003.2542800660.00000000039A4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39A4000
Size:	36864

Details

Name:	00000005.00000003.2398073313.0000000002128000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2128000
Size:	32768

Details

Name:	00000004.00000002.2397504381.000000000270B000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	270B000
Size:	86016

Details

Name:	00000005.00000003.2444198009.00000000039C4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39C4000
Size:	36864

Details

Name:	00000005.00000003.2521368243.0000000005E11000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E11000
Size:	36864

Details

Name:	00000005.00000003.2395717454.00000000004E8000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4E8000
Size:	32768

Details

Name:	00000005.00000003.2444175160.0000000003964000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3964000
Size:	36864

Details

Name:	00000005.00000003.2396864441.00000000004E5000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4E5000
Size:	4096

Details

Name:	00000005.00000002.2598695024.0000000002949000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2949000
Size:	147456

Details

Name:	00000005.00000003.2444147405.0000000003903000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3903000
Size:	40960

Details

Name:	00000005.00000002.2597826856.00000000020BC000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	20BC000
Size:	114688

Details

Name:	00000004.00000002.2395182427.000000000042A000.00000040.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	42A000
Size:	4096

Details

Name:	00000005.00000003.2469115429.0000000003964000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3964000
Size:	36864

Details

Name:	00000005.00000002.2597183426.0000000000170000.00000004.00000040.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	170000
Size:	20480

Details

Name:	00000005.00000002.2597669238.0000000000879000.00000004.00000020.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	879000
Size:	233472

Details

Name:	00000005.00000003.2459858734.0000000003944000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3944000
Size:	36864

Details

Name:	00000005.00000002.2600428399.000000000578E000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	578E000
Size:	8192

Details

Name:	00000005.00000002.2599018052.00000000037BF000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	37BF000
Size:	40960

Details

Name:	00000005.00000002.2597914310.00000000021E2000.00000004.00000040.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	21E2000
Size:	16384

Details

Name:	00000005.00000003.2410990928.00000000008FC000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	8FC000
Size:	65536

Details

Name:	00000005.00000003.2435962853.0000000003923000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3923000
Size:	40960

Details

Name:	00000005.00000003.2595316456.00000000039A4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39A4000
Size:	36864

Details

Name:	00000005.00000003.2457979583.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	65536

Details

Name:	00000005.00000002.2597230452.00000000001AB000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	1AB000
Size:	4096

Details

Name:	00000004.00000002.2395076831.0000000000290000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	290000
Size:	8192

Details

Name:	00000005.00000002.2597628711.00000000007D0000.00000040.00000040.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page execute and read and write
Base address:	7D0000
Size:	4096

Details

Name:	00000005.00000003.2459846700.0000000003923000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3923000
Size:	40960

Details

Name:	00000004.00000003.2388558155.0000000000AC0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AC0000
Size:	32768

Details

Name:	00000005.00000003.2493761870.0000000005E11000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E11000
Size:	36864

Details

Name:	00000004.00000002.2395584310.0000000000C38000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	C38000
Size:	4096

Details

Name:	00000005.00000003.2406338819.00000000039E4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39E4000
Size:	40960

Details

Name:	00000005.00000003.2490683396.0000000005E11000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E11000
Size:	36864

Details

Name:	00000005.00000002.2599692303.0000000004E4E000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4E4E000
Size:	8192

Details

Name:	00000005.00000003.2569547226.00000000039C4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39C4000
Size:	36864

Details

Name:	00000005.00000003.2401644831.0000000002270000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2270000
Size:	24576

Details

Name:	00000005.00000003.2395932102.00000000004D0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D0000
Size:	16384

Details

Name:	00000005.00000003.2423984005.00000000039A4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39A4000
Size:	36864

Details

Name:	00000004.00000002.2402269576.000000007EFDF000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7EFDF000
Size:	4096

Details

Name:	00000005.00000003.2396955972.00000000004E6000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4E6000
Size:	8192

Details

Name:	00000005.00000002.2597900234.00000000021BE000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	21BE000
Size:	8192

Details

Name:	00000005.00000002.2597192340.0000000000182000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	182000
Size:	4096

Details

Name:	00000005.00000003.2395243072.0000000000240000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	240000
Size:	16384

Details

Name:	00000005.00000003.2509583371.00000000038E4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	38E4000
Size:	4096

Details

Name:	00000005.00000003.2397358822.0000000000538000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	538000
Size:	32768

Details

Name:	00000005.00000002.2597866625.0000000002130000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2130000
Size:	65536

Details

Name:	00000005.00000003.2406262470.00000000038E4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	38E4000
Size:	40960

Details

Name:	00000005.00000003.2396765079.00000000004D0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D0000
Size:	12288

Details

Name:	00000005.00000002.2597821393.00000000020B7000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	20B7000
Size:	12288

Details

Name:	00000005.00000002.2597459701.00000000005FE000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5FE000
Size:	8192

Details

Name:	00000005.00000003.2525253803.0000000003944000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3944000
Size:	36864

Details

Name:	00000005.00000003.2406325037.00000000039A4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39A4000
Size:	40960

Details

Name:	00000004.00000002.2395470953.0000000000B22000.00000020.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute read
Base address:	B22000
Size:	1138688

Details

Name:	00000004.00000003.2389947650.00000000004B0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4B0000
Size:	28672

Details

Name:	00000005.00000003.2579103495.0000000003964000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3964000
Size:	36864

Details

Name:	00000005.00000003.2459888802.0000000003984000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3984000
Size:	36864

Details

Name:	00000005.00000003.2561201423.00000000039E4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39E4000
Size:	36864

Details

Name:	00000005.00000002.2597905534.00000000021C0000.00000004.00000040.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	21C0000
Size:	4096

Details

Name:	00000005.00000003.2395614795.00000000004D0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D0000
Size:	16384

Details

Name:	00000004.00000002.2402095186.00000000054DF000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	54DF000
Size:	4096

Details

Name:	00000005.00000002.2598644420.0000000002921000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2921000
Size:	159744

Details

Name:	00000004.00000002.2395768863.0000000002210000.00000040.00000040.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page execute and read and write
Base address:	2210000
Size:	8192

Details

Name:	00000005.00000003.2521930154.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	32768

Details

Name:	00000005.00000003.2509608697.0000000003944000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3944000
Size:	36864

Details

Name:	00000005.00000002.2600441371.000000000589D000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	589D000
Size:	12288

Details

Name:	00000004.00000002.2395070387.0000000000282000.00000040.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	282000
Size:	8192

Details

Name:	00000005.00000003.2396035689.00000000004D0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D0000
Size:	16384

Details

Name:	00000005.00000002.2597171010.0000000000160000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	160000
Size:	8192

Details

Name:	00000004.00000002.2401252520.0000000003A6A000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3A6A000
Size:	1495040

Details

Name:	00000005.00000003.2516338448.0000000005E11000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E11000
Size:	36864

Details

Name:	00000005.00000003.2554574235.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	32768

Details

Name:	00000005.00000003.2396916370.00000000004E0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4E0000
Size:	16384

Details

Name:	00000005.00000003.2395752291.00000000004F0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4F0000
Size:	45056

Details

Name:	00000004.00000002.2395291092.00000000005E0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5E0000
Size:	65536

Details

Name:	00000005.00000003.2525283038.00000000039C4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39C4000
Size:	36864

