Automated Malware Analysis IOC Report for

Details

Name:	00000001.00000002.801702027.00000000036B5000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	36B5000
Size:	188416

Signature Hits	Behavior Group	Mitre Attack
Found malware configuration	AV Detection
Malicious sample detected (through community Yara rule)	System Summary
Yara detected FormBook	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
Yara signature match	System Summary

Details

Name:	00000001.00000002.796802403.0000000000052000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	52000
Size:	536576

Signature Hits	Behavior Group	Mitre Attack
Yara detected Costura Assembly Loader	Data Obfuscation

Details

Name:	00000001.00000002.800519998.0000000003546000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3546000
Size:	753664

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected FormBook	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
Sample file is different than original file name gathered from version info	System Summary
Yara signature match	System Summary

Details

Name:	00000011.00000002.909870472.0000000000EA0000.00000040.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	EA0000
Size:	188416

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected FormBook	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
Yara signature match	System Summary

Details

Name:	0000000E.00000000.795971862.00000000004E2000.00000002.00020000.sdmp
TargetID:	14
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	4E2000
Size:	536576

Signature Hits	Behavior Group	Mitre Attack
Yara detected Costura Assembly Loader	Data Obfuscation

Details

Name:	0000000D.00000002.794448799.0000000000372000.00000002.00020000.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	372000
Size:	536576

Signature Hits	Behavior Group	Mitre Attack
Yara detected Costura Assembly Loader	Data Obfuscation

Details

Name:	0000000E.00000002.847561501.0000000000EF0000.00000040.00000001.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	EF0000
Size:	188416

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected FormBook	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
Yara signature match	System Summary

Details

Name:	0000000E.00000000.795210062.00000000004E2000.00000002.00020000.sdmp
TargetID:	14
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	4E2000
Size:	536576

Signature Hits	Behavior Group	Mitre Attack
Yara detected Costura Assembly Loader	Data Obfuscation

Details

Name:	00000001.00000000.641852004.0000000000052000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	52000
Size:	536576

Signature Hits	Behavior Group	Mitre Attack
Yara detected Costura Assembly Loader	Data Obfuscation

Details

Name:	00000001.00000002.798914394.00000000023F1000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	23F1000
Size:	229376

Signature Hits	Behavior Group	Mitre Attack
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)	Malware Analysis System Evasion	Security Software Discovery
Yara detected Costura Assembly Loader	Data Obfuscation
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	0000000E.00000002.846927570.00000000004E2000.00000002.00020000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	4E2000
Size:	536576

Signature Hits	Behavior Group	Mitre Attack
Yara detected Costura Assembly Loader	Data Obfuscation

Details

Name:	0000000E.00000000.795869224.0000000000400000.00000040.00000001.sdmp
TargetID:	14
Dumpstage:	process new
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	400000
Size:	188416

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected FormBook	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
Yara signature match	System Summary

Details

Name:	00000011.00000002.910711070.0000000004C80000.00000040.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	4C80000
Size:	188416

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected FormBook	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
Yara signature match	System Summary

Details

Name:	00000001.00000002.801275490.000000000361B000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	361B000
Size:	491520

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected FormBook	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
Yara signature match	System Summary

Details

Name:	00000011.00000002.910650632.0000000004BF6000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4BF6000
Size:	544768

Signature Hits	Behavior Group	Mitre Attack
Yara detected Costura Assembly Loader	Data Obfuscation

Details

Name:	0000000E.00000002.846851933.0000000000400000.00000040.00000001.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	400000
Size:	188416

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected FormBook	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
Yara signature match	System Summary

Details

Name:	00000011.00000002.911108077.000000000556F000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	556F000
Size:	544768

Signature Hits	Behavior Group	Mitre Attack
Yara detected Costura Assembly Loader	Data Obfuscation

Details

Name:	0000000E.00000002.848641291.0000000001250000.00000040.00000001.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	1250000
Size:	188416

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected FormBook	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
Yara signature match	System Summary

Details

Name:	00000011.00000002.910769999.0000000004E10000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4E10000
Size:	188416

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected FormBook	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
Yara signature match	System Summary

Details

Name:	0000000D.00000000.793684008.0000000000372000.00000002.00020000.sdmp
TargetID:	13
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	372000
Size:	536576

Signature Hits	Behavior Group	Mitre Attack
Yara detected Costura Assembly Loader	Data Obfuscation

Details

Name:	00000009.00000003.745608995.000001C24DDAE000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DDAE000
Size:	335872

Details

Name:	00000010.00000000.835202950.0000000003FD2000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3FD2000
Size:	4096

Details

Name:	0000000B.00000002.792838679.00000047E69CE000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	47E69CE000
Size:	8192

Details

Name:	00000010.00000000.810842934.00000000043F0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	43F0000
Size:	77824

Details

Name:	00000010.00000000.830419476.0000000002A39000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2A39000
Size:	28672

Details

Name:	00000010.00000000.832400537.00000000038F5000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	38F5000
Size:	49152

Details

Name:	0000000E.00000003.797769592.00000000009C4000.00000004.00000001.sdmp
TargetID:	14
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	9C4000
Size:	4096

Details

Name:	00000001.00000003.691758442.0000000004BD0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4BD0000
Size:	61440

Details

Name:	00000010.00000000.821315362.00007FF595F15000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF595F15000
Size:	12288

Details

Name:	00000001.00000002.798768143.0000000000BC0000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	BC0000
Size:	401408

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	00000006.00000002.706202745.00007FF530AC3000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF530AC3000
Size:	24576

Details

Name:	00000002.00000002.644938429.00007FF589DF4000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589DF4000
Size:	20480

Details

Name:	00000010.00000000.821529638.00007FF595F35000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF595F35000
Size:	20480

Details

Name:	0000000E.00000003.797782282.00000000009C4000.00000004.00000001.sdmp
TargetID:	14
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	9C4000
Size:	4096

Details

Name:	00000007.00000002.721139822.00007FF528D9A000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF528D9A000
Size:	12288

Details

Name:	00000010.00000000.810709174.00000000043A2000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	43A2000
Size:	86016

Details

Name:	00000010.00000000.825193225.0000000000720000.00000004.00000040.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	heap private
Protect:	page read and write
Base address:	720000
Size:	4096

Details

Name:	00000006.00000002.706035861.00007FF5308E7000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5308E7000
Size:	8192

Details

Name:	00000010.00000000.822337334.00007FF5961F5000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5961F5000
Size:	24576

Details

Name:	00000009.00000003.743165292.000001C24DD5F000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD5F000
Size:	32768

Details

Name:	00000010.00000000.820100867.000000000E6DB000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	E6DB000
Size:	20480

Details

Name:	00000009.00000003.743603798.000001C24E222000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24E222000
Size:	24576

Details

Name:	00000010.00000000.815318204.00000000075F7000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	75F7000
Size:	24576

Details

Name:	00000011.00000002.910354736.0000000003005000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3005000
Size:	8192

Details

Name:	00000011.00000002.910408491.0000000003035000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3035000
Size:	4096

Details

Name:	00000010.00000000.811945707.00000000052CE000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	52CE000
Size:	8192

Details

Name:	00000010.00000000.822760942.00007FF596384000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596384000
Size:	16384

Details

Name:	00000001.00000003.693086322.00000000049A0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	49A0000
Size:	65536

Details

Name:	00000004.00000002.667154184.00007FF5B3783000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B3783000
Size:	8192

Details

Name:	00000010.00000000.830905378.0000000002C7A000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2C7A000
Size:	36864

Details

Name:	00000004.00000002.666449321.000001E73F802000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1E73F802000
Size:	65536

Details

Name:	00000011.00000003.849243604.00000000010C4000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	10C4000
Size:	4096

Details

Name:	00000003.00000002.647954019.00007FF56521F000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF56521F000
Size:	8192

Details

Name:	00000010.00000000.830605917.0000000002BA0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2BA0000
Size:	65536

Details

Name:	00000010.00000000.813817571.00000000066D6000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	66D6000
Size:	4096

Details

Name:	00000007.00000002.721114258.00007FF528D2D000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF528D2D000
Size:	16384

Details

Name:	0000000E.00000002.848725345.0000000001350000.00000004.00000040.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	1350000
Size:	8192

Details

Name:	0000000F.00000000.798176421.00007FF5BB402000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BB402000
Size:	16384

Details

Name:	00000010.00000000.803915116.0000000002FF0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2FF0000
Size:	634880

Details

Name:	00000001.00000003.691977765.00000000049D2000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	49D2000
Size:	4096

Details

Name:	00000010.00000000.804149899.0000000003130000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3130000
Size:	32768

Details

Name:	0000000B.00000003.778929285.0000017913C69000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17913C69000
Size:	32768

Details

Name:	00000010.00000000.831743015.00000000035B2000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	35B2000
Size:	69632

Details

Name:	00000010.00000000.816622522.0000000007AED000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	7AED000
Size:	12288

Details

Name:	00000009.00000003.739744720.000001C24DD44000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD44000
Size:	8192

Details

Name:	00000010.00000000.836913590.0000000004830000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4830000
Size:	4096

Details

Name:	00000001.00000003.691670424.0000000004C70000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4C70000
Size:	65536

Details

Name:	0000000F.00000002.802674741.00007FF5BAB6D000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BAB6D000
Size:	12288

Details

Name:	00000010.00000000.821415839.00007FF595F30000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF595F30000
Size:	4096

Details

Name:	00000002.00000002.644985860.00007FF589E84000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589E84000
Size:	20480

Details

Name:	00000010.00000000.806950078.0000000003782000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3782000
Size:	86016

Details

Name:	00000010.00000000.811637579.0000000004D10000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4D10000
Size:	8192

Details

Name:	0000000B.00000002.793300755.0000017913C8C000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17913C8C000
Size:	4096

Details

Name:	0000000B.00000002.795419369.00007FF5DF9FD000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5DF9FD000
Size:	12288

Details

Name:	00000009.00000002.762942668.000001C24E300000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24E300000
Size:	4096

Details

Name:	0000000B.00000002.795835353.00007FF5DFFF9000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5DFFF9000
Size:	4096

Details

Name:	0000000A.00000002.745589289.000000219C97E000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	219C97E000
Size:	8192

Details

Name:	00000010.00000000.822895259.00007FF5963F8000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5963F8000
Size:	20480

Details

Name:	00000007.00000002.721101245.00007FF528D29000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF528D29000
Size:	12288

Details

Name:	0000000B.00000002.794782147.0000017915C80000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	17915C80000
Size:	40960

Details

Name:	00000001.00000003.792787072.0000000000600000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	600000
Size:	12288

Details

Name:	00000001.00000003.692708879.0000000004B80000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4B80000
Size:	65536

Details

Name:	00000006.00000002.706693769.00007FF530BDE000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF530BDE000
Size:	16384

Details

Name:	00000010.00000000.820967967.000000000FD97000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	FD97000
Size:	4096

Details

Name:	00000010.00000000.830820088.0000000002BFE000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2BFE000
Size:	139264

Details

Name:	00000010.00000000.816356941.00000000078E3000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	78E3000
Size:	49152

Details

Name:	00000010.00000000.814148675.0000000006822000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	6822000
Size:	8192

Details

Name:	0000000B.00000003.789103097.0000017913C8E000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17913C8E000
Size:	49152

Details

Name:	00000010.00000000.811277544.0000000004863000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4863000
Size:	12288

Details

Name:	00000010.00000000.818164283.000000000B66E000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	B66E000
Size:	8192

Details

Name:	00000010.00000000.803110525.0000000002AC0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2AC0000
Size:	8192

Details

Name:	00000004.00000002.667202156.00007FF5B38CA000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B38CA000
Size:	4096

Details

Name:	00000001.00000002.798104536.00000000006B2000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6B2000
Size:	4096

Details

Name:	00000010.00000000.802058915.0000000000BAB000.00000004.00000020.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	heap default
Protect:	page read and write
Base address:	BAB000
Size:	8192

Details

Name:	00000009.00000002.763196956.00007FF57E9EE000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57E9EE000
Size:	12288

Details

Name:	0000000B.00000003.792050401.0000017915F43000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17915F43000
Size:	229376

Details

Name:	00000010.00000000.831904946.0000000003782000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3782000
Size:	86016

Details

Name:	00000010.00000000.831760733.00000000035CB000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	35CB000
Size:	1597440

Details

Name:	00000006.00000002.706045700.00007FF5308F0000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5308F0000
Size:	4096

Details

Name:	00000001.00000002.803230022.0000000004DCE000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4DCE000
Size:	8192

Details

Name:	00000010.00000000.835327051.0000000004060000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4060000
Size:	4096

Details

Name:	00000010.00000000.822190532.00007FF596185000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596185000
Size:	4096

Details

Name:	00000001.00000003.691920701.0000000004B20000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4B20000
Size:	65536

Details

Name:	00000009.00000002.761619289.0000004D5E98F000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4D5E98F000
Size:	4096

Details

Name:	00000010.00000000.814409118.0000000006839000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	6839000
Size:	4096

Details

Name:	00000001.00000002.798173528.00000000006C5000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6C5000
Size:	4096

Details

Name:	00000010.00000000.818836775.000000000C970000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	C970000
Size:	942080

Details

Name:	00000010.00000000.831200633.0000000002FE0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2FE0000
Size:	16384

Details

Name:	0000000B.00000002.794523479.0000017915BE9000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17915BE9000
Size:	4096

Details

Name:	0000000F.00000002.801836314.000002197EBA0000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2197EBA0000
Size:	4096

Details

Name:	00000010.00000000.811016313.00000000046D0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	46D0000
Size:	8192

Details

Name:	00000001.00000002.798881042.0000000000C40000.00000004.00000040.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	C40000
Size:	12288

Details

Name:	00000010.00000000.811617000.0000000004CF0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4CF0000
Size:	8192

Details

Name:	00000010.00000000.818018881.000000000ACEB000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	ACEB000
Size:	20480

Details

Name:	00000002.00000002.644745825.00007FF589601000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589601000
Size:	4096

Details

Name:	00000010.00000000.822999033.00007FF59647B000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59647B000
Size:	45056

Details

Name:	00000011.00000002.910915461.000000000515B000.00000040.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	515B000
Size:	4096

Details

Name:	00000004.00000002.666331397.0000007EE0F7D000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7EE0F7D000
Size:	12288

Details

Name:	00000010.00000000.810994017.0000000004625000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4625000
Size:	45056

Details

Name:	00000010.00000000.812979043.00000000058C0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	58C0000
Size:	1269760

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	0000000A.00000003.745370756.000001D2E3FE6000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1D2E3FE6000
Size:	28672

Details

Name:	00000010.00000000.819166845.000000000D060000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	D060000
Size:	4096

Details

Name:	00000010.00000000.813922890.0000000006781000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	6781000
Size:	61440

Details

Name:	00000010.00000000.821082429.00007DF4A9651000.00000020.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page execute read
Base address:	7DF4A9651000
Size:	4096

Details

Name:	00000010.00000000.808304395.0000000003F27000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3F27000
Size:	40960

Details

Name:	00000010.00000000.837768756.00000000052D0000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	52D0000
Size:	5242880

Details

Name:	00000010.00000000.811875762.0000000005087000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	5087000
Size:	36864

Details

Name:	0000000B.00000002.796033458.00007FF5E017F000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E017F000
Size:	8192

Details

Name:	00000010.00000000.819371062.000000000D9E0000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	D9E0000
Size:	5242880

Details

Name:	00000010.00000000.803049620.0000000002930000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2930000
Size:	16384

Details

Name:	00000010.00000000.817891573.000000000AA6F000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	AA6F000
Size:	4096

Details

Name:	00000009.00000002.761702415.0000004D5F179000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4D5F179000
Size:	28672

Details

Name:	00000010.00000000.831211520.0000000002FF0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2FF0000
Size:	634880

Details

Name:	00000010.00000000.822481865.00007FF5962A1000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5962A1000
Size:	20480

Details

Name:	00000009.00000003.747668912.000001C24DD82000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD82000
Size:	106496

Details

Name:	00000003.00000002.648126073.00007FF56557C000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF56557C000
Size:	4096

Details

Name:	00000001.00000003.793884139.00000000006C4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000010.00000000.816510169.000000000790C000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	790C000
Size:	49152

Details

Name:	00000010.00000000.823498931.00007FF5965C0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5965C0000
Size:	32768

Details

Name:	00000009.00000003.747933842.000001C24DD92000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD92000
Size:	40960

Details

Name:	00000010.00000000.835086784.0000000003F94000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3F94000
Size:	110592

Details

Name:	00000003.00000003.646513050.000001BD50E6B000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BD50E6B000
Size:	32768

Details

Name:	00000010.00000000.836998356.0000000004880000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4880000
Size:	4096

Details

Name:	0000000B.00000003.786428764.0000017916510000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17916510000
Size:	421888

Details

Name:	00000010.00000000.818153018.000000000B4EC000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	B4EC000
Size:	16384

Details

Name:	00000010.00000000.827561120.000000000255B000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	255B000
Size:	4096

Details

Name:	00000003.00000002.647026246.000001BD50CE0000.00000008.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page write copy
Base address:	1BD50CE0000
Size:	266240

Details

Name:	0000000B.00000002.793420754.00000179156A0000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	179156A0000
Size:	3371008

Details

Name:	00000009.00000002.762299476.000001C24D600000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1C24D600000
Size:	4096

Details

Name:	00000010.00000000.823299926.00007FF59653C000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59653C000
Size:	24576

Details

Name:	00000001.00000002.803190801.0000000004B5E000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4B5E000
Size:	8192

Details

Name:	00000001.00000003.796452720.00000000006C4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	6C4000
Size:	8192

Details

Name:	0000000F.00000002.800319196.000002197CFD0000.00000004.00000040.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2197CFD0000
Size:	4096

Details

Name:	0000000B.00000002.795351918.0000017917200000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17917200000
Size:	4096

Details

Name:	00000001.00000002.802816681.0000000004960000.00000040.00000040.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page execute and read and write
Base address:	4960000
Size:	4096

Details

Name:	00000010.00000000.823438483.00007FF5965A7000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5965A7000
Size:	12288

Details

Name:	00000010.00000000.822019172.00007FF59612E000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59612E000
Size:	20480

Details

Name:	00000001.00000003.692842308.0000000004B20000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4B20000
Size:	28672

Details

Name:	00000010.00000000.817488308.000000000A7FB000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	A7FB000
Size:	12288

Details

Name:	00000010.00000000.825396748.0000000000AA0000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	AA0000
Size:	8192

Details

Name:	00000009.00000003.750401881.000001C24DD83000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD83000
Size:	12288

Details

Name:	00000011.00000002.910287095.0000000002E76000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2E76000
Size:	20480

Details

Name:	00000010.00000000.821272410.00007FF595ECB000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF595ECB000
Size:	4096

Details

Name:	00000010.00000000.818175029.000000000B6E8000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	B6E8000
Size:	32768

Details

Name:	00000003.00000002.648161411.00007FF5655A4000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5655A4000
Size:	20480

Details

Name:	00000007.00000002.721084743.00007FF528D1E000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF528D1E000
Size:	16384

Details

Name:	00000010.00000000.817120025.000000000A68A000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	A68A000
Size:	143360

Details

Name:	00000006.00000002.706663348.00007FF530BD8000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF530BD8000
Size:	12288

Details

Name:	00000007.00000002.720142014.000002083A508000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2083A508000
Size:	12288

Details

Name:	0000000E.00000003.797722865.00000000009C4000.00000004.00000001.sdmp
TargetID:	14
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	9C4000
Size:	4096

Details

Name:	00000010.00000000.835819593.00000000041F0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	41F0000
Size:	118784

Details

Name:	00000009.00000003.745893962.000001C24DD8D000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD8D000
Size:	45056

Details

Name:	00000010.00000000.814124414.000000000681C000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	681C000
Size:	12288

Details

Name:	00000002.00000002.644825800.00007FF589CA3000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589CA3000
Size:	8192

Details

Name:	00000010.00000000.814662009.0000000006FE6000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	6FE6000
Size:	40960

Details

Name:	0000000B.00000002.793294003.0000017913C85000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17913C85000
Size:	20480

Details

Name:	00000006.00000002.705085196.000000E388D77000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	E388D77000
Size:	36864

Details

Name:	00000009.00000002.764340613.00007FF57ED83000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57ED83000
Size:	8192

Details

Name:	00000003.00000002.647141196.000001BD50E02000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1BD50E02000
Size:	65536

Details

Name:	00000009.00000002.765455594.00007FF57EECA000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EECA000
Size:	20480

Details

Name:	00000002.00000002.644332347.000001FC47CC0000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1FC47CC0000
Size:	4096

Details

Name:	00000010.00000000.820176664.000000000ECA4000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	ECA4000
Size:	229376