Details

Name:	00000005.00000003.2396193908.00000000004D0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D0000
Size:	20480

Details

Name:	00000005.00000002.2598991764.000000000377F000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	377F000
Size:	40960

Details

Name:	00000005.00000003.2587940780.00000000039A4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39A4000
Size:	36864

Details

Name:	00000005.00000003.2492016474.0000000003984000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3984000
Size:	36864

Details

Name:	00000005.00000002.2597154791.0000000000140000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	140000
Size:	8192

Details

Name:	00000004.00000002.2395278274.00000000005A0000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	5A0000
Size:	8192

Details

Name:	00000005.00000002.2597215154.000000000019A000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	19A000
Size:	4096

Details

Name:	00000005.00000003.2412797750.000000000090C000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	90C000
Size:	36864

Details

Name:	00000005.00000003.2406294388.0000000003944000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3944000
Size:	40960

Details

Name:	00000005.00000002.2597239465.0000000000200000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	200000
Size:	65536

Details

Name:	00000005.00000003.2397814569.00000000005B8000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5B8000
Size:	32768

Details

Name:	00000005.00000002.2599489645.0000000004A30000.00000040.00000040.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page execute and read and write
Base address:	4A30000
Size:	16384

Details

Name:	00000004.00000003.2389906674.0000000000490000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	490000
Size:	8192

Details

Name:	00000005.00000003.2395470939.0000000000500000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	500000
Size:	28672

Details

Name:	00000005.00000002.2599183252.000000000385F000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	385F000
Size:	40960

Details

Name:	00000005.00000003.2567511797.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	32768

Details

Name:	00000005.00000002.2597839838.00000000020DB000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	20DB000
Size:	86016

Details

Name:	00000005.00000003.2397178101.00000000004F0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4F0000
Size:	20480

Details

Name:	00000004.00000002.2401587804.0000000004AF0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4AF0000
Size:	1024000

Details

Name:	00000005.00000003.2459910487.00000000039A4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39A4000
Size:	36864

Details

Name:	00000005.00000002.2597909642.00000000021C4000.00000004.00000040.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	21C4000
Size:	4096

Details

Name:	00000004.00000003.2388416782.00000000021E0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	21E0000
Size:	65536

Details

Name:	00000005.00000003.2561139348.00000000038E4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	38E4000
Size:	36864

Details

Name:	00000005.00000003.2400470763.0000000002270000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2270000
Size:	32768

Details

Name:	00000004.00000002.2395067202.0000000000270000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	270000
Size:	8192

Details

Name:	00000004.00000003.2386998894.0000000000AC0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AC0000
Size:	16384

Details

Name:	00000004.00000003.2388336580.0000000000AC0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AC0000
Size:	65536

Details

Name:	00000005.00000003.2490139103.0000000005E11000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E11000
Size:	36864

Details

Name:	00000005.00000002.2598967227.000000000375F000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	375F000
Size:	40960

Details

Name:	00000005.00000003.2398122340.0000000002130000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2130000
Size:	28672

Details

Name:	00000005.00000002.2597398693.00000000004F0000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	4F0000
Size:	20480

Details

Name:	00000005.00000003.2533564244.00000000039C4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39C4000
Size:	36864

Details

Name:	00000005.00000003.2490113968.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	32768

Details

Name:	00000005.00000003.2448045939.0000000000900000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	900000
Size:	65536

Details

Name:	00000005.00000002.2600466403.00000000058A0000.00000008.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page write copy
Base address:	58A0000
Size:	786432

Details

Name:	00000005.00000003.2398160196.0000000002140000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2140000
Size:	16384

Details

Name:	00000005.00000003.2396852474.00000000004E0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4E0000
Size:	12288

Details

Name:	00000005.00000003.2595677979.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	32768

Details

Name:	00000004.00000002.2395246590.0000000000580000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	580000
Size:	65536

Details

Name:	00000005.00000003.2398426160.0000000002136000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2136000
Size:	8192

Details

Name:	00000005.00000002.2597494432.000000000063A000.00000004.00000020.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	63A000
Size:	4096

Details

Name:	00000005.00000003.2587876312.0000000003903000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3903000
Size:	40960

Details

Name:	00000005.00000002.2597438390.0000000000590000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	590000
Size:	86016

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara signature match	System Summary

Details

Name:	00000005.00000002.2597371624.0000000000490000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	490000
Size:	28672

Details

Name:	00000005.00000003.2441461661.0000000000900000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	900000
Size:	65536

Details

Name:	00000004.00000002.2401732852.0000000004BF0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4BF0000
Size:	1073152

Details

Name:	00000005.00000003.2453257001.0000000000911000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	911000
Size:	32768

Details

Name:	00000004.00000002.2401544422.0000000004A0D000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4A0D000
Size:	217088

Details

Name:	00000005.00000003.2396019515.00000000004D0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D0000
Size:	45056

Details

Name:	00000004.00000002.2395052696.00000000001A7000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1A7000
Size:	36864

Details

Name:	00000005.00000003.2477588525.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	32768

Details

Name:	00000005.00000003.2518083200.00000000039C4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39C4000
Size:	36864

Details

Name:	00000005.00000003.2400455484.0000000002279000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2279000
Size:	24576

Details

Name:	00000005.00000002.2597735291.0000000000C50000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	C50000
Size:	389120

Signature Hits	Behavior Group	Mitre Attack
May try to detect the Windows Explorer process (often used for injection)	HIPS / PFW / Operating System Protection Evasion	Process Injection Process Discovery

Details

Name:	00000005.00000002.2597316838.0000000000422000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	422000
Size:	430080

Details

Name:	00000005.00000003.2491987879.0000000003924000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3924000
Size:	36864

Details

Name:	00000005.00000003.2593760187.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	32768

Details

Name:	00000005.00000003.2587900746.0000000003944000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3944000
Size:	36864

Details

Name:	00000005.00000003.2595217451.0000000003944000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3944000
Size:	36864

Details

Name:	00000005.00000003.2395479029.00000000004F0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4F0000
Size:	65536

Details

Name:	00000004.00000002.2397566176.0000000002723000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2723000
Size:	4157440

Details

Name:	00000005.00000003.2396132386.00000000004E0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4E0000
Size:	20480

Details

Name:	00000005.00000003.2436000188.00000000039C4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39C4000
Size:	36864

Details

Name:	00000005.00000003.2583835126.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	32768

Details

Name:	00000004.00000003.2387091273.0000000000AB0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AB0000
Size:	65536

Details

Name:	00000004.00000002.2395079937.0000000000292000.00000040.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	292000
Size:	36864

Details

Name:	00000005.00000002.2597641186.0000000000820000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	820000
Size:	40960

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara signature match	System Summary

Details

Name:	00000005.00000002.2597277149.0000000000346000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	346000
Size:	40960

Details

Name:	00000005.00000003.2395637197.00000000004D0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D0000
Size:	20480

Details

Name:	00000004.00000002.2395614046.000000000206B000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	206B000
Size:	86016

Details

Name:	00000005.00000002.2599513535.0000000004A37000.00000040.00000040.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page execute and read and write
Base address:	4A37000
Size:	4096

Details

Name:	00000005.00000002.2601088011.0000000006B6E000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6B6E000
Size:	8192

Details

Name:	00000005.00000003.2398625293.0000000003903000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3903000
Size:	45056

Details

Name:	00000005.00000003.2518076675.00000000039A4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39A4000
Size:	36864

Details

Name:	00000004.00000003.2389788287.0000000000490000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	490000
Size:	49152

Details

Name:	00000005.00000003.2395252808.0000000000241000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	241000
Size:	12288

Details

Name:	00000005.00000003.2398640892.0000000003923000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3923000
Size:	86016

Details

Name:	00000005.00000002.2599157214.000000000383F000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	383F000
Size:	40960

Details

Name:	00000005.00000003.2396587875.00000000004D0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D0000
Size:	32768

Details

Name:	00000005.00000003.2396216812.00000000004D6000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D6000
Size:	16384

Details

Name:	00000005.00000003.2395689564.00000000004D0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D0000
Size:	65536

Details

Name:	00000005.00000002.2599269380.00000000038E3000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	38E3000
Size:	4096

Details

Name:	00000005.00000003.2520783054.0000000005E11000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E11000
Size:	36864

Details

Name:	00000005.00000003.2541476200.0000000005E11000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E11000
Size:	32768

Details

Name:	00000004.00000003.2389917549.0000000000493000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	493000
Size:	53248

Details

Name:	00000005.00000003.2519371002.0000000005E11000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E11000
Size:	36864

Details

Name:	00000005.00000003.2460538137.0000000005E11000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E11000
Size:	32768

Details

Name:	00000005.00000003.2469127479.0000000003984000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3984000
Size:	36864

Details

Name:	00000005.00000003.2396411082.00000000004D0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D0000
Size:	20480

Details

Name:	00000005.00000003.2500220879.0000000003944000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3944000
Size:	36864

Details

Name:	00000005.00000003.2495800911.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	32768

Details

Name:	00000005.00000002.2597386906.00000000004C0000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	4C0000
Size:	12288

Details

Name:	00000005.00000003.2397092451.00000000008B6000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	8B6000
Size:	20480

Details

Name:	00000005.00000003.2459818345.00000000038E4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	38E4000
Size:	36864

Details

Name:	00000005.00000002.2597584693.0000000000780000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	780000
Size:	53248

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara signature match	System Summary
URLs found in memory or binary data	Networking
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000005.00000003.2579171361.00000000039A4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39A4000
Size:	36864

Details

Name:	00000004.00000002.2395282871.00000000005B0000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	5B0000
Size:	20480

Details

Name:	00000005.00000003.2451365664.0000000003984000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3984000
Size:	36864

Details

Name:	00000005.00000003.2561175181.0000000003964000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3964000
Size:	36864

Details

Name:	00000005.00000002.2598186375.0000000002691000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2691000
Size:	794624

Signature Hits	Behavior Group	Mitre Attack
Detected Nanocore Rat	Remote Access Functionality	Remote Access Software
Malicious sample detected (through community Yara rule)	System Summary
Yara signature match	System Summary
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000005.00000002.2597377035.00000000004A0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4A0000
Size:	8192

Details

Name:	00000005.00000003.2395297574.0000000000240000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	240000
Size:	20480

Details

Name:	00000005.00000003.2481449209.0000000005E11000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E11000
Size:	32768

Details

Name:	00000004.00000002.2395172964.000000000041A000.00000040.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	41A000
Size:	4096

Details

Name:	00000005.00000003.2398513299.00000000008F2000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	8F2000
Size:	20480

Details

Name:	00000004.00000003.2389752018.0000000000490000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	490000
Size:	12288

Details

Name:	00000005.00000003.2410958632.000000000090C000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	90C000
Size:	12288

Details

Name:	00000005.00000003.2395627291.00000000004D0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D0000
Size:	40960

Details

Name:	00000005.00000003.2459831100.0000000003903000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3903000
Size:	8192

Details

Name:	00000005.00000003.2396632350.00000000004D0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D0000
Size:	32768

Details

Name:	00000005.00000003.2593500324.0000000005E12000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E12000
Size:	32768

Details

Name:	00000005.00000003.2395644972.00000000004D6000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D6000
Size:	8192

Details

Name:	00000005.00000002.2597593122.0000000000790000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	790000
Size:	36864

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara signature match	System Summary

Details

Name:	00000005.00000003.2459940432.00000000039E4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39E4000
Size:	36864

Details

Name:	00000005.00000003.2555641295.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	32768

Details

Name:	00000005.00000002.2600671718.0000000005BFE000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5BFE000
Size:	8192

Details

Name:	00000004.00000002.2395332642.00000000009B0000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	9B0000
Size:	913408

Details

Name:	00000005.00000002.2597175709.0000000000162000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	162000
Size:	57344

Details

Name:	00000005.00000003.2469227341.00000000039C4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39C4000
Size:	36864

Details

Name:	00000005.00000003.2509600735.0000000003923000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3923000
Size:	40960

Details

Name:	00000005.00000002.2597725108.0000000000930000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	930000
Size:	24576

Details

Name:	00000004.00000002.2395694206.0000000002170000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2170000
Size:	212992

Details

Name:	00000004.00000002.2395327701.0000000000810000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	810000
Size:	12288

Details

Name:	00000005.00000002.2597188442.0000000000180000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	180000
Size:	4096

Details

Name:	00000004.00000002.2395169431.0000000000417000.00000040.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	417000
Size:	4096

Details

Name:	00000005.00000003.2595230270.0000000003964000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3964000
Size:	36864

Details

Name:	00000004.00000003.2388396682.00000000021F0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	21F0000
Size:	65536

Details

Name:	00000005.00000003.2595160186.00000000038E4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	38E4000
Size:	36864

Details

Name:	00000005.00000003.2397125238.00000000008B8000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	8B8000
Size:	12288

Details

Name:	00000005.00000002.2597944025.0000000002252000.00000040.00000040.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page execute and read and write
Base address:	2252000
Size:	8192

Details

Name:	00000004.00000002.2395092333.00000000002A7000.00000004.00000020.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	2A7000
Size:	4096

Details

Name:	00000005.00000003.2567521310.0000000005E12000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E12000
Size:	32768

Details

Name:	00000005.00000003.2423965590.0000000003944000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3944000
Size:	36864

Details

Name:	00000005.00000003.2410969904.0000000000913000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	913000
Size:	40960

Details

Name:	00000005.00000003.2406273370.0000000003903000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3903000
Size:	45056

Details

Name:	00000005.00000002.2599344478.000000000472E000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	472E000
Size:	8192

Details

Name:	00000005.00000002.2597403893.0000000000500000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	500000
Size:	20480

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara signature match	System Summary

Details

Name:	00000005.00000003.2478515315.0000000005E11000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E11000
Size:	32768

Details

Name:	00000005.00000003.2406315650.0000000003984000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3984000
Size:	40960

Details

Name:	00000005.00000002.2597150356.0000000000130000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	130000
Size:	4096

Details

Name:	00000005.00000003.2479357626.0000000005E11000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E11000
Size:	32768

Details

Name:	00000004.00000002.2395106252.00000000002E8000.00000004.00000020.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	2E8000
Size:	212992

Details

Name:	00000005.00000003.2491998106.0000000003944000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3944000
Size:	36864

Details

Name:	00000005.00000003.2533532778.0000000003964000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3964000
Size:	36864

Details

Name:	00000005.00000002.2597730634.0000000000AB0000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	AB0000
Size:	12288