Details

Name:	0000000D.00000001.794354903.0000000000370000.00000002.00020000.sdmp
TargetID:	13
Dumpstage:	image loaded
Regiontype:	unkown image
Protect:	page readonly
Base address:	370000
Size:	4096

Details

Name:	00000010.00000000.811579651.0000000004C50000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4C50000
Size:	8192

Details

Name:	00000010.00000000.825420834.0000000000AC0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	AC0000
Size:	16384

Details

Name:	00000010.00000000.802972966.00000000028C0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	28C0000
Size:	8192

Details

Name:	00000009.00000003.751564897.000001C24DD51000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD51000
Size:	53248

Details

Name:	00000004.00000003.666163373.000001E73F84A000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1E73F84A000
Size:	24576

Details

Name:	00000011.00000002.910738566.0000000004D00000.00000004.00000040.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	4D00000
Size:	4096

Details

Name:	00000004.00000002.667313834.00007FF5B3948000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B3948000
Size:	12288

Details

Name:	00000001.00000002.797562294.00000000004F5000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4F5000
Size:	45056

Details

Name:	00000010.00000000.825314072.0000000000A50000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	A50000
Size:	65536

Details

Name:	00000010.00000000.831155734.0000000002F80000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2F80000
Size:	40960

Details

Name:	00000004.00000002.667119308.00007FF5B31E2000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B31E2000
Size:	4096

Details

Name:	00000010.00000000.807020305.0000000003817000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3817000
Size:	40960

Details

Name:	00000009.00000003.738336915.000001C24DD96000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD96000
Size:	73728

Details

Name:	00000010.00000000.808345574.0000000003F59000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3F59000
Size:	24576

Details

Name:	0000000B.00000003.792083209.0000017915F83000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17915F83000
Size:	229376

Details

Name:	00000010.00000000.837299354.0000000004C50000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4C50000
Size:	8192

Details

Name:	00000010.00000000.819150048.000000000CF05000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	CF05000
Size:	4096

Details

Name:	00000010.00000000.825346427.0000000000A70000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	A70000
Size:	8192

Details

Name:	00000010.00000000.811790809.0000000004F60000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4F60000
Size:	77824

Details

Name:	00000010.00000000.801661949.0000000000B64000.00000004.00000020.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	heap default
Protect:	page read and write
Base address:	B64000
Size:	57344

Details

Name:	00000010.00000000.814789542.0000000007133000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7133000
Size:	151552

Details

Name:	00000001.00000003.692050394.0000000000C30000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	C30000
Size:	65536

Details

Name:	00000010.00000000.819094591.000000000CE93000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	CE93000
Size:	57344

Details

Name:	00000010.00000000.834847602.0000000003F27000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3F27000
Size:	40960

Details

Name:	00000010.00000000.814623350.0000000006D48000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	6D48000
Size:	32768

Details

Name:	00000007.00000002.719895985.000000E496B7F000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	E496B7F000
Size:	4096

Details

Name:	00000003.00000002.648012764.00007FF5653A9000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5653A9000
Size:	4096

Details

Name:	00000009.00000003.739707712.000001C24DD1D000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD1D000
Size:	45056

Details

Name:	00000011.00000002.910746121.0000000004D10000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4D10000
Size:	163840

Details

Name:	0000000E.00000003.824836313.0000000000AFC000.00000004.00000001.sdmp
TargetID:	14
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AFC000
Size:	4096

Details

Name:	00000010.00000000.803206015.0000000002BC0000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2BC0000
Size:	122880

Details

Name:	00000010.00000000.823338346.00007FF59656D000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59656D000
Size:	20480

Details

Name:	0000000B.00000002.796041725.00007FF5E018A000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E018A000
Size:	4096

Details

Name:	00000001.00000002.799062070.000000000248D000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	248D000
Size:	4739072

Details

Name:	00000010.00000000.834667256.0000000003EA2000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3EA2000
Size:	73728

Details

Name:	00000010.00000000.807758519.0000000003CDB000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3CDB000
Size:	1859584

Details

Name:	00000009.00000002.762294583.000001C24D513000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24D513000
Size:	8192

Details

Name:	00000010.00000000.823786665.00007FF59667E000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59667E000
Size:	12288

Details

Name:	00000010.00000000.825272159.0000000000A20000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	A20000
Size:	8192

Details

Name:	00000010.00000000.835345998.0000000004062000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4062000
Size:	69632

Details

Name:	0000000B.00000003.789212391.0000017917202000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17917202000
Size:	262144

Details

Name:	00000011.00000002.910519868.00000000030CC000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	30CC000
Size:	12288

Details

Name:	00000010.00000000.837556347.0000000004FC0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4FC0000
Size:	8192

Details

Name:	00000009.00000003.739684609.000001C24DD7F000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD7F000
Size:	24576

Details

Name:	00000001.00000002.798370224.00000000007CA000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	7CA000
Size:	155648

Signature Hits	Behavior Group	Mitre Attack
Creates a DirectInput object (often for capturing keystrokes)	Key, Mouse, Clipboard, Microphone and Screen Capturing	Input Capture
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	00000009.00000003.739749941.000001C24DD47000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD47000
Size:	8192

Details

Name:	00000009.00000002.763861194.00007FF57EC46000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EC46000
Size:	4096

Details

Name:	00000010.00000000.802420465.00000000024F0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	24F0000
Size:	49152

Details

Name:	0000000A.00000002.745959177.00007FF571C93000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF571C93000
Size:	8192

Details

Name:	00000010.00000000.836049038.0000000004292000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4292000
Size:	192512

Details

Name:	00000009.00000003.740889270.000001C24DDA4000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DDA4000
Size:	114688

Details

Name:	00000009.00000002.763564078.00007FF57EB5A000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EB5A000
Size:	4096

Details

Name:	00000006.00000002.706571714.00007FF530B9C000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF530B9C000
Size:	4096

Details

Name:	00000010.00000000.823464411.00007FF5965B2000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5965B2000
Size:	8192

Details

Name:	00000010.00000000.803168317.0000000002B50000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2B50000
Size:	24576

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000010.00000000.803086775.0000000002A39000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2A39000
Size:	28672

Details

Name:	00000004.00000002.667265468.00007FF5B390C000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B390C000
Size:	4096

Details

Name:	00000010.00000000.836175628.0000000004320000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4320000
Size:	61440

Details

Name:	0000000B.00000002.792911627.00000047E717C000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	47E717C000
Size:	16384

Details

Name:	00000010.00000000.814182098.000000000682D000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	682D000
Size:	4096

Details

Name:	00000001.00000003.642433286.0000000000720000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	720000
Size:	28672

Details

Name:	00000004.00000003.666148406.000001E73F850000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1E73F850000
Size:	110592

Details

Name:	00000001.00000003.691633076.0000000004CB0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4CB0000
Size:	65536

Details

Name:	00000009.00000003.740931734.000001C24DD74000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD74000
Size:	167936

Details

Name:	0000000B.00000003.791432922.0000017913D1F000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17913D1F000
Size:	4096

Details

Name:	00000009.00000002.762304536.000001C24DA60000.00000008.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page write copy
Base address:	1C24DA60000
Size:	266240

Details

Name:	00000009.00000002.762096887.000001C24D482000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24D482000
Size:	20480

Details

Name:	00000010.00000000.803559605.0000000002D3C000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2D3C000
Size:	4096

Details

Name:	00000010.00000000.836201009.0000000004330000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4330000
Size:	110592

Details

Name:	0000000E.00000002.847460806.0000000000AF0000.00000004.00000020.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	AF0000
Size:	28672

Details

Name:	00000004.00000002.666326344.0000007EE0E7F000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7EE0E7F000
Size:	4096

Details

Name:	0000000E.00000003.797793444.00000000009C4000.00000004.00000001.sdmp
TargetID:	14
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	9C4000
Size:	4096

Details

Name:	00000006.00000002.706362245.00007FF530B6A000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF530B6A000
Size:	8192

Details

Name:	00000010.00000000.835941020.0000000004246000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4246000
Size:	8192

Details

Name:	0000000B.00000002.795730290.00007FF5DFFC5000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5DFFC5000
Size:	4096

Details

Name:	0000000F.00000002.802978130.00007FF5BB378000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BB378000
Size:	12288

Details

Name:	0000000B.00000002.795484159.00007FF5DFD02000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5DFD02000
Size:	4096

Details

Name:	00000010.00000000.830941009.0000000002CA7000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2CA7000
Size:	16384

Details

Name:	0000000F.00000002.802720760.00007FF5BB0CB000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BB0CB000
Size:	12288

Details

Name:	00000010.00000000.811720568.0000000004ED4000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4ED4000
Size:	147456

Details

Name:	00000010.00000000.823228214.00007FF5964F7000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5964F7000
Size:	4096

Details

Name:	00000010.00000000.823848972.00007FF5966B3000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5966B3000
Size:	81920

Details

Name:	00000010.00000000.827604651.0000000002563000.00000004.00000040.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	heap private
Protect:	page read and write
Base address:	2563000
Size:	49152

Details

Name:	00000009.00000002.765586814.00007FF57EEF9000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EEF9000
Size:	32768

Details

Name:	00000010.00000000.832752530.0000000003955000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3955000
Size:	49152

Details

Name:	0000000B.00000002.796451870.00007FF5E0284000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E0284000
Size:	20480

Details

Name:	00000006.00000002.706771070.00007FF530BED000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF530BED000
Size:	16384

Details

Name:	00000010.00000000.803907053.0000000002FE0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2FE0000
Size:	16384

Details

Name:	0000000F.00000002.803002932.00007FF5BB386000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BB386000
Size:	8192

Details

Name:	0000000F.00000002.802811362.00007FF5BB30A000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BB30A000
Size:	8192

Details

Name:	00000009.00000002.763536732.00007FF57EA97000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EA97000
Size:	4096

Details

Name:	00000010.00000000.803155996.0000000002B20000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2B20000
Size:	4096

Details

Name:	00000010.00000000.822005105.00007FF596123000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596123000
Size:	8192

Details

Name:	00000003.00000002.648205602.00007FF5655CD000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5655CD000
Size:	16384

Details

Name:	00000010.00000000.821616694.00007FF595F83000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF595F83000
Size:	24576

Details

Name:	00000009.00000002.763672983.00007FF57EC00000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EC00000
Size:	4096

Details

Name:	00000009.00000002.764129576.00007FF57ECD1000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57ECD1000
Size:	12288

Details

Name:	0000000B.00000002.795686150.00007FF5DFF78000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5DFF78000
Size:	20480

Details

Name:	00000009.00000002.762404245.000001C24DD00000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD00000
Size:	81920

Details

Name:	00000002.00000002.644738147.00007FF5895FD000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5895FD000
Size:	12288

Details

Name:	00000010.00000000.803162852.0000000002B32000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2B32000
Size:	4096

Details

Name:	00000009.00000003.735390987.000001C24D4A7000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24D4A7000
Size:	24576

Details

Name:	00000010.00000000.823536349.00007FF5965E3000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5965E3000
Size:	4096

Details

Name:	00000002.00000002.644040850.000000D58DA7F000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	D58DA7F000
Size:	4096

Details

Name:	00000003.00000002.648103478.00007FF56555B000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF56555B000
Size:	45056

Details

Name:	0000000F.00000002.802956469.00007FF5BB364000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BB364000
Size:	20480

Details

Name:	00000002.00000002.644101595.000001FC461C0000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1FC461C0000
Size:	16384

Details

Name:	00000010.00000000.825380508.0000000000A90000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	A90000
Size:	8192

Details

Name:	0000000F.00000002.800123252.0000009EA2A7A000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	9EA2A7A000
Size:	24576

Details

Name:	00000010.00000000.836984843.0000000004873000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4873000
Size:	12288

Details

Name:	00000010.00000000.806926287.0000000003752000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3752000
Size:	86016

Details

Name:	0000000A.00000002.745908347.000001D2E4355000.00000004.00000040.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	1D2E4355000
Size:	8192

Details

Name:	00000003.00000002.647131231.000001BD50E00000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1BD50E00000
Size:	4096

Details

Name:	00000009.00000003.748463055.000001C24DD65000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD65000
Size:	53248

Details

Name:	00000002.00000002.644839396.00007FF589D40000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589D40000
Size:	4096

Details

Name:	00000010.00000000.808201158.0000000003EB5000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3EB5000
Size:	8192

Details

Name:	00000010.00000000.820120065.000000000E7DF000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	E7DF000
Size:	4096

Details

Name:	00000010.00000000.814161623.0000000006825000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	6825000
Size:	20480

Details

Name:	00000010.00000000.803474483.0000000002C9C000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2C9C000
Size:	20480

Details

Name:	00000010.00000000.823386445.00007FF59658C000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59658C000
Size:	8192

Details

Name:	00000011.00000003.847102429.0000000000F31000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	F31000
Size:	24576

Details

Name:	00000004.00000002.666300528.0000007EE0AF5000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7EE0AF5000
Size:	45056

Details

Name:	00000009.00000003.761421312.000001C24D455000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24D455000
Size:	106496

Details

Name:	00000003.00000002.647158832.000001BD50E13000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1BD50E13000
Size:	86016

Details

Name:	00000003.00000002.648149134.00007FF565594000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF565594000
Size:	4096

Details

Name:	00000010.00000000.827483043.00000000024F0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	24F0000
Size:	49152

Details

Name:	0000000B.00000003.789158530.0000017917242000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17917242000
Size:	262144

Details

Name:	00000002.00000003.643885985.000001FC4626C000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1FC4626C000
Size:	32768

Details

Name:	00000003.00000002.646849500.000001BD50BA0000.00000004.00000040.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	1BD50BA0000
Size:	4096

Details

Name:	00000010.00000000.821570890.00007FF595F4F000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF595F4F000
Size:	12288

Details

Name:	0000000F.00000002.802928112.00007FF5BB348000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BB348000
Size:	24576

Details

Name:	0000000B.00000002.793005632.00000047E777A000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	47E777A000
Size:	24576

Details

Name:	00000010.00000000.810568497.0000000004360000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4360000
Size:	49152

Details

Name:	0000000E.00000003.797702074.00000000009C4000.00000004.00000001.sdmp
TargetID:	14
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	9C4000
Size:	4096

Details

Name:	00000009.00000003.747719314.000001C24E261000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24E261000
Size:	389120

Details

Name:	00000010.00000000.817846970.000000000A9AE000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	A9AE000
Size:	266240

Details

Name:	00000001.00000003.691908827.0000000004B30000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4B30000
Size:	65536

Details

Name:	00000002.00000002.644764506.00007FF589A6F000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589A6F000
Size:	8192

Details

Name:	00000010.00000000.837531944.0000000004F90000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4F90000
Size:	110592

Details

Name:	00000003.00000002.648026293.00007FF56544B000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF56544B000
Size:	4096

Details

Name:	00000009.00000003.742308747.000001C24DD86000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD86000
Size:	40960

Details

Name:	00000010.00000000.823655377.00007FF596625000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596625000
Size:	12288

Details

Name:	00000011.00000002.910104568.00000000011A0000.00000040.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	11A0000
Size:	1523712

Details

Name:	00000001.00000002.798517732.0000000000828000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	828000
Size:	319488

Details

Name:	00000003.00000003.646600634.000001BD50E6B000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BD50E6B000
Size:	32768

Details

Name:	00000002.00000003.643751894.000001FC46270000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1FC46270000
Size:	16384

Details

Name:	00000010.00000000.832820603.0000000003962000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3962000
Size:	24576

Details

Name:	00000010.00000000.821561390.00007FF595F4C000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF595F4C000
Size:	4096

Details

Name:	00000007.00000002.720974756.00007FF528CB5000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF528CB5000
Size:	12288

Details

Name:	00000001.00000002.802902887.0000000004A20000.00000004.00000040.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	4A20000
Size:	4096

Details

Name:	00000009.00000003.747863065.000001C24E202000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24E202000
Size:	389120

Details

Name:	00000010.00000000.812812936.00000000057D0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	57D0000
Size:	925696

Details

Name:	00000010.00000000.823256652.00007FF59651B000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59651B000
Size:	4096

Details

Name:	00000010.00000000.836468209.00000000044DF000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	44DF000
Size:	36864

Details

Name:	00000010.00000000.823085301.00007FF5964B8000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5964B8000
Size:	4096

Details

Name:	00000006.00000002.705094788.000000E388F7E000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	E388F7E000
Size:	8192

Details

Name:	00000006.00000002.706745657.00007FF530BE9000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF530BE9000
Size:	12288

Details

Name:	00000009.00000002.762439555.000001C24DD3E000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD3E000
Size:	61440

Details

Name:	00000010.00000000.831883207.0000000003752000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3752000
Size:	86016

Details

Name:	0000000B.00000002.792980954.00000047E75F9000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	47E75F9000
Size:	28672

Details

Name:	0000000F.00000002.803025895.00007FF5BB38D000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BB38D000
Size:	16384

Details

Name:	00000007.00000002.720962950.00007FF528CB0000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF528CB0000
Size:	16384

Details

Name:	00000001.00000002.799002120.0000000002460000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2460000
Size:	180224

Details

Name:	00000010.00000000.811343879.0000000004967000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4967000
Size:	36864

Details

Name:	00000004.00000002.667292263.00007FF5B392A000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B392A000
Size:	20480

Details

Name:	00000011.00000002.910580873.0000000003430000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3430000
Size:	8192

Details

Name:	00000010.00000000.809162107.0000000004180000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4180000
Size:	323584

Details

Name:	00000010.00000000.825207320.0000000000730000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	730000
Size:	24576

Details

Name:	00000010.00000000.830409549.00000000029BA000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	29BA000
Size:	24576

Details

Name:	00000010.00000000.837469135.0000000004ED4000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4ED4000
Size:	147456

Details

Name:	0000000B.00000002.795956280.00007FF5E0140000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E0140000
Size:	4096

Details

Name:	00000010.00000000.823511548.00007FF5965D5000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5965D5000
Size:	8192

Details

Name:	00000010.00000000.822965882.00007FF596459000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596459000
Size:	4096

Details

Name:	00000006.00000002.705350827.000002E190708000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2E190708000
Size:	12288

Details

Name:	00000001.00000003.691890822.0000000004B50000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4B50000
Size:	53248

Details

Name:	00000001.00000003.693818758.0000000004980000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4980000
Size:	20480

Details

Name:	00000001.00000003.642373615.0000000000727000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	727000
Size:	20480

Details

Name:	0000000B.00000003.789132293.0000017913CEC000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17913CEC000
Size:	8192

Details

Name:	00000010.00000000.808677132.00000000040B4000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	40B4000
Size:	4096

Details

Name:	0000000F.00000002.802841967.00007FF5BB315000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BB315000
Size:	12288

Details

Name:	00000002.00000002.644870053.00007FF589DA0000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589DA0000
Size:	16384

Details

Name:	00000010.00000000.807710856.0000000003C95000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3C95000
Size:	20480

Details

Name:	00000010.00000000.808651537.000000000409B000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	409B000
Size:	12288

Details

Name:	00000010.00000000.836136841.0000000004300000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4300000
Size:	126976

Details

Name:	0000000B.00000002.792942739.00000047E737A000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	47E737A000
Size:	24576

Details

Name:	00000010.00000000.832059427.0000000003822000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3822000
Size:	86016

Details

Name:	00000002.00000003.643865095.000001FC4626C000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1FC4626C000
Size:	32768

Details

Name:	00000009.00000003.743681651.000001C24E213000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24E213000
Size:	167936

Details

Name:	00000006.00000002.705561358.000002E191000000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2E191000000
Size:	3371008

Details

Name:	00000009.00000003.745413685.000001C24DDAE000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DDAE000
Size:	167936

Details

Name:	0000000B.00000002.795910719.00007FF5E00A8000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E00A8000
Size:	4096

Details

Name:	00000003.00000002.648091973.00007FF565555000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF565555000
Size:	12288

Details

Name:	0000000B.00000002.794219002.0000017915B54000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17915B54000
Size:	77824

Details

Name:	00000010.00000000.832854216.0000000003969000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3969000
Size:	53248

Details

Name:	00000010.00000000.821028516.00000000112DB000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	112DB000
Size:	20480

Details

Name:	00000009.00000003.747687025.000001C24DDB2000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DDB2000
Size:	196608

Details

Name:	00000010.00000000.837216752.0000000004B70000.00000008.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page write copy
Base address:	4B70000
Size:	266240

Details

Name:	0000000B.00000003.789114341.0000017913CEB000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17913CEB000
Size:	12288

Details

Name:	00000001.00000003.692681286.0000000004BA0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4BA0000
Size:	65536

Details

Name:	00000010.00000000.821756459.00007FF595FC3000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF595FC3000
Size:	4096