Details

Name:	00000004.00000002.2395057556.00000000001C0000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1C0000
Size:	4096

Details

Name:	00000005.00000003.2453279670.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	65536

Details

Name:	00000005.00000003.2441453802.0000000000910000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	910000
Size:	32768

Details

Name:	00000004.00000002.2402071409.00000000052BF000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	52BF000
Size:	4096

Details

Name:	00000005.00000003.2553236302.0000000003944000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3944000
Size:	36864

Details

Name:	00000004.00000002.2395034926.0000000000020000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	20000
Size:	4096

Details

Name:	00000004.00000002.2401515059.00000000048BF000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	48BF000
Size:	4096

Details

Name:	00000005.00000002.2597144894.0000000000120000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	120000
Size:	4096

Details

Name:	00000005.00000002.2598883106.000000000371F000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	371F000
Size:	40960

Details

Name:	00000005.00000002.2597886423.0000000002160000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2160000
Size:	61440

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara signature match	System Summary

Details

Name:	00000005.00000003.2494403078.0000000005E11000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E11000
Size:	36864

Details

Name:	00000005.00000002.2597205556.0000000000190000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	190000
Size:	4096

Details

Name:	00000005.00000002.2597137783.0000000000110000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	110000
Size:	4096

Details

Name:	00000005.00000003.2397739217.0000000000600000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	600000
Size:	45056

Details

Name:	00000005.00000003.2396517914.00000000004D0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D0000
Size:	24576

Details

Name:	00000005.00000003.2518042159.0000000003903000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3903000
Size:	40960

Details

Name:	00000005.00000002.2597621177.00000000007C0000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	7C0000
Size:	61440

Details

Name:	00000005.00000003.2557112570.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	32768

Details

Name:	00000005.00000003.2595139068.0000000005E12000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E12000
Size:	32768

Details

Name:	00000005.00000003.2569522135.0000000003944000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3944000
Size:	36864

Details

Name:	00000005.00000003.2423972872.0000000003963000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3963000
Size:	8192

Details

Name:	00000005.00000002.2597657620.0000000000854000.00000004.00000020.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	854000
Size:	118784

Details

Name:	00000005.00000003.2438959306.00000000008FF000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	8FF000
Size:	65536

Details

Name:	00000004.00000002.2395204705.0000000000480000.00000004.00000040.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	480000
Size:	16384

Details

Name:	00000004.00000003.2388331679.0000000000B10000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	B10000
Size:	4096

Details

Name:	00000005.00000002.2597044243.0000000000020000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	20000
Size:	4096

Details

Name:	00000005.00000003.2509590425.0000000003903000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3903000
Size:	40960

Details

Name:	00000005.00000003.2406332050.00000000039C4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39C4000
Size:	40960

Details

Name:	00000005.00000003.2496485149.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	32768

Details

Name:	00000005.00000003.2406374314.0000000003A84000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3A84000
Size:	40960

Details

Name:	00000005.00000003.2561153422.0000000003903000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3903000
Size:	40960

Details

Name:	00000005.00000003.2396239944.00000000004D5000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D5000
Size:	12288

Details

Name:	00000005.00000003.2516329563.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	32768

Details

Name:	00000005.00000002.2598729054.000000000296E000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	296E000
Size:	4096

Details

Name:	00000005.00000003.2533574125.00000000039E4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39E4000
Size:	36864

Details

Name:	00000005.00000003.2500237799.00000000039A4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39A4000
Size:	36864

Details

Name:	00000004.00000002.2395049215.00000000001A6000.00000104.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write \| page guard
Base address:	1A6000
Size:	4096

Details

Name:	00000005.00000003.2579179699.00000000039C4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39C4000
Size:	36864

Details

Name:	00000005.00000002.2600842783.000000000642F000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	642F000
Size:	4096

Details

Name:	00000004.00000003.2389799092.0000000000490000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	490000
Size:	20480

Details

Name:	00000005.00000003.2485986029.0000000005E11000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E11000
Size:	32768

Details

Name:	00000005.00000003.2423998271.00000000039E4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39E4000
Size:	36864

Details

Name:	00000005.00000003.2569534813.0000000003984000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3984000
Size:	36864

Details

Name:	00000004.00000002.2395191470.0000000000450000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	450000
Size:	65536

Details

Name:	00000004.00000002.2402247567.000000007EF4C000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7EF4C000
Size:	4096

Details

Name:	00000005.00000002.2597600181.00000000007A0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7A0000
Size:	61440

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara signature match	System Summary

Details

Name:	00000004.00000003.2389741255.0000000000490000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	490000
Size:	45056

Details

Name:	00000005.00000003.2460514603.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	32768

Details

Name:	00000005.00000003.2396107681.00000000004D0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D0000
Size:	40960

Details

Name:	00000004.00000002.2395594433.0000000002047000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2047000
Size:	12288

Details

Name:	00000005.00000002.2597880693.0000000002150000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2150000
Size:	20480

Details

Name:	00000004.00000002.2395214040.0000000000490000.00000040.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	490000
Size:	4096

Details

Name:	00000005.00000003.2395500745.00000000004E0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4E0000
Size:	65536

Details

Name:	00000004.00000003.2387055880.0000000000AC0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AC0000
Size:	45056

Details

Name:	00000005.00000003.2540269972.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	32768

Details

Name:	00000005.00000003.2477608536.0000000005E11000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E11000
Size:	32768

Details

Name:	00000005.00000003.2538423593.0000000005E11000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E11000
Size:	36864

Details

Name:	00000005.00000002.2598807891.00000000036DE000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	36DE000
Size:	45056

Details

Name:	00000005.00000002.2599055049.00000000037DF000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	37DF000
Size:	40960

Details

Name:	00000005.00000002.2599390296.000000000484E000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	484E000
Size:	8192

Details

Name:	00000005.00000002.2598600969.000000000291D000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	291D000
Size:	4096

Details

Name:	00000005.00000002.2599466727.0000000004A1C000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4A1C000
Size:	16384

Details

Name:	00000005.00000002.2597477164.0000000000620000.00000004.00000020.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	620000
Size:	69632

Details

Name:	00000005.00000003.2444189912.00000000039A4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39A4000
Size:	36864

Details

Name:	00000005.00000003.2397312729.0000000000520000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	520000
Size:	28672

Details

Name:	00000005.00000002.2597411423.0000000000520000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	520000
Size:	53248

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara signature match	System Summary

Details

Name:	00000005.00000003.2542772576.0000000003923000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3923000
Size:	40960

Details

Name:	00000005.00000003.2396014571.00000000004D6000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D6000
Size:	4096

Details

Name:	00000005.00000002.2597218882.000000000019C000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	19C000
Size:	4096

Details

Name:	00000005.00000003.2569515267.0000000003924000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3924000
Size:	36864

Details

Name:	00000005.00000002.2597652621.0000000000837000.00000004.00000020.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	837000
Size:	8192

Details

Name:	00000004.00000003.2388633083.0000000000AC0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AC0000
Size:	16384

Details

Name:	00000005.00000003.2423951252.0000000003903000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3903000
Size:	40960

Details

Name:	00000005.00000003.2400446371.0000000002270000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2270000
Size:	28672

Details

Name:	00000004.00000003.2388664352.0000000000498000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	498000
Size:	4096

Details

Name:	00000005.00000003.2513895521.0000000005E11000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E11000
Size:	36864

Details

Name:	00000004.00000002.2395589543.0000000002040000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2040000
Size:	20480

Details

Name:	00000005.00000003.2560123566.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	32768

Details

Name:	00000005.00000003.2396275353.00000000004D6000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D6000
Size:	12288

Details

Name:	00000004.00000003.2389987601.0000000000490000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	490000
Size:	65536

Details

Name:	00000005.00000003.2398088323.0000000002120000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2120000
Size:	20480

Details

Name:	00000004.00000002.2395185430.0000000000437000.00000040.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	437000
Size:	4096

Details

Name:	00000004.00000002.2401507606.000000000487C000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	487C000
Size:	16384

Details

Name:	00000005.00000002.2597300844.0000000000400000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	400000
Size:	4096

Details

Name:	00000005.00000003.2396223671.00000000004D0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D0000
Size:	16384

Details

Name:	00000005.00000003.2561194608.00000000039C4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39C4000
Size:	36864

Details

Name:	00000005.00000003.2396302956.00000000004D6000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D6000
Size:	16384

Details

Name:	00000005.00000003.2595713393.0000000005E12000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E12000
Size:	32768

Details

Name:	00000005.00000002.2597381943.00000000004B0000.00000008.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page write copy
Base address:	4B0000
Size:	20480

Details

Name:	00000005.00000002.2597498364.000000000063C000.00000004.00000020.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	63C000
Size:	8192

Details

Name:	00000004.00000003.2389707952.0000000000490000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	490000
Size:	45056

Details

Name:	00000005.00000003.2435955248.0000000003903000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3903000
Size:	40960

Details

Name:	00000005.00000003.2533495743.0000000003923000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3923000
Size:	40960

Details

Name:	00000005.00000003.2482616160.0000000005E11000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E11000
Size:	32768

Details

Name:	00000005.00000003.2448008433.0000000000910000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	910000
Size:	32768

Details

Name:	00000005.00000003.2541463220.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	32768

Details

Name:	00000005.00000003.2395791692.00000000004D0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D0000
Size:	24576

Details

Name:	00000005.00000003.2400276752.0000000002270000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2270000
Size:	24576

Details

Name:	00000005.00000003.2435946348.00000000038E4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	38E4000
Size:	36864

Details

Name:	00000005.00000003.2587890044.0000000003923000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3923000
Size:	8192

Details

Name:	00000005.00000002.2600702062.0000000005C50000.00000004.00000040.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	5C50000
Size:	20480

Details

Name:	00000005.00000003.2579132974.0000000003984000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3984000
Size:	36864

Details

Name:	00000005.00000002.2597470836.0000000000610000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	610000
Size:	24576

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara signature match	System Summary

Details

Name:	00000005.00000003.2396169098.00000000004D5000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D5000
Size:	16384

Details

Name:	00000005.00000002.2599309202.0000000004690000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4690000
Size:	4096

Details

Name:	00000005.00000003.2395279528.0000000000240000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	240000
Size:	4096

Details

Name:	00000005.00000003.2513876595.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	32768

Details

Name:	00000005.00000003.2397195060.00000000004F0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4F0000
Size:	16384

Details

Name:	00000005.00000003.2397761446.00000000005B0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5B0000
Size:	28672

Details

Name:	00000005.00000002.2597226463.00000000001A7000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	1A7000
Size:	4096

Details

Name:	00000005.00000003.2398389136.0000000002135000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2135000
Size:	8192

Details

Name:	00000005.00000002.2599585949.0000000004A70000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4A70000
Size:	4096

Details

Name:	00000005.00000003.2396329745.00000000004D0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D0000
Size:	20480

Details

Name:	00000005.00000003.2397346181.0000000000530000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	530000
Size:	28672

Details

Name:	00000005.00000003.2587950731.00000000039C4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39C4000
Size:	36864

Details

Name:	00000005.00000003.2469204520.00000000039A4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39A4000
Size:	36864

Details

Name:	00000005.00000003.2398311465.0000000002137000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2137000
Size:	8192

Details

Name:	00000005.00000003.2491963133.00000000038E4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	38E4000
Size:	36864

Details

Name:	00000004.00000003.2387115453.0000000000AB0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AB0000
Size:	4096

Details

Name:	00000004.00000002.2395460392.0000000000B0C000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	B0C000
Size:	16384

Details

Name:	00000005.00000003.2595171700.0000000003903000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3903000
Size:	40960

Details

Name:	00000005.00000002.2597779928.0000000002050000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2050000
Size:	344064

Signature Hits	Behavior Group	Mitre Attack
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000005.00000002.2597861486.0000000002120000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2120000
Size:	8192

Details

Name:	00000005.00000003.2396364283.00000000004D6000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D6000
Size:	28672

Details

Name:	00000005.00000003.2595301499.0000000003984000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3984000
Size:	36864

Details

Name:	00000005.00000003.2542807457.00000000039C4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39C4000
Size:	36864

Details

Name:	00000005.00000003.2518055622.0000000003944000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3944000
Size:	36864

Details

Name:	00000005.00000002.2597256908.0000000000230000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	230000
Size:	65536

Details

Name:	00000005.00000002.2597488470.0000000000632000.00000004.00000020.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	632000
Size:	28672

Details

Name:	00000005.00000002.2598932675.000000000373F000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	373F000
Size:	40960

Details

Name:	00000004.00000000.2384856298.0000000000C38000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	C38000
Size:	4096

Details

Name:	00000004.00000003.2394963656.0000000000650000.00000040.00000040.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap private
Protect:	page execute and read and write
Base address:	650000
Size:	4096

Details

Name:	00000004.00000000.2384731062.0000000000B20000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	B20000
Size:	4096

Details

Name:	00000005.00000003.2500243687.00000000039C4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39C4000
Size:	36864

Details

Name:	00000004.00000003.2389964027.00000000004A0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4A0000
Size:	65536

Details

Name:	00000005.00000003.2491977215.0000000003903000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3903000
Size:	40960

Details

Name:	00000005.00000003.2525276209.00000000039A4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39A4000
Size:	36864

Details

Name:	00000005.00000003.2489474074.0000000005E11000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E11000
Size:	36864

Details

Name:	00000005.00000003.2395264911.0000000000240000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	240000
Size:	32768

Details

Name:	00000005.00000003.2500232314.0000000003984000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3984000
Size:	36864

Details

Name:	00000005.00000003.2403077060.00000000046B0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	46B0000
Size:	4096

Details

Name:	00000005.00000003.2500226763.0000000003964000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3964000
Size:	36864

Details

Name:	00000005.00000002.2601168821.000000007EF50000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	7EF50000
Size:	4096

Details

Name:	00000005.00000003.2479338400.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	32768

Details

Name:	00000005.00000002.2597513244.00000000006A0000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	6A0000
Size:	913408

Details

Name:	00000004.00000002.2395176544.0000000000420000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	420000
Size:	4096

Details

Name:	00000005.00000002.2598616880.000000000291F000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	291F000
Size:	4096

Details

Name:	00000005.00000003.2398067128.0000000002120000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2120000
Size:	28672

Details

Name:	00000005.00000003.2398534082.00000000008F3000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	8F3000
Size:	16384

Details

Name:	00000004.00000002.2401501060.000000000483D000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	483D000
Size:	12288