Details

Name:	00000010.00000000.804068853.00000000030B0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	30B0000
Size:	204800

Details

Name:	00000006.00000002.705206914.000002E190590000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2E190590000
Size:	4096

Details

Name:	00000010.00000000.832090516.0000000003847000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3847000
Size:	368640

Details

Name:	00000010.00000000.820563455.000000000EDE4000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	EDE4000
Size:	229376

Details

Name:	00000009.00000003.743853834.000001C24DD69000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD69000
Size:	4096

Details

Name:	00000003.00000002.648116849.00007FF565567000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF565567000
Size:	49152

Details

Name:	0000000F.00000002.801304128.000002197D200000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2197D200000
Size:	4096

Details

Name:	00000009.00000002.762288450.000001C24D508000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24D508000
Size:	16384

Details

Name:	00000009.00000002.765373844.00007FF57EE80000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EE80000
Size:	16384

Details

Name:	00000001.00000002.798890928.0000000000C50000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	C50000
Size:	32768

Details

Name:	00000003.00000002.647188768.000001BD50E29000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1BD50E29000
Size:	86016

Details

Name:	00000010.00000000.822402677.00007FF59624F000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59624F000
Size:	12288

Details

Name:	00000007.00000002.720949324.00007FF528CAA000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF528CAA000
Size:	8192

Details

Name:	00000010.00000000.808209559.0000000003EC7000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3EC7000
Size:	40960

Details

Name:	00000010.00000000.823879465.00007FF59670A000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59670A000
Size:	12288

Details

Name:	00000010.00000000.825408229.0000000000AB0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	AB0000
Size:	16384

Details

Name:	00000010.00000000.830915226.0000000002C93000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2C93000
Size:	24576

Details

Name:	00000010.00000000.832541309.0000000003925000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3925000
Size:	49152

Details

Name:	00000010.00000000.822975876.00007FF59645E000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59645E000
Size:	4096

Details

Name:	00000009.00000003.742213907.000001C24DDA6000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DDA6000
Size:	73728

Details

Name:	00000009.00000003.743878389.000001C24DD22000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD22000
Size:	4096

Details

Name:	00000010.00000000.807172793.00000000038D2000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	38D2000
Size:	24576

Details

Name:	00000001.00000002.798054918.0000000000694000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	694000
Size:	36864

Details

Name:	00000007.00000002.720133244.000002083A500000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2083A500000
Size:	4096

Details

Name:	00000010.00000000.821738985.00007FF595FBA000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF595FBA000
Size:	4096

Details

Name:	00000004.00000002.666544046.000001E73F902000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1E73F902000
Size:	16384

Details

Name:	00000010.00000000.822471293.00007FF59628A000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59628A000
Size:	4096

Details

Name:	00000010.00000000.816697389.000000000816F000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	816F000
Size:	4096

Details

Name:	0000000B.00000003.791403006.0000017913C92000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17913C92000
Size:	32768

Details

Name:	00000011.00000002.910430266.000000000303F000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	303F000
Size:	8192

Details

Name:	00000010.00000000.816531277.0000000007919000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7919000
Size:	32768

Details

Name:	00000010.00000000.813551842.0000000005CB2000.00000004.00000040.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	heap private
Protect:	page read and write
Base address:	5CB2000
Size:	24576

Details

Name:	00000009.00000003.748152305.000001C24DD6D000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD6D000
Size:	16384

Details

Name:	00000001.00000003.793860859.00000000009C1000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	9C1000
Size:	65536

Details

Name:	0000000B.00000002.792849959.00000047E6CF9000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	47E6CF9000
Size:	28672

Details

Name:	00000010.00000000.819072641.000000000CE88000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	CE88000
Size:	4096

Details

Name:	0000000B.00000002.794477374.0000017915BD2000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17915BD2000
Size:	45056

Details

Name:	00000010.00000000.801180612.0000000000AC0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	AC0000
Size:	16384

Details

Name:	00000009.00000003.743586619.000001C24E213000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24E213000
Size:	12288

Details

Name:	0000000B.00000002.795877138.00007FF5E009B000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E009B000
Size:	4096

Details

Name:	00000010.00000000.811921431.00000000051C8000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	51C8000
Size:	32768

Details

Name:	00000010.00000000.837321356.0000000004CEC000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4CEC000
Size:	16384

Details

Name:	00000003.00000002.646797952.000000368837E000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	368837E000
Size:	8192

Details

Name:	00000010.00000000.802285110.0000000000CB0000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	CB0000
Size:	4096

Details

Name:	0000000E.00000002.848736061.0000000001360000.00000040.00000001.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	1360000
Size:	503808

Details

Name:	00000011.00000002.910595568.0000000003450000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3450000
Size:	32768

Details

Name:	00000010.00000000.835376161.0000000004074000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4074000
Size:	4096

Details

Name:	00000009.00000002.765630717.00007FF57EF64000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EF64000
Size:	20480

Details

Name:	00000010.00000000.822612446.00007FF5962FA000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5962FA000
Size:	8192

Details

Name:	00000010.00000000.808267270.0000000003EF7000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3EF7000
Size:	40960

Details

Name:	00000009.00000003.746181038.000001C24DD22000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD22000
Size:	16384

Details

Name:	00000011.00000002.909933503.0000000000F35000.00000004.00000020.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	F35000
Size:	12288

Details

Name:	00000010.00000000.816077652.0000000007815000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7815000
Size:	163840

Details

Name:	00000010.00000000.823059067.00007FF5964B0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5964B0000
Size:	16384

Details

Name:	00000009.00000002.763598147.00007FF57EBF7000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EBF7000
Size:	8192

Details

Name:	00000009.00000003.741108425.000001C24DD22000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD22000
Size:	16384

Details

Name:	00000010.00000000.822247882.00007FF5961CD000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5961CD000
Size:	4096

Details

Name:	00000009.00000003.747927667.000001C24DD81000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD81000
Size:	4096

Details

Name:	00000006.00000002.706647993.00007FF530BCF000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF530BCF000
Size:	8192

Details

Name:	00000010.00000000.802326518.0000000000CF0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	CF0000
Size:	32768

Details

Name:	00000002.00000002.644816349.00007FF589C81000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589C81000
Size:	4096

Details

Name:	00000010.00000000.814326371.0000000006835000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	6835000
Size:	4096

Details

Name:	00000011.00000003.847059669.0000000000F3C000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	F3C000
Size:	24576

Details

Name:	00000011.00000002.910542745.00000000030E3000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	30E3000
Size:	16384

Details

Name:	00000010.00000000.806941243.0000000003777000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3777000
Size:	40960

Details

Name:	00000010.00000000.832323718.00000000038D2000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	38D2000
Size:	24576

Details

Name:	00000009.00000003.745281513.000001C24DDAE000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DDAE000
Size:	106496

Details

Name:	00000011.00000002.910511221.00000000030C4000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	30C4000
Size:	28672

Details

Name:	0000000F.00000002.802822640.00007FF5BB30E000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BB30E000
Size:	4096

Details

Name:	0000000A.00000002.746027751.00007FF57234B000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57234B000
Size:	20480

Details

Name:	00000010.00000000.821831423.00007FF5960F6000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5960F6000
Size:	16384

Details

Name:	00000003.00000002.648168868.00007FF5655AE000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5655AE000
Size:	12288

Details

Name:	0000000A.00000002.746040644.00007FF57236F000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57236F000
Size:	16384

Details

Name:	00000001.00000002.798089986.00000000006AA000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	6AA000
Size:	4096

Details

Name:	00000004.00000002.667359274.00007FF5B39D1000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B39D1000
Size:	20480

Details

Name:	00000010.00000000.823175381.00007FF5964E8000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5964E8000
Size:	8192

Details

Name:	00000003.00000002.647992639.00007FF565316000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF565316000
Size:	4096

Details

Name:	00000009.00000003.743830132.000001C24DD6A000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD6A000
Size:	4096

Details

Name:	00000010.00000000.807254965.0000000003939000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3939000
Size:	53248

Details

Name:	0000000A.00000002.745531037.000000219C53F000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	219C53F000
Size:	4096

Details

Name:	00000010.00000000.837334697.0000000004CF0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4CF0000
Size:	8192

Details

Name:	0000000B.00000002.793201874.0000017913BD0000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	17913BD0000
Size:	32768

Details

Name:	00000009.00000002.762425031.000001C24DD2A000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD2A000
Size:	40960

Details

Name:	00000010.00000000.818092448.000000000AFEB000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	AFEB000
Size:	20480

Details

Name:	00000010.00000000.818057859.000000000AEE7000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	AEE7000
Size:	36864

Details

Name:	00000001.00000003.796412728.00000000006C4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000010.00000000.837264639.0000000004C10000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4C10000
Size:	204800

Details

Name:	0000000E.00000002.847661435.0000000000F20000.00000040.00000001.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	F20000
Size:	1150976

Signature Hits	Behavior Group	Mitre Attack
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000010.00000000.831312339.0000000003130000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3130000
Size:	32768

Details

Name:	00000004.00000002.667241627.00007FF5B38EB000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B38EB000
Size:	45056

Details

Name:	00000003.00000002.646810596.00000036883FA000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	36883FA000
Size:	24576

Details

Name:	0000000B.00000002.792857706.00000047E6D7A000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	47E6D7A000
Size:	24576

Details

Name:	00000003.00000002.646868790.000001BD50C10000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1BD50C10000
Size:	806912

Details

Name:	00000003.00000002.648132610.00007FF56557F000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF56557F000
Size:	16384

Details

Name:	00000004.00000002.666557393.000001E73FA00000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1E73FA00000
Size:	4096

Details

Name:	00000002.00000002.644964164.00007FF589E16000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589E16000
Size:	8192

Details

Name:	00000009.00000002.765012016.00007FF57EE4F000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EE4F000
Size:	4096

Details

Name:	00000010.00000000.836761781.0000000004791000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4791000
Size:	495616

Details

Name:	00000010.00000000.803096371.0000000002ABE000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2ABE000
Size:	8192

Details

Name:	0000000B.00000003.789028092.0000017915B68000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17915B68000
Size:	40960

Details

Name:	00000007.00000002.719916391.000000E49707F000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	E49707F000
Size:	4096

Details

Name:	00000003.00000002.648072146.00007FF56554E000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF56554E000
Size:	4096

Details

Name:	00000010.00000000.825876059.0000000000BAB000.00000004.00000020.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	heap default
Protect:	page read and write
Base address:	BAB000
Size:	8192

Details

Name:	00000009.00000003.745359883.000001C24E202000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24E202000
Size:	159744

Details

Name:	00000010.00000000.837176493.0000000004A60000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4A60000
Size:	8192

Details

Name:	00000001.00000003.693107942.0000000004980000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4980000
Size:	65536

Details

Name:	00000010.00000000.815687766.00000000076FA000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	76FA000
Size:	397312

Details

Name:	0000000B.00000002.795575694.00007FF5DFE5C000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5DFE5C000
Size:	8192

Details

Name:	00000006.00000002.706803502.00007FF530C5A000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF530C5A000
Size:	12288

Details

Name:	00000001.00000003.792741584.00000000005E0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E0000
Size:	65536

Details

Name:	00000010.00000000.809847360.0000000004260000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4260000
Size:	180224

Details

Name:	0000000B.00000002.793400010.0000017913E00000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	17913E00000
Size:	32768

Details

Name:	00000010.00000000.808385001.0000000003F92000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3F92000
Size:	4096

Details

Name:	00000010.00000000.808314484.0000000003F32000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3F32000
Size:	73728

Details

Name:	0000000E.00000003.797673881.0000000000BF1000.00000004.00000001.sdmp
TargetID:	14
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	BF1000
Size:	167936

Details

Name:	00000009.00000002.765385644.00007FF57EE85000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EE85000
Size:	12288

Details

Name:	00000001.00000003.693290221.0000000004980000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4980000
Size:	20480

Details

Name:	0000000F.00000002.800113250.0000009EA27EE000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	9EA27EE000
Size:	8192

Details

Name:	00000007.00000002.721030850.00007FF528CE7000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF528CE7000
Size:	28672

Details

Name:	0000000B.00000003.783791133.0000017915C20000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17915C20000
Size:	4096

Details

Name:	00000006.00000002.705380687.000002E190C60000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2E190C60000
Size:	1269760

Details

Name:	00000010.00000000.802385537.0000000002490000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2490000
Size:	4096

Details

Name:	00000001.00000003.796385125.00000000006C4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000010.00000000.823016355.00007FF59648E000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59648E000
Size:	8192

Details

Name:	00000001.00000003.796204093.0000000000600000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	600000
Size:	16384

Details

Name:	00000009.00000003.751587430.000001C24DD65000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD65000
Size:	8192

Details

Name:	00000010.00000000.813672851.0000000005E50000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	5E50000
Size:	12288

Signature Hits	Behavior Group	Mitre Attack
May try to detect the Windows Explorer process (often used for injection)	HIPS / PFW / Operating System Protection Evasion	Process Injection Process Discovery

Details

Name:	0000000E.00000003.796502868.0000000000AFF000.00000004.00000001.sdmp
TargetID:	14
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AFF000
Size:	45056

Details

Name:	00000010.00000000.811269682.0000000004853000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4853000
Size:	12288

Details

Name:	00000004.00000002.666336156.000001E73F640000.00000004.00000040.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	1E73F640000
Size:	4096

Details

Name:	00000006.00000002.706064655.00007FF5309C1000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5309C1000
Size:	12288

Details

Name:	00000009.00000002.764729041.00007FF57EE20000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EE20000
Size:	4096

Details

Name:	00000001.00000003.693553424.00000000049E4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	49E4000
Size:	49152

Details

Name:	0000000B.00000002.794700898.0000017915C40000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17915C40000
Size:	8192

Details

Name:	00000010.00000000.836077314.00000000042C2000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	42C2000
Size:	102400

Details

Name:	00000004.00000002.667325893.00007FF5B3956000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B3956000
Size:	8192

Details

Name:	00000010.00000000.836244166.0000000004360000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4360000
Size:	49152

Details

Name:	00000001.00000002.803242104.0000000004ECE000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4ECE000
Size:	8192

Details

Name:	00000003.00000003.646533580.000001BD50E6B000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BD50E6B000
Size:	32768

Details

Name:	00000010.00000000.831021309.0000000002DA0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2DA0000
Size:	733184

Details

Name:	00000010.00000000.816664149.0000000007EEB000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	7EEB000
Size:	20480

Details

Name:	00000010.00000000.837416148.0000000004D40000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4D40000
Size:	16384

Details

Name:	00000010.00000000.830599432.0000000002B90000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2B90000
Size:	4096

Details

Name:	00000010.00000000.836564724.0000000004625000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4625000
Size:	45056

Details

Name:	00000010.00000000.825363261.0000000000A80000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	A80000
Size:	8192

Details

Name:	00000003.00000002.646845690.000000368857F000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	368857F000
Size:	4096

Details

Name:	00000009.00000003.749341235.000001C24DD9D000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD9D000
Size:	77824

Details

Name:	0000000E.00000002.847533815.0000000000EEF000.00000004.00000001.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	EEF000
Size:	4096

Details

Name:	00000010.00000000.807129095.00000000038A2000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	38A2000
Size:	24576

Details

Name:	00000010.00000000.831167861.0000000002F90000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2F90000
Size:	294912

Details

Name:	0000000B.00000003.786911025.0000017916310000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17916310000
Size:	720896

Details

Name:	00000010.00000000.816118219.000000000783E000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	783E000
Size:	81920

Details

Name:	00000001.00000003.693481818.0000000004A00000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4A00000
Size:	40960

Details

Name:	00000010.00000000.814495246.0000000006842000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	6842000
Size:	53248

Details

Name:	00000010.00000000.837057916.00000000048D0000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	48D0000
Size:	4096

Details

Name:	00000010.00000000.823328270.00007FF596566000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596566000
Size:	12288

Details

Name:	00000009.00000003.737001574.000001C24DD43000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD43000
Size:	159744

Details

Name:	00000010.00000000.835189599.0000000003FD0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3FD0000
Size:	4096

Details

Name:	00000001.00000003.691641894.0000000004CA0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4CA0000
Size:	65536

Details

Name:	00000009.00000002.765435101.00007FF57EEB7000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EEB7000
Size:	28672

Details

Name:	0000000B.00000002.794247542.0000017915B68000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17915B68000
Size:	40960

Details

Name:	00000009.00000003.742489442.000001C24DD5D000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD5D000
Size:	32768

Details

Name:	00000010.00000000.831119007.0000000002E60000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2E60000
Size:	4096

Details

Name:	00000009.00000003.748264785.000001C24DD1F000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD1F000
Size:	32768

Details

Name:	00000007.00000002.720098105.000002083A44A000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2083A44A000
Size:	4096

Details

Name:	00000010.00000000.813100671.0000000005A00000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	5A00000
Size:	1212416

Signature Hits	Behavior Group	Mitre Attack
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000010.00000000.837143823.00000000049D0000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	49D0000
Size:	4096

Details

Name:	00000010.00000000.822376045.00007FF596235000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596235000
Size:	4096

Details

Name:	00000011.00000002.910566146.00000000033DE000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	33DE000
Size:	8192

Details

Name:	00000003.00000003.646375139.000001BD50E6B000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BD50E6B000
Size:	32768

Details

Name:	00000010.00000000.837569869.0000000004FD0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4FD0000
Size:	16384

Details

Name:	00000010.00000000.833894728.0000000003B26000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3B26000
Size:	20480

Details

Name:	00000010.00000000.815260298.00000000075DE000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	75DE000
Size:	24576

Details

Name:	00000010.00000000.827230527.0000000000CB0000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	CB0000
Size:	4096

Details

Name:	00000010.00000000.831132985.0000000002F60000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2F60000
Size:	4096

Details

Name:	00000003.00000003.646400258.000001BD50E6B000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BD50E6B000
Size:	32768

Details

Name:	0000000B.00000002.796089702.00007FF5E01A0000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E01A0000
Size:	16384

Details

Name:	00000011.00000002.910329525.0000000002F10000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2F10000
Size:	4096

Details

Name:	00000009.00000003.738356068.000001C24DD96000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD96000
Size:	147456

Details

Name:	00000010.00000000.835128750.0000000003FB2000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3FB2000
Size:	4096

Details

Name:	00000010.00000000.802455359.0000000002560000.00000004.00000040.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	heap private
Protect:	page read and write
Base address:	2560000
Size:	8192

Details

Name:	0000000B.00000002.794801635.0000017915C90000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	17915C90000
Size:	1269760

Details

Name:	00000010.00000000.809747388.0000000004249000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4249000
Size:	12288

Details

Name:	00000002.00000002.644106793.000001FC46200000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1FC46200000
Size:	4096

Details

Name:	00000010.00000000.811594799.0000000004C60000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4C60000
Size:	4096

Details

Name:	00000010.00000000.814258638.0000000006831000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	6831000
Size:	4096

Details

Name:	00000010.00000000.821492814.00007FF595F33000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF595F33000
Size:	4096

Details

Name:	00000003.00000002.648085903.00007FF565550000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF565550000
Size:	16384

Details

Name:	00000007.00000002.720068524.000002083A429000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2083A429000
Size:	73728

Details

Name:	00000002.00000002.644191410.000001FC46400000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1FC46400000
Size:	806912

Details

Name:	00000010.00000000.823581610.00007FF59660A000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59660A000
Size:	4096

Details

Name:	00000010.00000000.835024646.0000000003F60000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3F60000
Size:	200704

Details

Name:	00000004.00000002.667172286.00007FF5B37DE000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B37DE000
Size:	4096

Details

Name:	00000010.00000000.810294578.0000000004300000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4300000
Size:	126976

Details

Name:	0000000F.00000002.802743225.00007FF5BB135000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BB135000
Size:	4096

Details

Name:	00000010.00000000.818047942.000000000AE6B000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	AE6B000
Size:	20480

Details

Name:	00000010.00000000.822289996.00007FF5961DD000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5961DD000
Size:	8192

Details

Name:	00000011.00000003.848275531.0000000004D11000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D11000
Size:	167936

Details

Name:	00000003.00000002.646855468.000001BD50C00000.00000004.00000020.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	1BD50C00000
Size:	8192

Details

Name:	0000000B.00000003.778682496.0000017913C6A000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17913C6A000
Size:	28672

Details

Name:	00000010.00000000.817900587.000000000AAE8000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	AAE8000
Size:	32768

Details

Name:	00000009.00000002.764461752.00007FF57EDD3000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EDD3000
Size:	24576

Details

Name:	00000010.00000000.832001046.00000000037F2000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	37F2000
Size:	86016

Details

Name:	00000010.00000000.816857231.0000000008601000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	8601000
Size:	4096

Details

Name:	00000010.00000000.808509957.0000000003FD2000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3FD2000
Size:	4096