Details

Name:	00000005.00000003.2457972198.0000000000911000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	911000
Size:	32768

Details

Name:	00000005.00000003.2397333936.0000000000520000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	520000
Size:	24576

Details

Name:	00000005.00000003.2485942332.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	32768

Details

Name:	00000005.00000003.2423990235.00000000039C4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39C4000
Size:	36864

Details

Name:	00000005.00000003.2435977143.0000000003964000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3964000
Size:	36864

Details

Name:	00000004.00000002.2395095774.00000000002C4000.00000004.00000020.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	2C4000
Size:	118784

Details

Name:	00000005.00000003.2396487765.00000000004D0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D0000
Size:	28672

Details

Name:	00000004.00000002.2401535053.00000000049F0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	49F0000
Size:	4096

Details

Name:	00000005.00000002.2597211548.0000000000192000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	192000
Size:	4096

Details

Name:	00000005.00000003.2396271217.00000000004D0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D0000
Size:	16384

Details

Name:	00000005.00000002.2599613577.0000000004BBE000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4BBE000
Size:	8192

Details

Name:	00000005.00000003.2451394626.00000000039C4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39C4000
Size:	36864

Details

Name:	00000004.00000002.2395795154.00000000023DF000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	23DF000
Size:	4096

Details

Name:	00000005.00000003.2400425962.00000000046B0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	46B0000
Size:	53248

Details

Name:	00000005.00000003.2396141717.00000000004D0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D0000
Size:	45056

Details

Name:	00000005.00000002.2597428886.0000000000540000.00000004.00000040.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	540000
Size:	20480

Details

Name:	00000004.00000002.2395690125.00000000020F0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	20F0000
Size:	4096

Details

Name:	00000004.00000002.2395188423.000000000043B000.00000040.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	43B000
Size:	4096

Details

Name:	00000005.00000002.2597632716.0000000000810000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	810000
Size:	65536

Details

Name:	00000004.00000002.2395088184.00000000002A0000.00000004.00000020.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	2A0000
Size:	16384

Details

Name:	00000005.00000002.2597285751.0000000000358000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	358000
Size:	4096

Details

Name:	00000005.00000003.2583860647.0000000005E12000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E12000
Size:	32768

Details

Name:	00000005.00000002.2597253412.0000000000220000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	220000
Size:	4096

Details

Name:	00000004.00000002.2395223449.0000000000534000.00000004.00000040.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	534000
Size:	4096

Details

Name:	00000005.00000002.2600758830.0000000005E10000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5E10000
Size:	40960

Details

Name:	00000005.00000003.2398299197.0000000002130000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2130000
Size:	20480

Details

Name:	00000004.00000002.2402012288.0000000004E8E000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4E8E000
Size:	8192

Details

Name:	00000005.00000002.2597968351.00000000023C0000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	23C0000
Size:	2945024

Details

Name:	00000005.00000003.2435993728.00000000039A4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39A4000
Size:	36864

Details

Name:	00000004.00000002.2395632648.0000000002090000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2090000
Size:	344064

Signature Hits	Behavior Group	Mitre Attack
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000005.00000003.2553274826.00000000039A4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39A4000
Size:	36864

Details

Name:	00000004.00000002.2395085003.000000000029C000.00000040.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	29C000
Size:	8192

Details

Name:	00000005.00000003.2396983131.00000000004E0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4E0000
Size:	57344

Details

Name:	00000005.00000003.2542786816.0000000003964000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3964000
Size:	36864

Details

Name:	00000005.00000003.2444182163.0000000003984000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3984000
Size:	36864

Details

Name:	00000004.00000002.2401481511.00000000046FE000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	46FE000
Size:	8192

Details

Name:	00000005.00000003.2458452342.0000000005E11000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E11000
Size:	32768

Details

Name:	00000005.00000003.2492028753.00000000039C4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39C4000
Size:	36864

Details

Name:	00000005.00000003.2397898327.0000000000790000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	790000
Size:	16384

Details

Name:	00000005.00000003.2423977693.0000000003984000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3984000
Size:	36864

Details

Name:	00000004.00000002.2402128633.0000000006F60000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6F60000
Size:	4096

Details

Name:	00000005.00000002.2600260456.00000000053C0000.00000004.00000040.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	53C0000
Size:	4096

Details

Name:	00000004.00000002.2395217001.00000000004A0000.00000040.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	4A0000
Size:	4096

Details

Name:	00000005.00000003.2525234772.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	32768

Details

Name:	00000005.00000003.2398105242.0000000002120000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2120000
Size:	24576

Details

Name:	00000004.00000002.2395442786.0000000000A90000.00000040.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	A90000
Size:	36864

Details

Name:	00000004.00000002.2395201801.0000000000470000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	470000
Size:	4096

Details

Name:	00000005.00000003.2450445894.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	65536

Details

Name:	00000005.00000003.2435987531.0000000003984000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3984000
Size:	36864

Details

Name:	00000004.00000003.2389779183.0000000000491000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	491000
Size:	12288

Details

Name:	00000005.00000003.2542746439.00000000038E4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	38E4000
Size:	36864

Details

Name:	00000005.00000002.2597963996.00000000023BF000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	23BF000
Size:	4096

Details

Name:	00000005.00000003.2396177107.00000000004D0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D0000
Size:	24576

Details

Name:	00000004.00000003.2389760020.0000000000490000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	490000
Size:	45056

Details

Name:	00000005.00000003.2398522885.00000000008F3000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	8F3000
Size:	16384

Details

Name:	00000005.00000003.2403101773.0000000002270000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2270000
Size:	65536

Details

Name:	00000005.00000002.2597815282.00000000020B0000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	20B0000
Size:	20480

Details

Name:	00000005.00000003.2396812822.00000000004D0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D0000
Size:	16384

Details

Name:	00000005.00000003.2569506841.0000000003903000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3903000
Size:	40960

Details

Name:	00000005.00000003.2459876203.0000000003964000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3964000
Size:	36864

Details

Name:	00000005.00000002.2597502909.0000000000643000.00000004.00000020.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	643000
Size:	86016

Details

Name:	00000005.00000003.2395988380.00000000004D0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D0000
Size:	16384

Details

Name:	00000005.00000003.2398579942.0000000002150000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2150000
Size:	65536

Details

Name:	00000005.00000003.2556678238.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	32768

Details

Name:	00000005.00000003.2495823880.0000000005E11000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E11000
Size:	36864

Details

Name:	00000005.00000003.2478494004.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	32768

Details

Name:	00000005.00000003.2398497264.00000000008F7000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	8F7000
Size:	4096

Details

Name:	00000005.00000002.2597894350.0000000002170000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2170000
Size:	28672

Details

Name:	00000005.00000003.2553242826.0000000003964000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3964000
Size:	36864

Details

Name:	00000004.00000003.2387004448.0000000000AB0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AB0000
Size:	65536

Details

Name:	00000005.00000003.2542779927.0000000003944000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3944000
Size:	36864

Details

Name:	00000005.00000003.2509632728.00000000039A4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39A4000
Size:	36864

Details

Name:	00000005.00000003.2518062379.0000000003964000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3964000
Size:	36864

Details

Name:	00000005.00000003.2525261554.0000000003964000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3964000
Size:	36864

Details

Name:	00000004.00000002.2395198255.0000000000460000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	460000
Size:	12288

Details

Name:	00000004.00000002.2402048791.00000000050CD000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	50CD000
Size:	12288

Details

Name:	00000005.00000003.2542793485.0000000003984000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3984000
Size:	36864

Details

Name:	00000005.00000003.2587928779.0000000003984000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3984000
Size:	36864

Details

Name:	00000005.00000003.2406345941.0000000003A04000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3A04000
Size:	40960

Details

Name:	00000005.00000002.2597248851.0000000000210000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	210000
Size:	12288

Details

Name:	00000005.00000002.2600629001.0000000005B2D000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5B2D000
Size:	12288

Details

Name:	00000005.00000003.2406366985.0000000003A64000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3A64000
Size:	40960

Details

Name:	00000004.00000002.2395263485.0000000000590000.00000040.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	590000
Size:	65536

Details

Name:	00000005.00000003.2553215128.0000000003904000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3904000
Size:	36864

Details

Name:	00000005.00000002.2599086928.00000000037FF000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	37FF000
Size:	40960

Details

Name:	00000005.00000003.2396205034.00000000004D0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D0000
Size:	16384

Details

Name:	00000005.00000003.2561161160.0000000003923000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3923000
Size:	40960

Details

Name:	00000005.00000002.2599722592.0000000004F80000.00000002.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	4F80000
Size:	4112384

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000005.00000002.2597958524.00000000023BE000.00000104.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write \| page guard
Base address:	23BE000
Size:	4096

Details

Name:	00000004.00000003.2388382628.0000000002250000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2250000
Size:	8192

Details

Name:	00000005.00000003.2561181817.0000000003984000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3984000
Size:	36864

Details

Name:	00000005.00000003.2395786021.00000000004D6000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D6000
Size:	4096

Details

Name:	00000005.00000002.2597391227.00000000004E0000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	4E0000
Size:	65536

Details

Name:	00000005.00000003.2412806305.00000000008FC000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	8FC000
Size:	65536

Details

Name:	00000005.00000002.2600808908.00000000060BE000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	60BE000
Size:	8192

Details

Name:	00000005.00000003.2450414836.0000000000911000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	911000
Size:	61440

Details

Name:	00000004.00000003.2388674221.0000000003BD7000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3BD7000
Size:	1331200

Details

Name:	00000004.00000002.2401891128.0000000004D00000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4D00000
Size:	1064960

Details

Name:	00000005.00000003.2397236010.0000000000510000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	510000
Size:	4096

Details

Name:	00000005.00000002.2597293008.00000000003F0000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	3F0000
Size:	65536

Details

Name:	00000004.00000002.2402239082.000000007EF49000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7EF49000
Size:	4096

Details

Name:	00000005.00000003.2404302757.0000000002275000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2275000
Size:	8192

Details

Name:	00000004.00000002.2401522311.00000000049DE000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	49DE000
Size:	8192

Details

Name:	00000005.00000003.2438946704.000000000090F000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	90F000
Size:	24576

Details

Name:	00000005.00000003.2423958322.0000000003924000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3924000
Size:	36864

Details

Name:	00000005.00000002.2600320383.000000000543D000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	543D000
Size:	12288

Details

Name:	00000005.00000002.2597453930.00000000005B0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5B0000
Size:	24576

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara signature match	System Summary

Details

Name:	00000004.00000003.2389732965.0000000000490000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	490000
Size:	12288

Details

Name:	00000005.00000003.2477038428.0000000005E11000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E11000
Size:	32768

Details

Name:	00000005.00000003.2533550231.00000000039A4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39A4000
Size:	36864

Details

Name:	00000005.00000003.2395828212.00000000004D7000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D7000
Size:	12288

Details

Name:	00000005.00000002.2597715479.00000000008EE000.00000004.00000020.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	8EE000
Size:	77824

Details

Name:	00000005.00000003.2509616150.0000000003964000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3964000
Size:	36864

Details

Name:	00000005.00000002.2598751640.0000000003691000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3691000
Size:	61440

Details

Name:	00000005.00000003.2395821845.00000000004D0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D0000
Size:	20480

Details

Name:	00000004.00000003.2389824833.00000000004A0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4A0000
Size:	40960

Details

Name:	00000005.00000002.2597616840.00000000007B8000.00000004.00000040.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	7B8000
Size:	12288

Signature Hits	Behavior Group	Mitre Attack
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000005.00000003.2396047206.00000000004D0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D0000
Size:	24576

Details

Name:	00000005.00000002.2597464017.0000000000600000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	600000
Size:	28672

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara signature match	System Summary

Details

Name:	00000005.00000003.2500212153.0000000003924000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3924000
Size:	36864

Details

Name:	00000005.00000002.2599543580.0000000004A54000.00000040.00000040.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page execute and read and write
Base address:	4A54000
Size:	69632

Details

Name:	00000005.00000003.2397376321.0000000000590000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	590000
Size:	4096

Details

Name:	00000004.00000003.2386090897.00000000005B0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5B0000
Size:	8192

Details

Name:	00000005.00000003.2397436221.0000000000520000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	520000
Size:	65536

Details

Name:	00000005.00000002.2599600012.0000000004A8D000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4A8D000
Size:	8192

Details

Name:	00000005.00000003.2396163920.00000000004D0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D0000
Size:	16384

Details

Name:	00000005.00000002.2600967208.000000000681E000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	681E000
Size:	8192

Details

Name:	00000005.00000002.2598850124.00000000036FF000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	36FF000
Size:	40960

Details

Name:	00000005.00000003.2595203881.0000000003924000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3924000
Size:	36864

Details

Name:	00000004.00000002.2395320872.0000000000690000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	690000
Size:	24576

Details

Name:	00000005.00000002.2599629301.0000000004CEF000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4CEF000
Size:	4096

Details

Name:	00000005.00000003.2521944314.0000000005E11000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E11000
Size:	36864

Details

Name:	00000005.00000003.2398403914.0000000002130000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2130000
Size:	16384

Details

Name:	00000005.00000002.2597948397.00000000022BE000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22BE000
Size:	8192

Details

Name:	00000004.00000002.2395775068.000000000229E000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	229E000
Size:	8192

Details

Name:	00000005.00000002.2597196262.0000000000186000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	186000
Size:	8192

Details

Name:	00000004.00000002.2395038542.00000000000AB000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	AB000
Size:	20480

Details

Name:	00000005.00000003.2397009597.00000000008BB000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	8BB000
Size:	368640

Details

Name:	00000005.00000002.2597608398.00000000007B0000.00000004.00000040.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	7B0000
Size:	12288

Details

Name:	00000004.00000003.2385569930.00000000005A1000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A1000
Size:	8192

Details

Name:	00000004.00000000.2384745219.0000000000B22000.00000020.00020000.sdmp
TargetID:	4
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute read
Base address:	B22000
Size:	1138688

Details

Name:	00000004.00000002.2395227906.0000000000552000.00000004.00000040.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	552000
Size:	8192

Details

Name:	00000005.00000003.2444155345.0000000003923000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3923000
Size:	40960

Details

Name:	00000005.00000002.2599658438.0000000004E0E000.00000104.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write \| page guard
Base address:	4E0E000
Size:	4096

Details

Name:	00000005.00000002.2597160543.0000000000152000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	152000
Size:	8192