Details

Name:	00000007.00000002.720709992.00007FF528870000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF528870000
Size:	20480

Details

Name:	00000010.00000000.817358799.000000000A7AE000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	A7AE000
Size:	4096

Details

Name:	00000006.00000002.706781985.00007FF530C54000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF530C54000
Size:	20480

Details

Name:	00000007.00000002.720040359.000002083A402000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2083A402000
Size:	65536

Details

Name:	0000000B.00000002.793363654.0000017913CF4000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17913CF4000
Size:	122880

Details

Name:	00000010.00000000.836527626.0000000004580000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4580000
Size:	4096

Details

Name:	00000010.00000000.837086649.0000000004970000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4970000
Size:	4096

Details

Name:	00000010.00000000.825974828.0000000000BB4000.00000004.00000020.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	heap default
Protect:	page read and write
Base address:	BB4000
Size:	110592

Details

Name:	00000011.00000002.910437402.0000000003043000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3043000
Size:	12288

Details

Name:	00000001.00000003.693411567.0000000004B40000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4B40000
Size:	65536

Details

Name:	00000010.00000000.811263872.0000000004840000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4840000
Size:	4096

Details

Name:	00000011.00000002.910534756.00000000030D8000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	30D8000
Size:	12288

Details

Name:	0000000B.00000003.778768647.0000017913C69000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17913C69000
Size:	32768

Details

Name:	00000010.00000000.837189061.0000000004AEA000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4AEA000
Size:	24576

Details

Name:	00000011.00000002.910306126.0000000002EEE000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2EEE000
Size:	12288

Details

Name:	00000010.00000000.830538892.0000000002B00000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2B00000
Size:	8192

Details

Name:	00000011.00000003.849139930.00000000010C4000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	10C4000
Size:	4096

Details

Name:	00000003.00000000.645755865.00007FF565642000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF565642000
Size:	16384

Details

Name:	00000011.00000002.910321213.0000000002F08000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2F08000
Size:	24576

Details

Name:	00000003.00000003.646465376.000001BD50E6B000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BD50E6B000
Size:	32768

Details

Name:	00000010.00000000.827244626.0000000000CD0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	CD0000
Size:	8192

Details

Name:	00000009.00000002.763204911.00007FF57E9F2000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57E9F2000
Size:	4096

Details

Name:	00000011.00000002.910500515.00000000030B5000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	30B5000
Size:	32768

Details

Name:	00000011.00000002.910336202.0000000002FC8000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2FC8000
Size:	4096

Details

Name:	00000010.00000000.801206891.0000000000AD0000.00000004.00000020.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	heap default
Protect:	page read and write
Base address:	AD0000
Size:	28672

Details

Name:	00000009.00000003.749392423.000001C24DDB3000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DDB3000
Size:	77824

Details

Name:	0000000B.00000003.791544040.0000017913D61000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17913D61000
Size:	131072

Details

Name:	0000000F.00000002.802785711.00007FF5BB2B0000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BB2B0000
Size:	4096

Details

Name:	00000010.00000000.811439704.0000000004A60000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4A60000
Size:	8192

Details

Name:	00000010.00000000.811379383.0000000004990000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4990000
Size:	4096

Details

Name:	0000000B.00000002.792988796.00000047E767B000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	47E767B000
Size:	20480

Details

Name:	00000010.00000000.807182363.00000000038D9000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	38D9000
Size:	53248

Details

Name:	00000009.00000002.762465430.000001C24DD5F000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD5F000
Size:	4096

Details

Name:	00000001.00000002.802910334.0000000004A30000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	4A30000
Size:	970752

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	0000000A.00000002.745884048.000001D2E41B0000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1D2E41B0000
Size:	8192

Details

Name:	0000000E.00000003.796468323.0000000000AFE000.00000004.00000001.sdmp
TargetID:	14
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AFE000
Size:	8192

Details

Name:	00000003.00000002.647249210.000001BD50E57000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1BD50E57000
Size:	81920

Details

Name:	00000010.00000000.838492684.00000000058C0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	58C0000
Size:	1269760

Details

Name:	00000009.00000003.743752255.000001C24DD66000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD66000
Size:	4096

Details

Name:	00000007.00000002.720874800.00007FF528BAE000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF528BAE000
Size:	4096

Details

Name:	00000009.00000003.742320744.000001C24DDCA000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DDCA000
Size:	147456

Details

Name:	00000006.00000002.705201720.000002E190580000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2E190580000
Size:	4096

Details

Name:	00000001.00000002.797993503.0000000000670000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	670000
Size:	8192

Details

Name:	00000010.00000000.803288465.0000000002BFE000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2BFE000
Size:	139264

Details

Name:	00000007.00000002.720279143.000002083AC02000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2083AC02000
Size:	4096

Details

Name:	00000007.00000003.719736601.000002083A449000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2083A449000
Size:	8192

Details

Name:	00000009.00000002.761942414.000001C24D3B0000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24D3B0000
Size:	4096

Details

Name:	00000009.00000002.763209536.00007FF57EA40000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EA40000
Size:	20480

Details

Name:	00000001.00000002.801979455.000000000458E000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	458E000
Size:	8192

Details

Name:	00000006.00000002.705076194.000000E388BFB000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	E388BFB000
Size:	20480

Details

Name:	00000009.00000003.743621843.000001C24E212000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24E212000
Size:	172032

Details

Name:	00000004.00000002.666553695.000001E73F913000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1E73F913000
Size:	8192

Details

Name:	00000007.00000003.719286407.000002083A44F000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2083A44F000
Size:	4096

Details

Name:	0000000B.00000002.796283372.00007FF5E01F4000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E01F4000
Size:	20480

Details

Name:	0000000E.00000002.848540433.00000000011CB000.00000040.00000001.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	11CB000
Size:	4096

Details

Name:	0000000B.00000002.792890879.00000047E6FFB000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	47E6FFB000
Size:	20480

Details

Name:	0000000F.00000002.802735650.00007FF5BB131000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BB131000
Size:	12288

Details

Name:	00000009.00000003.749301419.000001C24DD72000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD72000
Size:	4096

Details

Name:	00000009.00000002.763448145.00007FF57EA55000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EA55000
Size:	4096

Details

Name:	00000010.00000000.814551805.0000000006A4E000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	6A4E000
Size:	8192

Details

Name:	00000010.00000000.803802454.0000000002F60000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2F60000
Size:	4096

Details

Name:	00000002.00000002.644053450.000000D58DAFE000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	D58DAFE000
Size:	8192

Details

Name:	00000010.00000000.836280327.0000000004372000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4372000
Size:	86016

Details

Name:	00000010.00000000.811234852.000000000480D000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	480D000
Size:	8192

Details

Name:	00000010.00000000.835924500.0000000004242000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4242000
Size:	12288

Details

Name:	00000010.00000000.824620196.00007FFAA5B2A000.00000004.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page read and write
Base address:	7FFAA5B2A000
Size:	4096

Details

Name:	00000010.00000000.822179291.00007FF596182000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596182000
Size:	8192

Details

Name:	00000010.00000000.802477448.0000000002570000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2570000
Size:	3371008

Details

Name:	00000010.00000000.830508585.0000000002AD0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2AD0000
Size:	4096

Details

Name:	00000010.00000000.837453200.0000000004D80000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4D80000
Size:	8192

Details

Name:	00000010.00000000.827280989.0000000000CE5000.00000004.00000040.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	heap private
Protect:	page read and write
Base address:	CE5000
Size:	40960

Details

Name:	00000001.00000003.691708578.0000000004C30000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4C30000
Size:	65536

Details

Name:	00000010.00000000.811327258.00000000048C0000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	48C0000
Size:	8192

Details

Name:	0000000B.00000002.796009685.00007FF5E016F000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E016F000
Size:	4096

Details

Name:	00000009.00000003.739945983.000001C24DD63000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD63000
Size:	4096

Details

Name:	0000000B.00000003.785522172.0000017917042000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17917042000
Size:	524288

Details

Name:	00000009.00000003.748348304.000001C24DD35000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD35000
Size:	94208

Details

Name:	00000010.00000000.837012774.0000000004890000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4890000
Size:	16384

Details

Name:	00000010.00000000.818142669.000000000B36E000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	B36E000
Size:	8192

Details

Name:	00000009.00000002.765526125.00007FF57EEE8000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EEE8000
Size:	12288

Details

Name:	00000010.00000000.808279106.0000000003F02000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3F02000
Size:	73728

Details

Name:	00000010.00000000.811045094.00000000046F0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	46F0000
Size:	20480

Details

Name:	00000004.00000002.666502062.000001E73F855000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1E73F855000
Size:	90112

Details

Name:	00000010.00000000.835667615.0000000004130000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4130000
Size:	319488

Details

Name:	00000002.00000002.644758001.00007FF589A6A000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589A6A000
Size:	16384

Details

Name:	00000010.00000000.822798246.00007FF59638B000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59638B000
Size:	36864

Details

Name:	0000000B.00000002.795136616.0000017915E53000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17915E53000
Size:	65536

Details

Name:	00000010.00000000.835849771.0000000004210000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4210000
Size:	114688

Details

Name:	00000002.00000002.644293758.000001FC464D0000.00000008.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page write copy
Base address:	1FC464D0000
Size:	266240

Details

Name:	00000010.00000000.821966269.00007FF59611B000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59611B000
Size:	4096

Details

Name:	00000010.00000000.837345878.0000000004D00000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4D00000
Size:	4096

Details

Name:	0000000F.00000002.802939597.00007FF5BB354000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BB354000
Size:	4096

Details

Name:	00000010.00000000.800707735.0000000000730000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	730000
Size:	24576

Details

Name:	00000009.00000003.738464509.000001C24DD75000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD75000
Size:	118784

Details

Name:	0000000A.00000003.745317998.000001D2E3FEE000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1D2E3FEE000
Size:	65536

Details

Name:	00000010.00000000.823521754.00007FF5965DC000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5965DC000
Size:	8192

Details

Name:	00000011.00000002.910362091.000000000300C000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	300C000
Size:	12288

Details

Name:	00000010.00000000.823818619.00007FF596696000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596696000
Size:	8192

Details

Name:	00000010.00000000.835109988.0000000003FB0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3FB0000
Size:	4096

Details

Name:	00000010.00000000.807160297.00000000038C5000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	38C5000
Size:	49152

Details

Name:	00000011.00000000.846023292.00000000030E3000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	30E3000
Size:	16384

Details

Name:	00000001.00000003.692070482.0000000000838000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	838000
Size:	40960

Details

Name:	00000010.00000000.821388694.00007FF595F2C000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF595F2C000
Size:	4096

Details

Name:	0000000B.00000003.785483444.0000017917002000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17917002000
Size:	143360

Details

Name:	0000000B.00000002.796067567.00007FF5E019A000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E019A000
Size:	8192

Details

Name:	0000000B.00000002.795674300.00007FF5DFF66000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5DFF66000
Size:	4096

Details

Name:	00000011.00000002.910526962.00000000030D2000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	30D2000
Size:	20480

Details

Name:	00000004.00000002.667236533.00007FF5B38E5000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B38E5000
Size:	12288

Details

Name:	00000010.00000000.803455354.0000000002C93000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2C93000
Size:	24576

Details

Name:	0000000B.00000003.788081046.0000017916410000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17916410000
Size:	692224

Details

Name:	00000010.00000000.808605579.0000000004060000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4060000
Size:	4096

Details

Name:	0000000B.00000002.792967009.00000047E74FD000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	47E74FD000
Size:	12288

Details

Name:	00000010.00000000.827310506.0000000001080000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	1080000
Size:	299008

Signature Hits	Behavior Group	Mitre Attack
May try to detect the Windows Explorer process (often used for injection)	HIPS / PFW / Operating System Protection Evasion	Process Injection Process Discovery

Details

Name:	00000003.00000002.648004661.00007FF565375000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF565375000
Size:	4096

Details

Name:	00000010.00000000.816763510.0000000008469000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	8469000
Size:	28672

Details

Name:	0000000B.00000003.785639329.0000017916610000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17916610000
Size:	262144

Details

Name:	00000010.00000000.837131881.00000000049B0000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	49B0000
Size:	4096

Details

Name:	00000011.00000003.889252462.0000000004F80000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4F80000
Size:	122880

Details

Name:	00000001.00000002.798135969.00000000006BB000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	6BB000
Size:	4096

Details

Name:	00000001.00000003.691945815.0000000004A1E000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4A1E000
Size:	8192

Details

Name:	00000009.00000003.739934024.000001C24DD5B000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD5B000
Size:	36864

Details

Name:	00000010.00000000.803590878.0000000002D40000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2D40000
Size:	393216

Details

Name:	00000006.00000002.705984935.00007FF530730000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF530730000
Size:	20480

Details

Name:	0000000F.00000002.802771408.00007FF5BB213000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BB213000
Size:	8192

Details

Name:	00000010.00000000.821171670.00007FF587779000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF587779000
Size:	32768

Details

Name:	00000001.00000003.691981294.00000000049D4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	49D4000
Size:	49152

Details

Name:	0000000B.00000002.792876639.00000047E6EFB000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	47E6EFB000
Size:	20480

Details

Name:	0000000B.00000003.791195347.0000017913D30000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17913D30000
Size:	131072

Details

Name:	00000007.00000002.720910634.00007FF528C14000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF528C14000
Size:	4096

Details

Name:	00000011.00000002.911089112.0000000005376000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5376000
Size:	4096

Details

Name:	00000009.00000003.737038173.000001C24DD5B000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD5B000
Size:	61440

Details

Name:	00000009.00000002.762230467.000001C24D4E2000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24D4E2000
Size:	40960

Details

Name:	00000001.00000002.798455796.00000000007FC000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	7FC000
Size:	4096

Details

Name:	00000009.00000000.732196802.00007FF57EF72000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EF72000
Size:	16384

Details

Name:	00000010.00000000.832583608.0000000003932000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3932000
Size:	24576

Details

Name:	00000010.00000000.815952391.00000000077AE000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	77AE000
Size:	81920

Details

Name:	0000000B.00000002.793195169.0000017913BC0000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17913BC0000
Size:	8192

Details

Name:	00000009.00000002.761695798.0000004D5F07E000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4D5F07E000
Size:	8192

Details

Name:	00000010.00000000.803580554.0000000002D3E000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2D3E000
Size:	8192

Details

Name:	00000010.00000000.837634757.0000000005107000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	5107000
Size:	36864

Details

Name:	0000000A.00000002.745893677.000001D2E41C0000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1D2E41C0000
Size:	16384

Details

Name:	00000009.00000002.762249839.000001C24D4ED000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24D4ED000
Size:	36864

Details

Name:	00000004.00000002.666314398.0000007EE0C7E000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7EE0C7E000
Size:	8192

Details

Name:	0000000B.00000002.795781138.00007FF5DFFE1000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5DFFE1000
Size:	4096

Details

Name:	00000010.00000000.817477778.000000000A7F1000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	A7F1000
Size:	20480

Details

Name:	00000010.00000000.809656302.0000000004230000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4230000
Size:	57344

Details

Name:	0000000A.00000002.746046811.00007FF572378000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF572378000
Size:	24576

Details

Name:	00000010.00000000.834706459.0000000003EC7000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3EC7000
Size:	40960

Details

Name:	00000001.00000003.792731182.0000000000600000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	600000
Size:	49152

Details

Name:	0000000E.00000002.847509382.0000000000BF0000.00000004.00000001.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	BF0000
Size:	4096

Details

Name:	0000000F.00000002.802909565.00007FF5BB33C000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BB33C000
Size:	4096

Details

Name:	0000000E.00000003.797386065.0000000000BF1000.00000004.00000001.sdmp
TargetID:	14
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	BF1000
Size:	65536

Details

Name:	00000010.00000000.837159613.0000000004A5B000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4A5B000
Size:	20480

Details

Name:	00000001.00000003.692741521.0000000004B70000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4B70000
Size:	65536

Details

Name:	00000004.00000002.667145305.00007FF5B3657000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B3657000
Size:	8192

Details

Name:	0000000A.00000002.745681836.000001D2E3FEE000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1D2E3FEE000
Size:	65536

Details

Name:	00000002.00000002.644910083.00007FF589DCF000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589DCF000
Size:	16384

Details

Name:	00000002.00000002.644090795.000001FC46150000.00000004.00000040.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	1FC46150000
Size:	4096

Details

Name:	00000010.00000000.835003195.0000000003F59000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3F59000
Size:	24576

Details

Name:	0000000B.00000003.786157659.0000017916610000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17916610000
Size:	331776

Details

Name:	0000000E.00000003.839176221.00000000009C4000.00000004.00000001.sdmp
TargetID:	14
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	9C4000
Size:	4096

Details

Name:	00000002.00000002.644779209.00007FF589B5B000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589B5B000
Size:	12288

Details

Name:	00000009.00000003.735645169.000001C24DAD0000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DAD0000
Size:	4096

Details

Name:	00000010.00000000.810981016.0000000004590000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4590000
Size:	4096

Details

Name:	0000000B.00000003.778840278.0000017913C68000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17913C68000
Size:	4096

Details

Name:	00000010.00000000.825255087.0000000000A10000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	A10000
Size:	8192

Details

Name:	00000009.00000002.761767701.000001C24D2B0000.00000004.00000020.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	1C24D2B0000
Size:	12288

Details

Name:	00000011.00000002.909820236.0000000000DC7000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	DC7000
Size:	8192

Details

Name:	00000010.00000000.831345021.00000000031F0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	31F0000
Size:	3805184

Details

Name:	00000010.00000000.823143141.00007FF5964D7000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5964D7000
Size:	8192

Details

Name:	0000000F.00000002.800212869.0000009EA2BF9000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	9EA2BF9000
Size:	28672

Details

Name:	00000009.00000003.742436486.000001C24DD59000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD59000
Size:	49152

Details

Name:	00000010.00000000.809555221.0000000004210000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4210000
Size:	114688

Details

Name:	00000009.00000002.762069470.000001C24D470000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24D470000
Size:	69632

Details

Name:	0000000B.00000002.792870126.00000047E6E7A000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	47E6E7A000
Size:	24576

Details

Name:	0000000E.00000002.847437524.0000000000ADE000.00000004.00000001.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	ADE000
Size:	8192

Details

Name:	00000001.00000003.692871716.0000000004A00000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4A00000
Size:	65536

Details

Name:	00000007.00000002.719891419.000000E496AFE000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	E496AFE000
Size:	8192

Details

Name:	00000006.00000002.706322816.00007FF530B5C000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF530B5C000
Size:	8192

Details

Name:	00000001.00000003.796224896.00000000009C1000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	9C1000
Size:	167936

Details

Name:	00000001.00000003.691846776.0000000004B80000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4B80000
Size:	65536

Details

Name:	00000010.00000000.835478661.00000000040A0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	40A0000
Size:	4096

Details

Name:	00000004.00000002.666560858.000001E73FE60000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1E73FE60000
Size:	1269760

Details

Name:	00000003.00000002.647359851.000001BD528A0000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1BD528A0000
Size:	3371008

Details

Name:	00000010.00000000.811602369.0000000004CEC000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4CEC000
Size:	16384

Details

Name:	00000009.00000003.737032887.000001C24DD42000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD42000
Size:	4096

Details

Name:	00000004.00000002.667158549.00007FF5B37C1000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B37C1000
Size:	4096

Details

Name:	0000000B.00000002.794716893.0000017915C50000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17915C50000
Size:	8192

Details

Name:	00000004.00000002.667195876.00007FF5B384C000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B384C000
Size:	8192

Details

Name:	0000000A.00000003.745387450.000001D2E3FEE000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1D2E3FEE000
Size:	65536

Details

Name:	0000000E.00000002.847088087.000000000067C000.00000004.00000001.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	67C000
Size:	8192

Details

Name:	00000010.00000000.808355572.0000000003F60000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3F60000
Size:	200704

Details

Name:	00000010.00000000.823839450.00007FF5966A2000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5966A2000
Size:	12288

Details

Name:	00000010.00000000.801094202.0000000000A90000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	A90000
Size:	8192

Details

Name:	00000003.00000002.646789408.00000036882FE000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	36882FE000
Size:	8192

Details

Name:	0000000F.00000002.801385125.000002197D213000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2197D213000
Size:	86016

Details

Name:	00000010.00000000.836948897.0000000004840000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4840000
Size:	4096

Details

Name:	00000010.00000000.819194484.000000000D067000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	D067000
Size:	8192

Details

Name:	00000010.00000000.824655611.00007FFAA5B2E000.00000004.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page read and write
Base address:	7FFAA5B2E000
Size:	4096

Details

Name:	00000009.00000002.763940949.00007FF57EC80000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EC80000
Size:	8192