Details

Name:	00000005.00000003.2397840136.00000000005B0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5B0000
Size:	20480

Details

Name:	00000005.00000003.2396126030.00000000004DC000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4DC000
Size:	16384

Details

Name:	00000005.00000003.2406360228.0000000003A44000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3A44000
Size:	40960

Details

Name:	00000005.00000003.2553282253.00000000039C4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39C4000
Size:	36864

Details

Name:	00000005.00000003.2398615940.00000000038E4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	38E4000
Size:	40960

Details

Name:	00000005.00000003.2444164543.0000000003944000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3944000
Size:	36864

Details

Name:	00000005.00000002.2598781561.00000000036B6000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	36B6000
Size:	40960

Details

Name:	00000005.00000003.2569528418.0000000003964000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3964000
Size:	36864

Details

Name:	00000004.00000002.2395060464.00000000001F0000.00000004.00000020.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	1F0000
Size:	61440

Details

Name:	00000004.00000002.2402146632.0000000007190000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7190000
Size:	786432

Details

Name:	00000004.00000002.2395304567.000000000062E000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	62E000
Size:	8192

Details

Name:	00000005.00000003.2560132310.0000000005E12000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E12000
Size:	32768

Details

Name:	00000005.00000002.2597166544.000000000015A000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	15A000
Size:	8192

Details

Name:	00000004.00000001.2384937573.0000000000B20000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	image loaded
Regiontype:	unkown image
Protect:	page readonly
Base address:	B20000
Size:	4096

Details

Name:	00000005.00000003.2395770744.00000000004D0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D0000
Size:	28672

Details

Name:	00000005.00000003.2542754418.0000000003903000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3903000
Size:	40960

Details

Name:	00000005.00000002.2597613018.00000000007B6000.00000004.00000040.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	7B6000
Size:	4096

Details

Name:	00000004.00000002.2402021330.0000000004FBE000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4FBE000
Size:	8192

Details

Name:	00000004.00000002.2402063361.00000000052BE000.00000104.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write \| page guard
Base address:	52BE000
Size:	4096

Details

Name:	00000004.00000002.2397319599.00000000026B1000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	26B1000
Size:	225280

Details

Name:	00000005.00000003.2518048641.0000000003923000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3923000
Size:	40960

Details

Name:	00000005.00000002.2598314242.0000000002789000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2789000
Size:	729088

Details

Name:	00000005.00000003.2435970918.0000000003944000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3944000
Size:	36864

Details

Name:	00000005.00000003.2404279724.0000000002270000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2270000
Size:	16384

Details

Name:	00000005.00000003.2396842810.00000000004D5000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D5000
Size:	4096

Details

Name:	00000005.00000002.2599112900.000000000381F000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	381F000
Size:	40960

Details

Name:	00000005.00000003.2398376421.0000000002130000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2130000
Size:	16384

Details

Name:	00000005.00000003.2469079701.0000000003923000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3923000
Size:	40960

Details

Name:	00000005.00000003.2518069170.0000000003984000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3984000
Size:	36864

Details

Name:	00000005.00000003.2490654411.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	32768

Details

Name:	00000004.00000002.2395466211.0000000000B20000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	B20000
Size:	4096

Details

Name:	00000005.00000002.2600898503.000000000662E000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	662E000
Size:	8192

Details

Name:	00000005.00000003.2554592999.0000000005E12000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E12000
Size:	32768

Details

Name:	00000005.00000003.2423943341.00000000038E4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	38E4000
Size:	36864

Details

Name:	00000005.00000003.2492039636.00000000039E4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39E4000
Size:	36864

Details

Name:	00000004.00000002.2395308463.0000000000630000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	630000
Size:	53248

Details

Name:	00000005.00000003.2395781091.00000000004D0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D0000
Size:	16384

Details

Name:	00000005.00000003.2561187779.00000000039A4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39A4000
Size:	36864

Details

Name:	00000004.00000002.2395123158.000000000031D000.00000004.00000020.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	31D000
Size:	118784

Details

Name:	00000005.00000003.2395705939.00000000004E0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4E0000
Size:	28672

Details

Name:	00000005.00000003.2398507861.00000000008FE000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	8FE000
Size:	4096

Details

Name:	00000005.00000002.2601208492.000000007EFDF000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7EFDF000
Size:	4096

Details

Name:	00000005.00000003.2406283682.0000000003923000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3923000
Size:	45056

Details

Name:	00000005.00000002.2597422368.0000000000537000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	537000
Size:	36864

Details

Name:	00000004.00000002.2395179461.0000000000422000.00000040.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	422000
Size:	4096

Details

Name:	00000005.00000003.2458440404.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	98304

Details

Name:	00000005.00000003.2396290209.00000000004D0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D0000
Size:	16384

Details

Name:	00000005.00000003.2482044084.0000000005E11000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E11000
Size:	32768

Details

Name:	00000005.00000003.2459924514.00000000039C4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39C4000
Size:	36864

Details

Name:	00000005.00000003.2569540880.00000000039A4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39A4000
Size:	36864

Details

Name:	00000005.00000003.2509651224.00000000039E4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39E4000
Size:	36864

Details

Name:	00000005.00000002.2597875721.0000000002140000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2140000
Size:	12288

Details

Name:	00000005.00000003.2398570401.0000000002160000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2160000
Size:	61440

Details

Name:	00000005.00000002.2600721121.0000000005D2E000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5D2E000
Size:	8192

Details

Name:	00000005.00000002.2599714606.0000000004F4E000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4F4E000
Size:	8192

Details

Name:	00000004.00000003.2388387113.0000000002200000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2200000
Size:	65536

Details

Name:	00000005.00000003.2451347976.0000000003964000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3964000
Size:	36864

Details

Name:	00000005.00000003.2557121210.0000000005E12000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E12000
Size:	32768

Details

Name:	00000005.00000003.2525243126.0000000005E11000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E11000
Size:	36864

Details

Name:	00000005.00000003.2509643402.00000000039C4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	39C4000
Size:	36864

Details

Name:	00000005.00000002.2597647597.0000000000830000.00000004.00000020.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	830000
Size:	16384

Details

Name:	00000005.00000003.2477029727.0000000000901000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	901000
Size:	32768

Details

Name:	00000005.00000003.2397187004.00000000004F7000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4F7000
Size:	8192

Details

Name:	00000005.00000003.2561168161.0000000003944000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3944000
Size:	36864

Details

Name:	00000005.00000003.2469067603.0000000003903000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3903000
Size:	40960

Details

Name:	00000004.00000003.2385590965.00000000005A1000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A1000
Size:	12288

Details

Name:	00000005.00000003.2497278516.0000000005E11000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E11000
Size:	36864

Details

Name:	00000005.00000003.2451336767.0000000003944000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3944000
Size:	36864

Details

Name:	00000005.00000003.2469091301.0000000003944000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3944000
Size:	36864

Details

Name:	00000005.00000003.2397402635.0000000000530000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	530000
Size:	49152

Details

Name:	00000004.00000003.2388577509.0000000000AC0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AC0000
Size:	45056

Details

Name:	00000005.00000003.2398225350.0000000002130000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2130000
Size:	53248

Details

Name:	00000005.00000002.2597417656.0000000000530000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	530000
Size:	24576

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOCReport

Files

Processes

URLs

Domains

IPs

Registry

Memdumps