Details

Name:	00000007.00000002.719911753.000000E496F7F000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	E496F7F000
Size:	4096

Details

Name:	00000001.00000002.798118727.00000000006B7000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	6B7000
Size:	4096

Details

Name:	00000001.00000003.692769092.0000000004B50000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4B50000
Size:	65536

Details

Name:	00000010.00000000.827257233.0000000000CE0000.00000004.00000040.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	heap private
Protect:	page read and write
Base address:	CE0000
Size:	16384

Details

Name:	00000007.00000002.720016824.000002083A3B0000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2083A3B0000
Size:	16384

Details

Name:	00000010.00000000.823451863.00007FF5965AB000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5965AB000
Size:	12288

Details

Name:	00000009.00000003.742191930.000001C24DD76000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD76000
Size:	24576

Details

Name:	00000002.00000002.644843462.00007FF589D42000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589D42000
Size:	24576

Details

Name:	00000009.00000003.739926902.000001C24DD59000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD59000
Size:	4096

Details

Name:	0000000B.00000002.795456310.00007FF5DFAA1000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5DFAA1000
Size:	8192

Details

Name:	00000010.00000000.813941956.000000000679F000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	679F000
Size:	475136

Details

Name:	00000011.00000002.910551529.000000000335E000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	335E000
Size:	8192

Details

Name:	00000010.00000000.818118658.000000000B1E9000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	B1E9000
Size:	28672

Details

Name:	0000000B.00000002.796188415.00007FF5E01CF000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E01CF000
Size:	16384

Details

Name:	00000003.00000002.648060083.00007FF56554A000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF56554A000
Size:	8192

Details

Name:	00000001.00000003.691989233.00000000049C0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	49C0000
Size:	57344

Details

Name:	00000004.00000002.667176425.00007FF5B382D000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B382D000
Size:	20480

Details

Name:	00000010.00000000.818207312.000000000B7EA000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	B7EA000
Size:	24576

Details

Name:	00000010.00000000.809721034.0000000004246000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4246000
Size:	8192

Details

Name:	00000011.00000002.909959251.0000000001090000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1090000
Size:	8192

Details

Name:	00000010.00000000.819207038.000000000D072000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	D072000
Size:	405504

Details

Name:	0000000B.00000002.794282116.0000017915B83000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17915B83000
Size:	65536

Details

Name:	00000010.00000000.830529456.0000000002AF0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2AF0000
Size:	8192

Details

Name:	00000011.00000002.909899142.0000000000F00000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	F00000
Size:	4096

Details

Name:	00000010.00000000.808751654.0000000004130000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4130000
Size:	319488

Details

Name:	00000010.00000000.823617357.00007FF59661A000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59661A000
Size:	8192

Details

Name:	00000010.00000000.821239493.00007FF595EB9000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF595EB9000
Size:	4096

Details

Name:	0000000B.00000002.792829137.00000047E694B000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	47E694B000
Size:	20480

Details

Name:	00000010.00000000.808627869.000000000407B000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	407B000
Size:	24576

Details

Name:	0000000B.00000002.795938278.00007FF5E0132000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E0132000
Size:	8192

Details

Name:	00000010.00000000.810413575.0000000004330000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4330000
Size:	110592

Details

Name:	00000010.00000000.813448780.0000000005B30000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	5B30000
Size:	61440

Details

Name:	00000009.00000002.765415465.00007FF57EEAC000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EEAC000
Size:	4096

Details

Name:	00000009.00000003.751591663.000001C24DD69000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD69000
Size:	4096

Details

Name:	00000001.00000002.802692407.00000000048D0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	48D0000
Size:	278528

Details

Name:	00000010.00000000.818192636.000000000B769000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	B769000
Size:	28672

Details

Name:	00000003.00000002.647927118.00007FF564DB1000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF564DB1000
Size:	4096

Details

Name:	00000009.00000003.739719252.000001C24DD70000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD70000
Size:	86016

Details

Name:	0000000F.00000002.801075568.000002197D110000.00000008.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page write copy
Base address:	2197D110000
Size:	266240

Details

Name:	00000001.00000003.693389934.0000000004B50000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4B50000
Size:	65536

Details

Name:	00000010.00000000.830380769.00000000028F0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	28F0000
Size:	8192

Details

Name:	00000007.00000002.719899925.000000E496D7B000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	E496D7B000
Size:	20480

Details

Name:	00000010.00000000.831725267.00000000035A4000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	35A4000
Size:	4096

Details

Name:	00000009.00000002.765286517.00007FF57EE6A000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EE6A000
Size:	4096

Details

Name:	00000004.00000002.667252389.00007FF5B38F7000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B38F7000
Size:	49152

Details

Name:	00000001.00000003.691879377.0000000004B72000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4B72000
Size:	57344

Details

Name:	00000010.00000000.811866832.0000000004FF0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4FF0000
Size:	8192

Details

Name:	00000007.00000002.719923343.000002083A2D0000.00000004.00000020.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	2083A2D0000
Size:	8192

Details

Name:	0000000A.00000002.746093286.00007FF5723B9000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5723B9000
Size:	12288

Details

Name:	0000000B.00000002.796345717.00007FF5E0208000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E0208000
Size:	12288

Details

Name:	00000010.00000000.822155912.00007FF59616D000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59616D000
Size:	53248

Details

Name:	00000009.00000003.738417120.000001C24DDD7000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DDD7000
Size:	147456

Details

Name:	00000010.00000000.813826363.00000000066DB000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	66DB000
Size:	675840

Details

Name:	00000009.00000003.748436068.000001C24DD60000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD60000
Size:	73728

Details

Name:	00000011.00000002.910379669.000000000301C000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	301C000
Size:	8192

Details

Name:	00000009.00000003.749536538.000001C24DD22000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD22000
Size:	16384

Details

Name:	00000011.00000002.909995801.00000000010D0000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	10D0000
Size:	806912

Details

Name:	00000001.00000003.692975891.00000000049D3000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	49D3000
Size:	4096

Details

Name:	00000009.00000003.746022493.000001C24E254000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24E254000
Size:	335872

Details

Name:	00000010.00000000.825697500.0000000000B64000.00000004.00000020.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	heap default
Protect:	page read and write
Base address:	B64000
Size:	57344

Details

Name:	00000010.00000000.815541986.0000000007684000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7684000
Size:	53248

Details

Name:	00000010.00000000.821660235.00007FF595F9B000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF595F9B000
Size:	20480

Details

Name:	00000001.00000003.796462994.00000000006C4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	6C4000
Size:	8192

Details

Name:	00000004.00000002.666318747.0000007EE0D77000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7EE0D77000
Size:	36864

Details

Name:	0000000E.00000003.845758432.0000000001250000.00000004.00000001.sdmp
TargetID:	14
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1250000
Size:	126976

Details

Name:	00000007.00000002.721131623.00007FF528D94000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF528D94000
Size:	20480

Details

Name:	00000010.00000000.800982453.0000000000A50000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	A50000
Size:	65536

Details

Name:	00000010.00000000.834799410.0000000003F02000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3F02000
Size:	73728

Details

Name:	00000001.00000000.641839969.0000000000050000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	50000
Size:	4096

Details

Name:	00000001.00000003.693031298.00000000049C0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	49C0000
Size:	65536

Details

Name:	00000010.00000000.822841476.00007FF59639F000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59639F000
Size:	24576

Details

Name:	00000010.00000000.824664785.00007FFAA5B30000.00000004.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page read and write
Base address:	7FFAA5B30000
Size:	4096

Details

Name:	00000006.00000002.705061369.000000E3886EC000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	E3886EC000
Size:	16384

Details

Name:	00000011.00000000.840137582.0000000001366000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	1366000
Size:	8192

Details

Name:	00000011.00000002.909837020.0000000000DCB000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	DCB000
Size:	4096

Details

Name:	00000009.00000002.762937718.000001C24E200000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24E200000
Size:	8192

Details

Name:	0000000A.00000002.746098397.00007FF5723BD000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5723BD000
Size:	16384

Details

Name:	00000004.00000002.667285946.00007FF5B3924000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B3924000
Size:	4096

Details

Name:	00000002.00000002.644169103.000001FC46300000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1FC46300000
Size:	4096

Details

Name:	00000009.00000003.742285245.000001C24E202000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24E202000
Size:	147456

Details

Name:	00000010.00000000.834990298.0000000003F57000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3F57000
Size:	4096

Details

Name:	00000010.00000000.834945368.0000000003F32000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3F32000
Size:	73728

Details

Name:	0000000E.00000003.796484019.0000000000AF4000.00000004.00000001.sdmp
TargetID:	14
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AF4000
Size:	28672

Details

Name:	00000009.00000002.762417057.000001C24DD15000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD15000
Size:	32768

Details

Name:	00000009.00000003.739891953.000001C24DD45000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD45000
Size:	16384

Details

Name:	00000010.00000000.835965003.0000000004249000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4249000
Size:	12288

Details

Name:	00000010.00000000.822556935.00007FF5962D5000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5962D5000
Size:	16384

Details

Name:	00000010.00000000.821852459.00007FF5960FC000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5960FC000
Size:	20480

Details

Name:	0000000E.00000003.839124810.00000000009C4000.00000004.00000001.sdmp
TargetID:	14
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	9C4000
Size:	4096

Details

Name:	0000000B.00000002.796468146.00007FF5E028A000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E028A000
Size:	12288

Details

Name:	00000010.00000000.835440439.0000000004094000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4094000
Size:	4096

Details

Name:	00000010.00000000.832297617.00000000038C5000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	38C5000
Size:	49152

Details

Name:	00000010.00000000.822722575.00007FF596372000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596372000
Size:	4096

Details

Name:	00000010.00000000.808635194.0000000004082000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4082000
Size:	69632

Details

Name:	00000010.00000000.830888120.0000000002C5A000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2C5A000
Size:	69632

Details

Name:	00000009.00000002.763183389.00007FF57E95E000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57E95E000
Size:	12288

Details

Name:	00000011.00000002.909975918.00000000010B0000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	10B0000
Size:	20480

Details

Name:	00000009.00000002.761722112.0000004D5F279000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4D5F279000
Size:	28672

Details

Name:	0000000E.00000002.847152724.00000000009C0000.00000004.00000020.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	9C0000
Size:	16384

Details

Name:	00000010.00000000.816394809.00000000078F0000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	78F0000
Size:	24576

Details

Name:	0000000F.00000002.800263945.0000009EA2C7C000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	9EA2C7C000
Size:	16384

Details

Name:	00000001.00000002.798342449.00000000007C0000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	7C0000
Size:	36864

Details

Name:	00000010.00000000.836654921.0000000004710000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4710000
Size:	524288

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000009.00000003.742360429.000001C24DD5A000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD5A000
Size:	45056

Details

Name:	00000007.00000002.720146470.000002083A513000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2083A513000
Size:	8192

Details

Name:	00000001.00000002.798328843.00000000007BE000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7BE000
Size:	8192

Details

Name:	00000001.00000003.693669372.00000000049B0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	49B0000
Size:	65536

Details

Name:	00000004.00000002.666533256.000001E73F88E000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1E73F88E000
Size:	8192

Details

Name:	00000004.00000002.666281509.0000007EE06EB000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7EE06EB000
Size:	20480

Details

Name:	00000006.00000000.690359173.00007FF530C62000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF530C62000
Size:	16384

Details

Name:	00000010.00000000.822113560.00007FF59615A000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59615A000
Size:	28672

Details

Name:	00000001.00000003.691746244.0000000004C01000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4C01000
Size:	61440

Details

Name:	00000010.00000000.811472278.0000000004B6C000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4B6C000
Size:	16384

Details

Name:	00000006.00000002.706619725.00007FF530BBA000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF530BBA000
Size:	20480

Details

Name:	00000010.00000000.838407158.00000000057D0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	57D0000
Size:	925696

Details

Name:	0000000B.00000002.794641224.0000017915C30000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17915C30000
Size:	8192

Details

Name:	00000010.00000000.830394423.0000000002910000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2910000
Size:	4096

Details

Name:	00000003.00000002.646780708.000000368827B000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	368827B000
Size:	20480

Details

Name:	00000010.00000000.811541568.0000000004BF0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4BF0000
Size:	4096

Details

Name:	0000000B.00000002.794507157.0000017915BE4000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17915BE4000
Size:	4096

Details

Name:	00000002.00000002.644950237.00007FF589E08000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589E08000
Size:	12288

Details

Name:	0000000F.00000002.800103882.0000009EA276E000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	9EA276E000
Size:	8192

Details

Name:	00000004.00000002.667276679.00007FF5B3917000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B3917000
Size:	28672

Details

Name:	00000010.00000000.836864055.000000000480D000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	480D000
Size:	8192

Details

Name:	00000010.00000000.823411159.00007FF5965A1000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5965A1000
Size:	8192

Details

Name:	00000010.00000000.830797746.0000000002BF6000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2BF6000
Size:	28672

Details

Name:	00000010.00000000.823682904.00007FF596637000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596637000
Size:	49152

Details

Name:	00000002.00000002.644157671.000001FC46258000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1FC46258000
Size:	81920

Details

Name:	0000000B.00000003.786348516.0000017916010000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17916010000
Size:	544768

Details

Name:	00000010.00000000.808294491.0000000003F15000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3F15000
Size:	8192

Details

Name:	0000000E.00000000.795182768.00000000004E0000.00000002.00020000.sdmp
TargetID:	14
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	4E0000
Size:	4096

Details

Name:	00000006.00000002.705368649.000002E190800000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2E190800000
Size:	4096

Details

Name:	00000011.00000003.848043550.0000000004D11000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D11000
Size:	65536

Details

Name:	00000002.00000002.644835770.00007FF589CA8000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589CA8000
Size:	4096

Details

Name:	00000010.00000000.806682171.00000000035AB000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	35AB000
Size:	24576

Details

Name:	0000000B.00000003.792260941.0000017915F83000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17915F83000
Size:	229376

Details

Name:	00000006.00000002.705344366.000002E190702000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2E190702000
Size:	16384

Details

Name:	00000009.00000003.742227429.000001C24DDA6000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DDA6000
Size:	147456

Details

Name:	0000000B.00000002.795718454.00007FF5DFFC1000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5DFFC1000
Size:	12288

Details

Name:	00000010.00000000.817532440.000000000A81D000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	A81D000
Size:	12288

Details

Name:	00000010.00000000.811293892.0000000004880000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4880000
Size:	4096

Details

Name:	00000010.00000000.820830238.000000000FD28000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	FD28000
Size:	4096

Details

Name:	00000009.00000002.763501185.00007FF57EA95000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EA95000
Size:	4096

Details

Name:	00000009.00000002.765364773.00007FF57EE7E000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EE7E000
Size:	4096

Details

Name:	00000010.00000000.811258571.0000000004830000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4830000
Size:	4096

Details

Name:	00000011.00000002.909967381.00000000010A0000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	10A0000
Size:	16384

Details

Name:	00000001.00000003.792634387.00000000009E0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	9E0000
Size:	57344

Details

Name:	00000010.00000000.837359731.0000000004D10000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4D10000
Size:	8192

Details

Name:	0000000B.00000003.791271811.0000017913D20000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17913D20000
Size:	65536

Details

Name:	00000009.00000003.739876005.000001C24DD34000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD34000
Size:	65536

Details

Name:	00000010.00000000.823045218.00007FF5964AB000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5964AB000
Size:	8192

Details

Name:	00000010.00000000.825432147.0000000000AD0000.00000004.00000020.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	heap default
Protect:	page read and write
Base address:	AD0000
Size:	28672

Details

Name:	00000001.00000003.693428777.0000000004B30000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4B30000
Size:	65536

Details

Name:	00000009.00000002.764082922.00007FF57ECB6000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57ECB6000
Size:	4096

Details

Name:	00000009.00000002.762013322.000001C24D43C000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24D43C000
Size:	61440

Details

Name:	00000010.00000000.821886479.00007FF596107000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596107000
Size:	20480

Details

Name:	00000010.00000000.811548247.0000000004C10000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4C10000
Size:	204800

Details

Name:	00000009.00000003.743928026.000001C24DD66000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD66000
Size:	8192

Details

Name:	00000010.00000000.811032763.00000000046E0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	46E0000
Size:	8192

Details

Name:	00000001.00000003.691661757.0000000004C80000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4C80000
Size:	65536

Details

Name:	00000009.00000002.762449049.000001C24DD51000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD51000
Size:	49152

Details

Name:	00000010.00000000.817370247.000000000A7B0000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	A7B0000
Size:	4096

Details

Name:	0000000B.00000003.785827135.0000017916110000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17916110000
Size:	589824

Details

Name:	00000010.00000000.811313033.00000000048A0000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	48A0000
Size:	4096

Details

Name:	00000003.00000002.648196652.00007FF5655C6000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5655C6000
Size:	8192

Details

Name:	00000010.00000000.821400868.00007FF595F2E000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF595F2E000
Size:	4096

Details

Name:	00000010.00000000.827645913.0000000002570000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2570000
Size:	3371008

Details

Name:	00000010.00000000.810630880.0000000004372000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4372000
Size:	86016

Details

Name:	00000010.00000000.803823216.0000000002F80000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2F80000
Size:	40960

Details

Name:	00000009.00000002.762273582.000001C24D502000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24D502000
Size:	16384

Details

Name:	00000001.00000002.802828882.0000000004970000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	4970000
Size:	65536

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	00000001.00000003.692937690.00000000049FB000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	49FB000
Size:	20480

Details

Name:	00000010.00000000.836509082.0000000004570000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4570000
Size:	16384

Details

Name:	00000010.00000000.819323428.000000000D8DB000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	D8DB000
Size:	20480

Details

Name:	00000010.00000000.817428539.000000000A7DB000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	A7DB000
Size:	12288

Details

Name:	00000010.00000000.810905913.0000000004498000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4498000
Size:	32768

Details

Name:	00000004.00000002.667329755.00007FF5B3959000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B3959000
Size:	12288

Details

Name:	00000010.00000000.807035318.0000000003822000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3822000
Size:	86016

Details

Name:	00000009.00000003.739918100.000001C24DD45000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD45000
Size:	16384

Details

Name:	00000001.00000003.692952002.00000000049E0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	49E0000
Size:	65536

Details

Name:	00000001.00000003.794043986.0000000000858000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	858000
Size:	122880

Details

Name:	00000010.00000000.816839996.00000000085EA000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	85EA000
Size:	24576

Details

Name:	00000009.00000002.764257887.00007FF57ED7B000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57ED7B000
Size:	8192

Details

Name:	0000000E.00000002.848813821.0000000001480000.00000002.00000001.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1480000
Size:	32768

Details

Name:	00000006.00000002.705091178.000000E388E7F000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	E388E7F000
Size:	4096

Details

Name:	00000009.00000002.763747332.00007FF57EC3B000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EC3B000
Size:	12288

Details

Name:	00000004.00000002.666288059.0000007EE076D000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7EE076D000
Size:	12288

Details

Name:	0000000F.00000002.803055595.00007FF5BB3FA000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BB3FA000
Size:	12288

Details

Name:	0000000E.00000003.796440770.0000000000AFF000.00000004.00000001.sdmp
TargetID:	14
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AFF000
Size:	45056

Details

Name:	00000010.00000000.817402472.000000000A7C9000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	A7C9000
Size:	69632

Details

Name:	00000001.00000003.692751298.0000000004B60000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4B60000
Size:	65536

Details

Name:	00000001.00000003.693270616.0000000004980000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4980000
Size:	45056

Details

Name:	00000010.00000000.811406792.00000000049D0000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	49D0000
Size:	4096

Details

Name:	00000010.00000000.835393383.000000000407B000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	407B000
Size:	24576

Details

Name:	00000002.00000002.644030923.000000D58D78B000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	D58D78B000
Size:	20480

Details

Name:	00000011.00000002.909860050.0000000000E7B000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	E7B000
Size:	20480

Details

Name:	00000007.00000002.719929733.000002083A2E0000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2083A2E0000
Size:	806912

Details

Name:	00000010.00000000.818029973.000000000AD6B000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	AD6B000
Size:	20480

Details

Name:	00000010.00000000.809778518.000000000424D000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	424D000
Size:	73728

Details

Name:	00000010.00000000.811422410.0000000004A5B000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4A5B000
Size:	20480

Details

Name:	0000000A.00000000.733926217.00007FF572432000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF572432000
Size:	16384

Details

Name:	00000010.00000000.836005910.0000000004260000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4260000
Size:	180224

Details

Name:	00000001.00000002.797967137.0000000000610000.00000004.00000040.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	610000
Size:	12288

Details

Name:	00000011.00000002.910492957.00000000030B1000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	30B1000
Size:	12288

Details

Name:	00000010.00000000.813518607.0000000005CB0000.00000004.00000040.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	heap private
Protect:	page read and write
Base address:	5CB0000
Size:	4096

Details

Name:	0000000F.00000002.803065341.00007FF5BB401000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BB401000
Size:	20480

Details

Name:	00000010.00000000.801033166.0000000000A70000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	A70000
Size:	8192

Details

Name:	00000010.00000000.822213844.00007FF5961B9000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5961B9000
Size:	20480

Details

Name:	00000010.00000000.831895659.0000000003777000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3777000
Size:	40960

Details

Name:	00000010.00000000.822914187.00007FF5963FF000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5963FF000
Size:	4096

Details

Name:	00000001.00000002.798739580.0000000000BBE000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	BBE000
Size:	8192

Details

Name:	00000002.00000002.644783715.00007FF589B66000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589B66000
Size:	4096

Details

Name:	0000000A.00000002.746084769.00007FF5723AE000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5723AE000
Size:	16384

Details

Name:	00000009.00000002.765423356.00007FF57EEAF000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EEAF000
Size:	16384

Details

Name:	00000009.00000002.761669615.0000004D5EF77000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4D5EF77000
Size:	36864

Details

Name:	00000007.00000002.720053017.000002083A413000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2083A413000
Size:	86016

Details

Name:	00000010.00000000.803500667.0000000002CA2000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2CA2000
Size:	16384

Details

Name:	00000010.00000000.821205641.00007FF595E97000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF595E97000
Size:	8192

Details

Name:	00000010.00000000.803530741.0000000002CA7000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2CA7000
Size:	16384

Details

Name:	00000010.00000000.831286376.00000000030B0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	30B0000
Size:	204800

Details

Name:	0000000E.00000003.797802290.00000000009C4000.00000004.00000001.sdmp
TargetID:	14
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	9C4000
Size:	4096

Details

Name:	00000002.00000002.644076109.000000D58DC7A000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	D58DC7A000
Size:	24576

Details

Name:	00000010.00000000.820753486.000000000F15A000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	F15A000
Size:	24576

Details

Name:	00000010.00000000.816806062.000000000856B000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	856B000
Size:	20480

Details

Name:	00000010.00000000.822652805.00007FF596311000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596311000
Size:	16384

Details

Name:	0000000B.00000003.778492736.0000017913C6C000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17913C6C000
Size:	24576

Details

Name:	0000000B.00000002.793050138.0000017913A60000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	17913A60000
Size:	806912

Details

Name:	00000007.00000000.708011346.00007FF528DA2000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF528DA2000
Size:	16384

Details

Name:	00000010.00000000.823133096.00007FF5964CF000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5964CF000
Size:	4096

Details

Name:	00000003.00000003.646447620.000001BD50E6B000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BD50E6B000
Size:	32768

Details

Name:	00000006.00000002.705071713.000000E3887EE000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	E3887EE000
Size:	8192

Details

Name:	00000009.00000003.735700630.000001C24D4EA000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24D4EA000
Size:	4096

Details

Name:	00000007.00000002.721051752.00007FF528CFA000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF528CFA000
Size:	20480

Details

Name:	00000010.00000000.811840491.0000000004FC0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4FC0000
Size:	8192

Details

Name:	00000010.00000000.816201769.000000000787C000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	787C000
Size:	163840

Details

Name:	00000010.00000000.837025428.00000000048A0000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	48A0000
Size:	4096

Details

Name:	00000010.00000000.824697066.00007FFAA5B4A000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFAA5B4A000
Size:	278528

Details

Name:	00000010.00000000.822301665.00007FF5961E0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5961E0000
Size:	20480

Details

Name:	00000001.00000002.798308396.000000000077E000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	77E000
Size:	8192

Details

Name:	00000010.00000000.807233895.0000000003925000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3925000
Size:	49152

Details

Name:	00000009.00000002.762034886.000001C24D44F000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24D44F000
Size:	24576

Details

Name:	00000001.00000002.799635250.00000000033F1000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	33F1000
Size:	458752

Details

Name:	00000009.00000003.745847536.000001C24DD6D000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD6D000
Size:	4096

Details

Name:	00000010.00000000.836538779.0000000004590000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4590000
Size:	4096

Details

Name:	00000010.00000000.807551349.0000000003B2C000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3B2C000
Size:	1474560

Details

Name:	00000010.00000000.808418335.0000000003FB2000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3FB2000
Size:	4096

Details

Name:	00000010.00000000.817517326.000000000A814000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	A814000
Size:	20480

Details

Name:	00000002.00000002.644968956.00007FF589E19000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589E19000
Size:	12288

Details

Name:	0000000B.00000002.795992374.00007FF5E016B000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E016B000
Size:	8192

Details

Name:	00000010.00000000.815982531.00000000077C3000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	77C3000
Size:	163840

Details

Name:	00000003.00000002.647980477.00007FF56530B000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF56530B000
Size:	12288

Details

Name:	00000010.00000000.823826826.00007FF596699000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596699000
Size:	32768

Details

Name:	00000010.00000000.834972876.0000000003F45000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3F45000
Size:	8192

Details

Name:	00000001.00000003.691960037.00000000049F0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	49F0000
Size:	65536

Details

Name:	00000009.00000002.762264761.000001C24D4F7000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24D4F7000
Size:	40960

Details

Name:	0000000B.00000003.791709246.0000017913D60000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17913D60000
Size:	4096

Details

Name:	00000010.00000000.835067429.0000000003F92000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3F92000
Size:	4096

Details

Name:	0000000A.00000002.745877005.000001D2E4190000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1D2E4190000
Size:	8192

Details

Name:	00000007.00000002.720087210.000002083A43C000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2083A43C000
Size:	53248

Details

Name:	0000000A.00000002.746058761.00007FF57238A000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57238A000
Size:	20480

Details

Name:	00000001.00000003.796425382.00000000006C4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000009.00000003.739695501.000001C24DD1D000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD1D000
Size:	45056

Details

Name:	00000010.00000000.811860971.0000000004FE0000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4FE0000
Size:	4096

Details

Name:	00000010.00000000.835501777.00000000040B4000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	40B4000
Size:	4096

Details

Name:	0000000F.00000002.802686243.00007FF5BAFCC000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BAFCC000
Size:	8192

Details

Name:	00000010.00000000.834480265.0000000003CDB000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3CDB000
Size:	1859584

Details

Name:	00000010.00000000.837584778.0000000004FE0000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4FE0000
Size:	4096

Details

Name:	00000010.00000000.823290370.00007FF596535000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596535000
Size:	8192

Details

Name:	00000010.00000000.831753844.00000000035C4000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	35C4000
Size:	4096

Details

Name:	00000010.00000000.836972717.0000000004863000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4863000
Size:	12288

Details

Name:	00000007.00000002.721023363.00007FF528CDF000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF528CDF000
Size:	16384

Details

Name:	00000010.00000000.818008568.000000000AC6E000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	AC6E000
Size:	8192

Details

Name:	00000011.00000000.846273330.0000000001366000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	1366000
Size:	8192

Details

Name:	00000010.00000000.831331846.00000000031D0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	31D0000
Size:	12288

Details

Name:	00000010.00000000.834690997.0000000003EB5000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3EB5000
Size:	8192

Details

Name:	00000010.00000000.803543726.0000000002CAC000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2CAC000
Size:	32768

Details

Name:	00000001.00000003.642384656.0000000000720000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	720000
Size:	65536

Details

Name:	00000010.00000000.819117055.000000000CEA8000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	CEA8000
Size:	8192

Details

Name:	00000010.00000000.818109189.000000000B06B000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	B06B000
Size:	20480

Details

Name:	00000010.00000000.823632447.00007FF59661E000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59661E000
Size:	4096

Details

Name:	00000009.00000003.748099216.000001C24DD5E000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD5E000
Size:	57344

Details

Name:	00000010.00000000.811005425.00000000046AA000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	46AA000
Size:	24576

Details

Name:	0000000F.00000002.801568284.000002197D23F000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2197D23F000
Size:	61440

Details

Name:	00000010.00000000.833597429.0000000003AA9000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3AA9000
Size:	20480

Details

Name:	00000001.00000002.797533647.00000000002FF000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2FF000
Size:	4096

Details

Name:	00000010.00000000.810212241.00000000042DD000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	42DD000
Size:	4096

Details

Name:	0000000A.00000002.746116348.00007FF572431000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF572431000
Size:	20480

Details

Name:	00000010.00000000.811388487.00000000049A0000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	49A0000
Size:	4096

Details

Name:	00000010.00000000.836960514.0000000004853000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4853000
Size:	12288

Details

Name:	00000009.00000002.763166480.00007FF57E7D3000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57E7D3000
Size:	8192

Details

Name:	00000010.00000000.837068648.0000000004967000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4967000
Size:	36864

Details

Name:	00000010.00000000.802449559.000000000255B000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	255B000
Size:	4096

Details

Name:	0000000B.00000002.796422692.00007FF5E0219000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E0219000
Size:	32768

Details

Name:	00000010.00000000.802399520.00000000024C0000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	24C0000
Size:	4096

Details

Name:	00000011.00000003.848306773.00000000010C4000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	10C4000
Size:	4096

Details

Name:	00000009.00000002.762128626.000001C24D4A7000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24D4A7000
Size:	36864

Details

Name:	00000001.00000002.797490254.00000000001E0000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1E0000
Size:	16384

Details

Name:	00000007.00000002.720029963.000002083A3D0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2083A3D0000
Size:	4096

Details

Name:	00000007.00000003.719304988.000002083A44B000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2083A44B000
Size:	4096

Details

Name:	00000010.00000000.836357812.00000000043C7000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	43C7000
Size:	4096

Details

Name:	00000010.00000000.817441330.000000000A7DF000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	A7DF000
Size:	8192

Details

Name:	00000009.00000003.739738889.000001C24DD6F000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD6F000
Size:	4096

Details

Name:	00000011.00000002.910573692.000000000341E000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	341E000
Size:	8192

Details

Name:	00000010.00000000.830759570.0000000002BE0000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2BE0000
Size:	86016

Details

Name:	0000000B.00000003.785772611.0000017915F43000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17915F43000
Size:	139264

Details

Name:	00000007.00000002.720285049.000002083AE00000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2083AE00000
Size:	3371008

Details

Name:	0000000B.00000003.788883599.0000017915BFE000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17915BFE000
Size:	8192

Details

Name:	0000000A.00000002.745977210.00007FF571C97000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF571C97000
Size:	4096

Details

Name:	00000007.00000002.721067197.00007FF528D0F000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF528D0F000
Size:	8192

Details

Name:	00000007.00000003.719266120.000002083A450000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2083A450000
Size:	126976

Details

Name:	00000010.00000000.822586842.00007FF5962EF000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5962EF000
Size:	8192

Details

Name:	00000009.00000003.740949751.000001C24DD63000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD63000
Size:	4096

Details

Name:	00000004.00000002.667210799.00007FF5B38CC000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B38CC000
Size:	8192

Details

Name:	00000009.00000003.751581472.000001C24DD60000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD60000
Size:	28672

Details

Name:	0000000E.00000001.796233640.00000000004E0000.00000002.00020000.sdmp
TargetID:	14
Dumpstage:	image loaded
Regiontype:	unkown image
Protect:	page readonly
Base address:	4E0000
Size:	4096

Details

Name:	00000001.00000003.693096422.0000000004990000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4990000
Size:	65536

Details

Name:	00000010.00000000.808689346.00000000040C0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	40C0000
Size:	454656

Details

Name:	00000009.00000003.748128508.000001C24DD69000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD69000
Size:	12288

Details

Name:	00000010.00000000.822986591.00007FF596471000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596471000
Size:	12288

Details

Name:	0000000E.00000003.797421751.00000000009C4000.00000004.00000001.sdmp
TargetID:	14
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	9C4000
Size:	4096

Details

Name:	00000010.00000000.807343913.0000000003985000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3985000
Size:	1191936

Details

Name:	00000001.00000003.692692747.0000000004B90000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4B90000
Size:	65536

Details

Name:	00000011.00000002.911048808.00000000052EF000.00000040.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	52EF000
Size:	479232

Details

Name:	00000010.00000000.815220479.00000000075C8000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	75C8000
Size:	86016

Details

Name:	00000010.00000000.821331741.00007FF595F1C000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF595F1C000
Size:	8192

Details

Name:	00000007.00000003.719298711.000002083A44C000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2083A44C000
Size:	8192

Details

Name:	00000010.00000000.823477929.00007FF5965B6000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5965B6000
Size:	12288

Details

Name:	00000009.00000003.747369372.000001C24DD9C000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD9C000
Size:	73728

Details

Name:	00000010.00000000.822275679.00007FF5961DA000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5961DA000
Size:	8192

Details

Name:	00000004.00000002.667140740.00007FF5B34B5000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B34B5000
Size:	4096

Details

Name:	00000009.00000002.762155689.000001C24D4B1000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24D4B1000
Size:	32768

Details

Name:	00000001.00000002.798705809.00000000009BF000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	9BF000
Size:	4096

Details

Name:	00000010.00000000.808663099.00000000040A2000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	40A2000
Size:	69632

Details

Name:	00000006.00000002.705321215.000002E190685000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2E190685000
Size:	32768

Details

Name:	0000000F.00000002.802946447.00007FF5BB35A000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BB35A000
Size:	20480

Details

Name:	0000000F.00000002.803010429.00007FF5BB389000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BB389000
Size:	12288

Details

Name:	00000001.00000002.802859752.0000000004980000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4980000
Size:	4096

Details

Name:	00000009.00000003.747948763.000001C24E302000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24E302000
Size:	389120

Details

Name:	00000010.00000000.814726432.000000000711B000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	711B000
Size:	8192

Details

Name:	00000010.00000000.813492640.0000000005B40000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	5B40000
Size:	20480

Details

Name:	00000010.00000000.834428935.0000000003C9C000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3C9C000
Size:	253952

Details

Name:	00000010.00000000.834752395.0000000003EE5000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3EE5000
Size:	8192

Details

Name:	0000000E.00000002.848667714.0000000001280000.00000040.00000001.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	1280000
Size:	69632

Details

Name:	00000010.00000000.820331728.000000000ED24000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	ED24000
Size:	229376

Details

Name:	00000003.00000003.646578225.000001BD50E6B000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1BD50E6B000
Size:	32768

Details

Name:	0000000B.00000002.793038522.0000017913A50000.00000004.00000020.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	17913A50000
Size:	12288

Details

Name:	00000009.00000002.765317370.00007FF57EE6C000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EE6C000
Size:	8192

Details

Name:	00000010.00000000.817337302.000000000A79E000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	A79E000
Size:	53248

Details

Name:	00000011.00000003.848185062.0000000004BF0000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4BF0000
Size:	126976

Details

Name:	00000009.00000003.743864784.000001C24DD23000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD23000
Size:	12288

Details

Name:	00000011.00000002.910423439.000000000303D000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	303D000
Size:	4096

Details

Name:	00000001.00000003.796338825.00000000006C4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000007.00000002.720826532.00007FF528B01000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF528B01000
Size:	12288

Details

Name:	0000000B.00000003.789267690.0000017916410000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17916410000
Size:	692224

Details

Name:	00000010.00000000.820394118.000000000ED63000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	ED63000
Size:	217088

Details

Name:	0000000B.00000002.796180170.00007FF5E01CC000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E01CC000
Size:	4096

Details

Name:	00000010.00000000.823189579.00007FF5964EC000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5964EC000
Size:	12288

Details

Name:	0000000B.00000002.796238572.00007FF5E01E4000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E01E4000
Size:	4096

Details

Name:	00000007.00000002.720127358.000002083A48A000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2083A48A000
Size:	28672

Details

Name:	00000010.00000000.822881987.00007FF5963E6000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5963E6000
Size:	45056

Details

Name:	0000000F.00000002.802851009.00007FF5BB31B000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BB31B000
Size:	45056

Details

Name:	00000010.00000000.817448621.000000000A7E4000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	A7E4000
Size:	8192

Details

Name:	00000001.00000003.792535223.0000000000855000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	855000
Size:	262144

Details

Name:	00000009.00000003.735634956.000001C24DAD0000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DAD0000
Size:	4096

Details

Name:	0000000F.00000002.800367560.000002197D040000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2197D040000
Size:	806912

Details

Name:	00000010.00000000.822815644.00007FF596395000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596395000
Size:	32768

Details

Name:	00000011.00000002.910415697.0000000003037000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3037000
Size:	12288

Details

Name:	00000007.00000002.720958079.00007FF528CAE000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF528CAE000
Size:	4096

Details

Name:	00000010.00000000.820471575.000000000EDAB000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	EDAB000
Size:	188416

Details

Name:	00000011.00000003.849200815.00000000010C4000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	10C4000
Size:	4096

Details

Name:	00000010.00000000.836114175.00000000042E0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	42E0000
Size:	126976

Details

Name:	0000000A.00000002.745595046.000000219C9FF000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	219C9FF000
Size:	4096

Details

Name:	00000009.00000002.762055127.000001C24D459000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24D459000
Size:	90112

Details

Name:	0000000B.00000002.795649591.00007FF5DFE77000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5DFE77000
Size:	4096

Details

Name:	00000007.00000002.720984906.00007FF528CBB000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF528CBB000
Size:	45056

Details

Name:	00000001.00000003.692856604.0000000004A10000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4A10000
Size:	65536

Details

Name:	0000000E.00000002.848683121.00000000012A0000.00000040.00000001.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	12A0000
Size:	69632

Details

Name:	00000010.00000000.822731336.00007FF596378000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596378000
Size:	12288

Details

Name:	00000009.00000003.739906767.000001C24DD38000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD38000
Size:	49152

Details

Name:	0000000B.00000002.795702056.00007FF5DFF7F000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5DFF7F000
Size:	4096

Details

Name:	00000011.00000000.840154616.00000000030E3000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	30E3000
Size:	16384

Details

Name:	00000010.00000000.822367253.00007FF596202000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596202000
Size:	4096

Details

Name:	00000004.00000002.667270033.00007FF5B390F000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B390F000
Size:	16384

Details

Name:	00000010.00000000.822709430.00007FF59636B000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59636B000
Size:	4096

Details

Name:	00000009.00000002.765198260.00007FF57EE5F000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EE5F000
Size:	8192

Details

Name:	00000001.00000003.796441648.00000000006C4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000010.00000000.810959864.0000000004560000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4560000
Size:	8192

Details

Name:	00000009.00000002.762334354.000001C24DAB0000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1C24DAB0000
Size:	20480

Details

Name:	0000000B.00000002.792904749.00000047E70FB000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	47E70FB000
Size:	20480

Details

Name:	00000010.00000000.824738288.00007FFAA5B8F000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFAA5B8F000
Size:	24576

Details

Name:	00000010.00000000.831732411.00000000035AB000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	35AB000
Size:	24576

Details

Name:	00000011.00000003.849172206.00000000010C4000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	10C4000
Size:	4096

Details

Name:	00000010.00000000.823666364.00007FF59662B000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59662B000
Size:	45056

Details

Name:	00000010.00000000.815412537.000000000760F000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	760F000
Size:	475136

Details

Name:	00000010.00000000.837741762.000000000524E000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	524E000
Size:	8192

Details

Name:	00000010.00000000.811937063.000000000524E000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	524E000
Size:	8192

Details

Name:	00000010.00000000.816883791.0000000008683000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	8683000
Size:	4096

Details

Name:	00000009.00000002.764360152.00007FF57ED88000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57ED88000
Size:	4096

Details

Name:	00000010.00000000.831926424.00000000037A7000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	37A7000
Size:	303104

Details

Name:	00000010.00000000.807543741.0000000003B26000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3B26000
Size:	20480

Details

Name:	0000000F.00000002.800185584.0000009EA2B7F000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	9EA2B7F000
Size:	4096

Details

Name:	00000006.00000002.705995444.00007FF530736000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF530736000
Size:	32768

Details

Name:	00000010.00000000.836425018.0000000004410000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4410000
Size:	61440

Details

Name:	0000000B.00000002.795163688.0000017915E84000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17915E84000
Size:	65536

Details

Name:	00000001.00000003.792570702.0000000000841000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	841000
Size:	81920

Details

Name:	00000002.00000002.644960025.00007FF589E11000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589E11000
Size:	4096

Details

Name:	00000004.00000002.667125381.00007FF5B34A0000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B34A0000
Size:	20480

Details

Name:	00000011.00000002.909848795.0000000000E3C000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	E3C000
Size:	16384

Details

Name:	0000000B.00000002.795312566.0000017917100000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17917100000
Size:	8192

Details

Name:	0000000B.00000002.796102563.00007FF5E01A5000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E01A5000
Size:	12288

Details

Name:	00000010.00000000.822458810.00007FF596286000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596286000
Size:	12288

Details

Name:	00000009.00000003.745472094.000001C24DDAE000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DDAE000
Size:	335872

Details

Name:	00000010.00000000.818997811.000000000CA82000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	CA82000
Size:	110592

Details

Name:	00000010.00000000.819181730.000000000D062000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	D062000
Size:	4096

Details

Name:	00000006.00000002.706264710.00007FF530ADC000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF530ADC000
Size:	8192

Details

Name:	00000011.00000003.849220362.00000000010C4000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	10C4000
Size:	4096

Details

Name:	00000010.00000000.837310282.0000000004C60000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4C60000
Size:	4096

Details

Name:	00000011.00000002.910387154.0000000003020000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3020000
Size:	32768

Details

Name:	00000001.00000003.693696945.00000000049A0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	49A0000
Size:	65536

Details

Name:	00000009.00000002.765444519.00007FF57EEC4000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EEC4000
Size:	4096

Details

Name:	00000010.00000000.835875479.0000000004230000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4230000
Size:	57344

Details

Name:	00000010.00000000.820450817.000000000EDA6000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	EDA6000
Size:	16384

Details

Name:	00000010.00000000.817460672.000000000A7E7000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	A7E7000
Size:	20480

Details

Name:	0000000B.00000003.789092716.0000017915B1A000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17915B1A000
Size:	4096

Details

Name:	00000006.00000002.705098592.000002E190430000.00000004.00000040.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2E190430000
Size:	4096

Details

Name:	00000004.00000002.666758883.000001E740002000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1E740002000
Size:	4096

Details

Name:	00000006.00000002.705192375.000002E190570000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2E190570000
Size:	16384

Details

Name:	0000000E.00000002.848550242.00000000011CF000.00000040.00000001.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	11CF000
Size:	479232

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	00000010.00000000.814739837.000000000711E000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	711E000
Size:	8192

Details

Name:	0000000B.00000002.793022455.00000047E787E000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	47E787E000
Size:	8192

Details

Name:	0000000F.00000002.800150346.0000009EA2AFA000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	9EA2AFA000
Size:	24576

Details

Name:	00000003.00000002.648030187.00007FF565453000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF565453000
Size:	8192

Details

Name:	0000000A.00000002.746079413.00007FF5723A8000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5723A8000
Size:	12288

Details

Name:	00000001.00000003.693590893.00000000049D0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	49D0000
Size:	65536

Details

Name:	00000011.00000002.910811732.0000000004EE0000.00000040.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	4EE0000
Size:	69632

Details

Name:	00000010.00000000.822229348.00007FF5961BF000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5961BF000
Size:	36864

Details

Name:	00000010.00000000.823773808.00007FF596674000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596674000
Size:	32768

Details

Name:	00000004.00000002.667134124.00007FF5B34A6000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B34A6000
Size:	32768

Details

Name:	0000000B.00000002.796053670.00007FF5E018C000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E018C000
Size:	8192

Details

Name:	00000009.00000002.761991707.000001C24D429000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24D429000
Size:	73728

Details

Name:	0000000B.00000002.793941859.0000017915A02000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17915A02000
Size:	4096

Details

Name:	00000004.00000002.666471981.000001E73F829000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1E73F829000
Size:	73728

Details

Name:	00000010.00000000.817652088.000000000A879000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	A879000
Size:	110592

Details

Name:	00000006.00000002.706412924.00007FF530B70000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF530B70000
Size:	16384

Details

Name:	00000009.00000003.751471592.000001C24DD34000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD34000
Size:	102400

Details

Name:	0000000B.00000002.795890575.00007FF5E00A3000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E00A3000
Size:	8192

Details

Name:	0000000F.00000002.801325382.000002197D202000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2197D202000
Size:	65536

Details

Name:	00000009.00000003.742304703.000001C24DD75000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD75000
Size:	4096

Details

Name:	00000004.00000002.667226360.00007FF5B38DE000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B38DE000
Size:	4096

Details

Name:	00000009.00000002.762433082.000001C24DD35000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD35000
Size:	32768

Details

Name:	00000006.00000002.705101910.000002E190490000.00000004.00000020.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	2E190490000
Size:	8192

Details

Name:	00000001.00000003.691727123.0000000004C10000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4C10000
Size:	65536

Details

Name:	00000010.00000000.823421956.00007FF5965A4000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5965A4000
Size:	4096

Details

Name:	00000003.00000002.647972928.00007FF565227000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF565227000
Size:	4096

Details

Name:	00000010.00000000.821979343.00007FF59611D000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59611D000
Size:	12288

Details

Name:	00000001.00000002.797507123.00000000002FB000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2FB000
Size:	8192

Details

Name:	00000003.00000002.648174248.00007FF5655B8000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5655B8000
Size:	12288

Details

Name:	00000001.00000003.794292085.00000000006C4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	0000000A.00000002.745541436.000000219C5BF000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	219C5BF000
Size:	4096

Details

Name:	0000000A.00000002.746035902.00007FF57236C000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57236C000
Size:	4096

Details

Name:	00000010.00000000.816158263.0000000007853000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7853000
Size:	163840

Details

Name:	00000010.00000000.817383752.000000000A7B2000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	A7B2000
Size:	4096

Details

Name:	00000001.00000003.642268841.0000000000720000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	720000
Size:	8192

Details

Name:	00000007.00000002.720150870.000002083A600000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2083A600000
Size:	4096

Details

Name:	00000010.00000000.834779172.0000000003EF7000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3EF7000
Size:	40960

Details

Name:	00000010.00000000.825734432.0000000000B75000.00000004.00000020.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	heap default
Protect:	page read and write
Base address:	B75000
Size:	143360

Details

Name:	00000010.00000000.823120471.00007FF5964CA000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5964CA000
Size:	4096

Details

Name:	00000010.00000000.823487498.00007FF5965BC000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5965BC000
Size:	8192

Details

Name:	00000010.00000000.837613476.0000000005087000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	5087000
Size:	36864

Details

Name:	00000009.00000003.749316897.000001C24DD82000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD82000
Size:	106496

Details

Name:	00000010.00000000.814644530.0000000006F55000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	6F55000
Size:	12288

Details

Name:	00000009.00000002.761740688.0000004D5F3FA000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4D5F3FA000
Size:	24576

Details

Name:	00000010.00000000.827391375.0000000002490000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2490000
Size:	4096

Details

Name:	00000009.00000002.762104709.000001C24D488000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24D488000
Size:	114688

Details

Name:	00000001.00000003.642348484.0000000000720000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	720000
Size:	65536

Details

Name:	00000001.00000003.795422597.00000000006C4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	0000000B.00000002.793306499.0000017913C9B000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17913C9B000
Size:	98304

Details

Name:	00000002.00000003.643833390.000001FC46270000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1FC46270000
Size:	16384

Details

Name:	00000001.00000003.693234893.0000000004990000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4990000
Size:	65536

Details

Name:	00000010.00000000.821727955.00007FF595FB6000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF595FB6000
Size:	12288

Details

Name:	0000000E.00000002.847100681.00000000008FB000.00000004.00000001.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	8FB000
Size:	20480

Details

Name:	0000000F.00000002.802749741.00007FF5BB169000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BB169000
Size:	4096

Details

Name:	0000000B.00000002.795207560.0000017915EA4000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17915EA4000
Size:	65536

Details

Name:	0000000E.00000002.848160114.000000000103F000.00000040.00000001.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	103F000
Size:	1601536

Details

Name:	00000010.00000000.811628156.0000000004D00000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4D00000
Size:	4096

Details

Name:	00000010.00000000.800900766.0000000000A20000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	A20000
Size:	8192

Details

Name:	00000009.00000003.747504882.000001C24DDB2000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DDB2000
Size:	106496

Details

Name:	00000010.00000000.836585577.00000000046AA000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	46AA000
Size:	24576

Details

Name:	00000004.00000002.666489668.000001E73F847000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1E73F847000
Size:	12288

Details

Name:	00000010.00000000.810683919.00000000043A0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	43A0000
Size:	4096

Details

Name:	00000011.00000003.848319245.00000000010C4000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	10C4000
Size:	4096

Details

Name:	00000001.00000003.691871879.0000000004B6C000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4B6C000
Size:	4096

Details

Name:	00000010.00000000.837510898.0000000004F60000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4F60000
Size:	77824

Details

Name:	00000001.00000003.692029681.0000000004980000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4980000
Size:	65536

Details

Name:	00000009.00000003.735626479.000001C24DAD0000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DAD0000
Size:	4096

Details

Name:	00000006.00000002.705105719.000002E1904A0000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2E1904A0000
Size:	806912

Details

Name:	00000007.00000002.721149835.00007FF528DA1000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF528DA1000
Size:	20480

Details

Name:	00000007.00000002.721042099.00007FF528CF4000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF528CF4000
Size:	4096

Details

Name:	00000007.00000002.720137009.000002083A502000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2083A502000
Size:	16384

Details

Name:	00000010.00000000.809420664.00000000041D0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	41D0000
Size:	118784

Details

Name:	00000010.00000000.817638200.000000000A863000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	A863000
Size:	86016

Details

Name:	00000001.00000003.691866824.0000000004B64000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4B64000
Size:	24576

Details

Name:	00000009.00000003.743803346.000001C24DD66000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD66000
Size:	4096

Details

Name:	00000010.00000000.815284141.00000000075E5000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	75E5000
Size:	69632

Details

Name:	00000004.00000002.666433799.000001E73F780000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1E73F780000
Size:	16384

Details

Name:	0000000B.00000003.783242167.0000017915B36000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17915B36000
Size:	24576

Details

Name:	00000011.00000003.847038869.0000000000F31000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	F31000
Size:	24576

Details

Name:	00000010.00000000.822074781.00007FF59613A000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59613A000
Size:	65536

Details

Name:	0000000E.00000003.839100978.00000000009C4000.00000004.00000001.sdmp
TargetID:	14
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	9C4000
Size:	4096

Details

Name:	0000000F.00000002.802704276.00007FF5BAFDF000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BAFDF000
Size:	8192

Details

Name:	00000010.00000000.811284323.0000000004873000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4873000
Size:	12288

Details

Name:	00000010.00000000.814585854.0000000006ACA000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	6ACA000
Size:	24576

Details

Name:	00000001.00000003.693168377.0000000004990000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4990000
Size:	65536

Details

Name:	00000010.00000000.810967014.0000000004570000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4570000
Size:	16384

Details

Name:	00000010.00000000.836404071.00000000043F0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	43F0000
Size:	77824

Details

Name:	00000010.00000000.822859140.00007FF5963C9000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5963C9000
Size:	8192

Details

Name:	00000010.00000000.836888350.0000000004820000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4820000
Size:	4096

Details

Name:	0000000B.00000002.792918490.00000047E71FB000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	47E71FB000
Size:	20480

Details

Name:	00000002.00000002.644094887.000001FC461B0000.00000004.00000020.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	1FC461B0000
Size:	8192

Details

Name:	00000010.00000000.800761564.00000000007D6000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	7D6000
Size:	40960

Details

Name:	00000001.00000002.798030494.000000000068D000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	68D000
Size:	4096

Details

Name:	00000001.00000002.798078954.00000000006A7000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	6A7000
Size:	4096

Details

Name:	00000009.00000002.761975142.000001C24D413000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24D413000
Size:	86016

Details

Name:	00000009.00000003.743838083.000001C24DD68000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD68000
Size:	4096

Details

Name:	0000000B.00000002.793318431.0000017913CB4000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17913CB4000
Size:	167936

Details

Name:	00000009.00000003.742391110.000001C24DD5B000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD5B000
Size:	40960

Details

Name:	00000009.00000003.739674481.000001C24DD70000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD70000
Size:	8192

Details

Name:	00000001.00000002.798858613.0000000000C30000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	C30000
Size:	20480

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	00000010.00000000.822422220.00007FF596270000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596270000
Size:	8192

Details

Name:	00000010.00000000.830864459.0000000002C30000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2C30000
Size:	4096

Details

Name:	00000006.00000002.705225357.000002E190613000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2E190613000
Size:	86016

Details

Name:	0000000B.00000002.793226763.0000017913C13000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17913C13000
Size:	86016

Details

Name:	00000009.00000002.762379011.000001C24DAF0000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1C24DAF0000
Size:	40960

Details

Name:	0000000B.00000002.795926951.00007FF5E00ED000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E00ED000
Size:	4096

Details

Name:	00000010.00000000.824599055.00007FFAA5B23000.00000004.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page read and write
Base address:	7FFAA5B23000
Size:	4096

Details

Name:	00000010.00000000.819053458.000000000CE71000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	CE71000
Size:	90112

Details

Name:	00000010.00000000.831322480.0000000003170000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	3170000
Size:	4096

Details

Name:	0000000D.00000000.793676020.0000000000370000.00000002.00020000.sdmp
TargetID:	13
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	370000
Size:	4096

Details

Name:	00000010.00000000.807286673.0000000003955000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3955000
Size:	49152

Details

Name:	00000009.00000002.763189046.00007FF57E9E2000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57E9E2000
Size:	4096

Details

Name:	0000000B.00000002.794150428.0000017915B3E000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17915B3E000
Size:	86016

Details

Name:	0000000B.00000002.796260156.00007FF5E01EA000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E01EA000
Size:	32768

Details

Name:	00000010.00000000.807139711.00000000038A9000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	38A9000
Size:	53248

Details

Name:	00000010.00000000.825453566.0000000000AD8000.00000004.00000020.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	heap default
Protect:	page read and write
Base address:	AD8000
Size:	561152

Signature Hits	Behavior Group	Mitre Attack
May try to detect the Windows Explorer process (often used for injection)	HIPS / PFW / Operating System Protection Evasion	Process Injection Process Discovery

Details

Name:	00000001.00000003.693066815.00000000049BB000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	49BB000
Size:	20480

Details

Name:	00000006.00000002.706164669.00007FF530ABD000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF530ABD000
Size:	20480

Details

Name:	00000010.00000000.801043961.0000000000A80000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	A80000
Size:	8192

Details

Name:	00000009.00000003.740968583.000001C24DDA4000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DDA4000
Size:	4096

Details

Name:	00000009.00000003.747783509.000001C24E261000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24E261000
Size:	389120

Details

Name:	00000011.00000003.847022604.0000000000F42000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	F42000
Size:	20480

Details

Name:	00000011.00000002.910461522.0000000003062000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3062000
Size:	8192

Details

Name:	00000010.00000000.808410302.0000000003FB0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3FB0000
Size:	4096

Details

Name:	00000010.00000000.833622358.0000000003AAF000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3AAF000
Size:	483328

Details

Name:	00000003.00000002.647123464.000001BD50D30000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1BD50D30000
Size:	16384

Details

Name:	0000000E.00000003.796426837.0000000000AF9000.00000004.00000001.sdmp
TargetID:	14
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AF9000
Size:	8192

Details

Name:	00000010.00000000.823545861.00007FF5965EF000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5965EF000
Size:	4096

Details

Name:	0000000B.00000002.792883728.00000047E6F7B000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	47E6F7B000
Size:	20480

Details

Name:	00000006.00000002.705555786.000002E190E02000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2E190E02000
Size:	4096

Details

Name:	00000010.00000000.811482705.0000000004B70000.00000008.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page write copy
Base address:	4B70000
Size:	266240

Details

Name:	00000010.00000000.821917184.00007FF59610E000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59610E000
Size:	12288

Details

Name:	00000009.00000003.747643574.000001C24E202000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24E202000
Size:	159744

Details

Name:	00000001.00000003.691863137.0000000004B62000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4B62000
Size:	4096

Details

Name:	0000000B.00000002.794077822.0000017915B2B000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17915B2B000
Size:	32768

Details

Name:	00000010.00000000.824630299.00007FFAA5B2C000.00000004.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page read and write
Base address:	7FFAA5B2C000
Size:	4096

Details

Name:	00000010.00000000.835789963.00000000041D0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	41D0000
Size:	118784

Details

Name:	00000010.00000000.802293839.0000000000CD0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	CD0000
Size:	8192

Details

Name:	00000010.00000000.821552159.00007FF595F40000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF595F40000
Size:	4096

Details

Name:	00000010.00000000.800953679.0000000000A40000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	A40000
Size:	20480

Details

Name:	00000009.00000002.762488201.000001C24DE00000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1C24DE00000
Size:	3371008

Details

Name:	00000010.00000000.819029845.000000000CE60000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	CE60000
Size:	4096

Details

Name:	00000010.00000000.801999057.0000000000BA6000.00000004.00000020.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	heap default
Protect:	page read and write
Base address:	BA6000
Size:	16384

Details

Name:	00000010.00000000.823924418.00007FFAA5991000.00000020.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute read
Base address:	7FFAA5991000
Size:	950272

Details

Name:	00000009.00000003.742200358.000001C24DD85000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD85000
Size:	45056

Details

Name:	00000010.00000000.808488922.0000000003FD0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3FD0000
Size:	4096

Details

Name:	00000010.00000000.816929944.000000000A60E000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	A60E000
Size:	253952

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000010.00000000.836269851.0000000004370000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4370000
Size:	4096

Details

Name:	0000000E.00000002.848801733.000000000141A000.00000040.00000001.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	141A000
Size:	4096

Details

Name:	00000010.00000000.822446728.00007FF59627F000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59627F000
Size:	24576

Details

Name:	00000010.00000000.811898752.0000000005110000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	5110000
Size:	8192

Details

Name:	00000009.00000002.761936786.000001C24D3A0000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1C24D3A0000
Size:	4096

Details

Name:	0000000B.00000002.796407318.00007FF5E0216000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E0216000
Size:	8192

Details

Name:	0000000B.00000002.795607604.00007FF5DFE6A000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5DFE6A000
Size:	16384

Details

Name:	00000006.00000002.706098821.00007FF530A51000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF530A51000
Size:	4096

Details

Name:	00000010.00000000.813805451.00000000066D4000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	66D4000
Size:	4096

Details

Name:	0000000A.00000002.745669955.000001D2E3FE7000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1D2E3FE7000
Size:	24576

Details

Name:	00000010.00000000.824751126.00007FFAA5B97000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFAA5B97000
Size:	57344

Details

Name:	00000010.00000000.811852418.0000000004FD0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4FD0000
Size:	16384

Details

Name:	00000010.00000000.814281003.0000000006833000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	6833000
Size:	4096

Details

Name:	00000010.00000000.807494349.0000000003AAF000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3AAF000
Size:	483328

Details

Name:	00000009.00000003.738481196.000001C24E202000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24E202000
Size:	147456

Details

Name:	0000000B.00000002.793214851.0000017913C00000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17913C00000
Size:	73728

Details

Name:	00000009.00000002.761791156.000001C24D2C0000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1C24D2C0000
Size:	806912

Details

Name:	00000009.00000003.748236119.000001C24DD22000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD22000
Size:	16384

Details

Name:	00000011.00000000.846670639.00000000030E3000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	30E3000
Size:	16384

Details

Name:	00000010.00000000.819039960.000000000CE6E000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	CE6E000
Size:	8192

Details

Name:	00000001.00000002.803197456.0000000004B90000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4B90000
Size:	32768

Details

Name:	00000010.00000000.803026444.0000000002900000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2900000
Size:	12288

Details

Name:	00000010.00000000.837656663.0000000005110000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	5110000
Size:	8192

Details

Name:	00000010.00000000.831271773.0000000003090000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3090000
Size:	69632

Details

Name:	00000010.00000000.803182318.0000000002BA0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2BA0000
Size:	65536

Details

Name:	00000009.00000002.764284199.00007FF57ED7E000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57ED7E000
Size:	4096

Details

Name:	00000010.00000000.835485822.00000000040A2000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	40A2000
Size:	69632

Details

Name:	00000010.00000000.816724181.000000000836C000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	836C000
Size:	16384

Details

Name:	00000001.00000003.692781805.0000000004B40000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4B40000
Size:	65536

Details

Name:	00000010.00000000.820690502.000000000EE24000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	EE24000
Size:	229376

Details

Name:	00000010.00000000.811651332.0000000004D20000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4D20000
Size:	8192

Details

Name:	00000002.00000002.644956223.00007FF589E0E000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589E0E000
Size:	4096

Details

Name:	00000001.00000003.691941944.0000000004A1C000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4A1C000
Size:	4096

Details

Name:	00000001.00000003.691616879.0000000004CD0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4CD0000
Size:	16384

Details

Name:	00000011.00000002.910607402.00000000037E0000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	37E0000
Size:	299008

Signature Hits	Behavior Group	Mitre Attack
May try to detect the Windows Explorer process (often used for injection)	HIPS / PFW / Operating System Protection Evasion	Process Injection Process Discovery

Details

Name:	00000010.00000000.822921821.00007FF596441000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596441000
Size:	12288

Details

Name:	00000010.00000000.802392349.00000000024B0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	24B0000
Size:	8192

Details

Name:	00000009.00000002.764926222.00007FF57EE4B000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EE4B000
Size:	8192

Details

Name:	00000010.00000000.813704987.0000000006650000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	6650000
Size:	507904

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	0000000F.00000002.802919474.00007FF5BB33F000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BB33F000
Size:	16384

Details

Name:	00000010.00000000.818073953.000000000AF6B000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	AF6B000
Size:	20480

Details

Name:	00000002.00000002.644799603.00007FF589BC5000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589BC5000
Size:	4096

Details

Name:	00000009.00000003.743778048.000001C24DD66000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD66000
Size:	4096

Details

Name:	00000004.00000002.666763179.000001E740200000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1E740200000
Size:	3371008

Details

Name:	00000010.00000000.830932209.0000000002CA2000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2CA2000
Size:	16384

Details

Name:	00000002.00000002.644992995.00007FF589E8A000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589E8A000
Size:	12288

Details

Name:	00000010.00000000.811659033.0000000004D30000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4D30000
Size:	8192

Details

Name:	0000000E.00000002.847518954.0000000000DEF000.00000004.00000001.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	DEF000
Size:	4096

Details

Name:	00000010.00000000.808329111.0000000003F45000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3F45000
Size:	8192

Details

Name:	00000010.00000000.814360626.0000000006837000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	6837000
Size:	4096

Details

Name:	00000010.00000000.818222143.000000000B86B000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	B86B000
Size:	20480

Details

Name:	00000010.00000000.822669097.00007FF59632B000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59632B000
Size:	57344

Details

Name:	0000000B.00000002.793413146.00000179155A0000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	179155A0000
Size:	4096

Details

Name:	00000010.00000000.821649405.00007FF595F98000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF595F98000
Size:	8192

Details

Name:	00000001.00000002.797975684.000000000065E000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	65E000
Size:	8192

Details

Name:	00000001.00000003.693374751.0000000004B60000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4B60000
Size:	65536

Details

Name:	00000003.00000002.648201479.00007FF5655C9000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5655C9000
Size:	12288

Details

Name:	0000000B.00000003.783778978.0000017915C20000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17915C20000
Size:	4096

Details

Name:	00000010.00000000.827534326.0000000002540000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2540000
Size:	12288

Details

Name:	00000010.00000000.807195549.00000000038F5000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	38F5000
Size:	49152

Details

Name:	00000010.00000000.823355278.00007FF596573000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596573000
Size:	24576

Details

Name:	0000000B.00000002.793186315.0000017913B80000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	17913B80000
Size:	16384

Details

Name:	00000010.00000000.822742090.00007FF59637C000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59637C000
Size:	8192

Details

Name:	00000010.00000000.823807407.00007FF59668E000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59668E000
Size:	16384

Details

Name:	00000003.00000002.648187454.00007FF5655C1000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5655C1000
Size:	4096

Details

Name:	00000009.00000003.761467480.000001C24D44B000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24D44B000
Size:	8192

Details

Name:	00000009.00000003.750416221.000001C24DD92000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD92000
Size:	24576

Details

Name:	00000004.00000002.666294090.0000007EE07EE000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7EE07EE000
Size:	8192

Details

Name:	00000010.00000000.830873159.0000000002C3F000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2C3F000
Size:	98304

Details

Name:	00000011.00000003.848346967.00000000010C4000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	10C4000
Size:	4096

Details

Name:	00000010.00000000.803038557.0000000002910000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2910000
Size:	4096

Details

Name:	00000009.00000002.762170342.000001C24D4BD000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24D4BD000
Size:	24576

Details

Name:	00000009.00000003.750439486.000001C24DD91000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD91000
Size:	61440

Details

Name:	00000009.00000003.745908056.000001C24DD51000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD51000
Size:	114688

Details

Name:	00000001.00000003.796398682.00000000006C4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000011.00000002.910445726.000000000304A000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	304A000
Size:	16384

Details

Name:	00000009.00000003.748416781.000001C24DD53000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD53000
Size:	126976

Details

Name:	0000000B.00000003.786544446.0000017917142000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17917142000
Size:	524288

Details

Name:	00000006.00000002.705356868.000002E190713000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2E190713000
Size:	8192

Details

Name:	00000001.00000003.693847889.0000000004990000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4990000
Size:	4096

Details

Name:	00000003.00000002.648034958.00007FF565458000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF565458000
Size:	4096

Details

Name:	00000010.00000000.814456307.000000000683B000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	683B000
Size:	4096

Details

Name:	0000000B.00000002.795274928.0000017916000000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17916000000
Size:	4096

Details

Name:	00000010.00000000.810882502.0000000004410000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4410000
Size:	61440

Details

Name:	00000010.00000000.808230569.0000000003ED2000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3ED2000
Size:	73728

Details

Name:	00000009.00000002.761922973.000001C24D390000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1C24D390000
Size:	16384

Details

Name:	00000009.00000003.742480900.000001C24DD5E000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD5E000
Size:	28672

Details

Name:	00000010.00000000.818261023.000000000B976000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	B976000
Size:	2457600

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000010.00000000.837046801.00000000048C0000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	48C0000
Size:	8192

Details

Name:	00000009.00000002.764228672.00007FF57ED61000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57ED61000
Size:	4096

Details

Name:	00000010.00000000.803811181.0000000002F70000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2F70000
Size:	4096

Details

Name:	00000007.00000002.720868710.00007FF528BAB000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF528BAB000
Size:	8192

Details

Name:	00000003.00000002.647997663.00007FF565371000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF565371000
Size:	12288

Details

Name:	00000009.00000002.765505310.00007FF57EEDF000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EEDF000
Size:	8192

Details

Name:	00000009.00000003.748392731.000001C24DD3D000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD3D000
Size:	61440

Details

Name:	00000010.00000000.803130436.0000000002AF0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2AF0000
Size:	8192

Details

Name:	00000010.00000000.819132684.000000000CEFA000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	CEFA000
Size:	32768

Details

Name:	00000003.00000002.648056088.00007FF565513000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF565513000
Size:	8192

Details

Name:	00000004.00000002.667181939.00007FF5B3833000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B3833000
Size:	24576

Details

Name:	0000000B.00000002.796489552.00007FF5E0291000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E0291000
Size:	20480

Details

Name:	00000010.00000000.821687179.00007FF595FAC000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF595FAC000
Size:	12288

Details

Name:	00000010.00000000.835419047.0000000004082000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4082000
Size:	69632

Details

Name:	00000006.00000003.704929154.000002E19064E000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2E19064E000
Size:	98304

Details

Name:	00000010.00000000.815901549.0000000007785000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7785000
Size:	163840

Details

Name:	00000006.00000002.705975576.00007FF5303B6000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5303B6000
Size:	16384

Details

Name:	00000010.00000000.808516905.0000000003FD4000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3FD4000
Size:	307200

Details

Name:	0000000B.00000003.786044138.0000017916410000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17916410000
Size:	536576

Details

Name:	00000001.00000003.693352619.0000000004B70000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4B70000
Size:	65536

Details

Name:	00000009.00000002.763147339.00007FF57E781000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57E781000
Size:	8192

Details

Name:	00000001.00000002.798469970.00000000007FF000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	7FF000
Size:	110592

Details

Name:	00000007.00000002.720855508.00007FF528B91000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF528B91000
Size:	4096

Details

Name:	00000009.00000003.742300289.000001C24DD65000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD65000
Size:	4096

Details

Name:	00000010.00000000.822061201.00007FF596137000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596137000
Size:	8192

Details

Name:	00000002.00000002.644945856.00007FF589DFE000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589DFE000
Size:	12288

Details

Name:	00000006.00000002.706712852.00007FF530BE6000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF530BE6000
Size:	8192

Details

Name:	00000009.00000002.761760962.000001C24D250000.00000004.00000040.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	1C24D250000
Size:	4096

Details

Name:	00000001.00000001.641942941.0000000000050000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	image loaded
Regiontype:	unkown image
Protect:	page readonly
Base address:	50000
Size:	4096

Details

Name:	00000009.00000002.764096177.00007FF57ECC1000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57ECC1000
Size:	4096

Details

Name:	00000001.00000002.797425679.000000000016C000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	16C000
Size:	16384

Details

Name:	00000009.00000002.761597685.0000004D5E90B000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4D5E90B000
Size:	20480

Details

Name:	0000000B.00000002.792959917.00000047E747B000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	47E747B000
Size:	20480

Details

Name:	00000004.00000002.666442866.000001E73F7A0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1E73F7A0000
Size:	4096

Details

Name:	00000010.00000000.825283929.0000000000A30000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	A30000
Size:	8192

Details

Name:	00000001.00000002.799715602.000000000346D000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	346D000
Size:	765952

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	0000000F.00000002.802729205.00007FF5BB0D6000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BB0D6000
Size:	4096

Details

Name:	0000000B.00000002.794626386.0000017915C20000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17915C20000
Size:	8192

Details

Name:	00000009.00000002.761948249.000001C24D3D0000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1C24D3D0000
Size:	8192

Details

Name:	00000004.00000002.666446304.000001E73F800000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1E73F800000
Size:	4096

Details

Name:	00000003.00000002.647289113.000001BD50F00000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1BD50F00000
Size:	4096

Details

Name:	00000010.00000000.821541701.00007FF595F3B000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF595F3B000
Size:	8192

Details

Name:	0000000B.00000002.794545538.0000017915BF1000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17915BF1000
Size:	12288

Details

Name:	00000001.00000002.796770036.0000000000050000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	50000
Size:	4096

Details

Name:	00000010.00000000.832889295.0000000003985000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3985000
Size:	1191936

Details

Name:	00000010.00000000.823315321.00007FF59655A000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59655A000
Size:	40960

Details

Name:	00000010.00000000.803349829.0000000002C30000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2C30000
Size:	4096

Details

Name:	00000009.00000003.750511420.000001C24DD70000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD70000
Size:	12288

Details

Name:	00000006.00000002.705339401.000002E190700000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2E190700000
Size:	4096

Details

Name:	00000010.00000000.816904876.000000000A5F5000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	A5F5000
Size:	81920

Details

Name:	0000000F.00000002.801810942.000002197D400000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2197D400000
Size:	32768

Details

Name:	00000003.00000002.647352384.000001BD527A0000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1BD527A0000
Size:	4096

Details

Name:	00000010.00000000.810234656.00000000042E0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	42E0000
Size:	126976

Details

Name:	00000009.00000003.744003591.000001C24DD1F000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD1F000
Size:	32768

Details

Name:	00000010.00000000.816330896.00000000078DC000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	78DC000
Size:	24576

Details

Name:	00000010.00000000.806702496.00000000035C4000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	35C4000
Size:	4096

Details

Name:	00000010.00000000.811074005.0000000004710000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4710000
Size:	524288

Details

Name:	00000001.00000003.691787109.0000000004BB0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4BB0000
Size:	65536

Details

Name:	0000000B.00000002.793209953.0000017913BE0000.00000004.00000040.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	17913BE0000
Size:	4096

Details

Name:	00000009.00000003.761447555.000001C24D44D000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24D44D000
Size:	32768

Details

Name:	00000010.00000000.813578050.0000000005CBA000.00000004.00000040.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	heap private
Protect:	page read and write
Base address:	5CBA000
Size:	20480

Details

Name:	0000000A.00000002.745602647.000001D2E3F90000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1D2E3F90000
Size:	4096

Details

Name:	00000006.00000002.706539874.00007FF530B87000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF530B87000
Size:	49152

Details

Name:	00000001.00000002.798218749.0000000000710000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	710000
Size:	65536

Details

Name:	0000000E.00000003.839153134.00000000009C4000.00000004.00000001.sdmp
TargetID:	14
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	9C4000
Size:	4096

Details

Name:	00000006.00000002.705081536.000000E388C7E000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	E388C7E000
Size:	8192

Details

Name:	00000010.00000000.807207087.0000000003902000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3902000
Size:	24576

Details

Name:	00000010.00000000.836334445.00000000043A2000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	43A2000
Size:	86016

Details

Name:	00000010.00000000.821675415.00007FF595FA3000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF595FA3000
Size:	8192

Details

Name:	0000000E.00000002.848858415.0000000002C20000.00000040.00000001.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2C20000
Size:	1523712

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000010.00000000.836320411.00000000043A0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	43A0000
Size:	4096

Details

Name:	00000002.00000002.644135181.000001FC4622A000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1FC4622A000
Size:	86016

Details

Name:	00000010.00000000.820251213.000000000ECE2000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	ECE2000
Size:	245760

Details

Name:	00000010.00000000.804200807.00000000031F0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	31F0000
Size:	3805184

Details

Name:	0000000B.00000002.796018362.00007FF5E0174000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E0174000
Size:	16384

Details

Name:	00000010.00000000.820074030.000000000E65E000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	E65E000
Size:	8192

Details

Name:	00000006.00000002.706587955.00007FF530BA7000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF530BA7000
Size:	28672

Details

Name:	0000000B.00000002.793239119.0000017913C29000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17913C29000
Size:	94208

Details

Name:	0000000B.00000002.792997585.00000047E76FC000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	47E76FC000
Size:	16384

Details

Name:	00000001.00000002.802760898.0000000004920000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4920000
Size:	200704

Details

Name:	00000004.00000000.655106922.00007FF5B39D2000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B39D2000
Size:	16384

Details

Name:	00000010.00000000.825859952.0000000000BA6000.00000004.00000020.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	heap default
Protect:	page read and write
Base address:	BA6000
Size:	16384

Details

Name:	00000009.00000003.750595596.000001C24DD6A000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD6A000
Size:	24576

Details

Name:	00000001.00000002.798041947.0000000000690000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	690000
Size:	12288

Details

Name:	00000004.00000002.666514417.000001E73F86C000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1E73F86C000
Size:	73728

Details

Name:	0000000F.00000002.801896676.000002197ECA0000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2197ECA0000
Size:	3371008

Details

Name:	0000000E.00000002.847079930.00000000005FD000.00000004.00000001.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5FD000
Size:	12288

Details

Name:	00000010.00000000.817501590.000000000A803000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	A803000
Size:	24576

Details

Name:	00000002.00000002.644110494.000001FC46202000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1FC46202000
Size:	65536

Details

Name:	00000002.00000002.644771292.00007FF589A77000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589A77000
Size:	4096

Details

Name:	00000010.00000000.803364278.0000000002C3F000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2C3F000
Size:	98304

Details

Name:	00000001.00000002.802869003.00000000049DE000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	49DE000
Size:	8192

Details

Name:	00000010.00000000.802315774.0000000000CE5000.00000004.00000040.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	heap private
Protect:	page read and write
Base address:	CE5000
Size:	40960

Details

Name:	00000004.00000002.666308596.0000007EE0BFB000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7EE0BFB000
Size:	20480

Details

Name:	00000010.00000000.823752960.00007FF596664000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596664000
Size:	4096

Details

Name:	00000010.00000000.822935221.00007FF596445000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596445000
Size:	4096

Details

Name:	00000001.00000003.642490014.0000000000720000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	720000
Size:	24576

Details

Name:	00000009.00000003.747916730.000001C24DD71000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD71000
Size:	4096

Details

Name:	00000010.00000000.823561483.00007FF5965F4000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5965F4000
Size:	8192

Details

Name:	00000007.00000002.720893209.00007FF528BFD000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF528BFD000
Size:	20480

Details

Name:	00000009.00000002.763123222.00007FF57E6C6000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57E6C6000
Size:	16384

Details

Name:	00000001.00000003.693620002.00000000049C0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	49C0000
Size:	24576

Details

Name:	00000010.00000000.824607847.00007FFAA5B25000.00000004.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page read and write
Base address:	7FFAA5B25000
Size:	16384

Details

Name:	0000000A.00000002.745609518.000001D2E3FC0000.00000004.00000020.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	1D2E3FC0000
Size:	69632

Details

Name:	00000003.00000002.648017013.00007FF565431000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF565431000
Size:	4096

Details

Name:	00000009.00000003.739843808.000001C24DD22000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD22000
Size:	16384

Details

Name:	00000011.00000002.910369780.0000000003013000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3013000
Size:	28672

Details

Name:	00000003.00000002.648046795.00007FF5654F2000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5654F2000
Size:	24576

Details

Name:	00000007.00000002.720102561.000002083A452000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2083A452000
Size:	118784

Details

Name:	00000002.00000002.644325114.000001FC46520000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1FC46520000
Size:	32768

Details

Name:	00000010.00000000.837396122.0000000004D30000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4D30000
Size:	8192

Details

Name:	00000003.00000002.648042166.00007FF5654F0000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5654F0000
Size:	4096

Details

Name:	00000001.00000002.797924057.00000000005D0000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	5D0000
Size:	4096

Details

Name:	0000000E.00000002.847127477.00000000009A0000.00000004.00000001.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	9A0000
Size:	4096

Details

Name:	00000009.00000003.737048810.000001C24DD73000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD73000
Size:	204800

Details

Name:	00000010.00000000.836621843.00000000046F0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	46F0000
Size:	20480

Details

Name:	00000010.00000000.830923624.0000000002C9C000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2C9C000
Size:	20480

Details

Name:	00000010.00000000.816451824.00000000078F9000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	78F9000
Size:	40960

Details

Name:	00000010.00000000.810789223.00000000043D0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	43D0000
Size:	126976

Details

Name:	00000002.00000003.643849003.000001FC46270000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1FC46270000
Size:	16384

Details

Name:	0000000B.00000003.778614781.0000017913C69000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17913C69000
Size:	32768

Details

Name:	00000001.00000003.691951739.0000000004A00000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4A00000
Size:	57344

Details

Name:	00000004.00000002.667192222.00007FF5B3844000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B3844000
Size:	4096

Details

Name:	0000000B.00000002.796390862.00007FF5E0211000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E0211000
Size:	4096

Details

Name:	00000002.00000002.644862036.00007FF589D9E000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589D9E000
Size:	4096

Details

Name:	00000001.00000003.693189729.0000000004980000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4980000
Size:	65536

Details

Name:	00000010.00000000.822043988.00007FF596134000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596134000
Size:	4096

Details

Name:	00000004.00000002.666494509.000001E73F84D000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1E73F84D000
Size:	12288

Details

Name:	00000010.00000000.830458254.0000000002AC0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2AC0000
Size:	8192

Details

Name:	00000004.00000002.667309026.00007FF5B393F000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B393F000
Size:	8192

Details

Name:	00000001.00000002.798252940.0000000000721000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	721000
Size:	61440

Details

Name:	00000010.00000000.821594716.00007FF595F5B000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF595F5B000
Size:	4096

Details

Name:	0000000B.00000002.792864900.00000047E6DFE000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	47E6DFE000
Size:	8192

Details

Name:	0000000A.00000002.745921795.000001D2E4360000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1D2E4360000
Size:	32768

Details

Name:	0000000B.00000003.788973523.0000017915B54000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17915B54000
Size:	77824

Details

Name:	00000002.00000002.644981005.00007FF589E1D000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589E1D000
Size:	16384

Details

Name:	00000010.00000000.814076944.0000000006818000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	6818000
Size:	8192

Details

Name:	00000010.00000000.821715242.00007FF595FB4000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF595FB4000
Size:	4096

Details

Name:	00000009.00000002.761962353.000001C24D400000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24D400000
Size:	73728

Details

Name:	0000000E.00000002.847485161.0000000000AFA000.00000004.00000020.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	AFA000
Size:	28672

Details

Name:	00000003.00000002.648218600.00007FF56563A000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF56563A000
Size:	12288

Details

Name:	00000002.00000002.644124120.000001FC46213000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1FC46213000
Size:	90112

Details

Name:	00000001.00000003.792452317.00000000005E0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E0000
Size:	20480

Details

Name:	00000001.00000002.797934946.00000000005E0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5E0000
Size:	8192

Details

Name:	0000000B.00000002.795523126.00007FF5DFD79000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5DFD79000
Size:	8192

Details

Name:	00000010.00000000.836639499.0000000004700000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4700000
Size:	8192

Details

Name:	00000010.00000000.807316113.0000000003969000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3969000
Size:	53248

Details

Name:	0000000F.00000002.803038817.00007FF5BB3F4000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BB3F4000
Size:	20480

Details

Name:	00000010.00000000.811369639.0000000004970000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4970000
Size:	4096

Details

Name:	00000011.00000003.849263958.00000000010C4000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	10C4000
Size:	4096

Details

Name:	00000011.00000002.910731593.0000000004CD0000.00000004.00000040.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	4CD0000
Size:	4096

Details

Name:	00000009.00000003.751576637.000001C24DD5D000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD5D000
Size:	4096

Details

Name:	00000007.00000002.719905150.000000E496E77000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	E496E77000
Size:	36864

Details

Name:	00000011.00000003.863151475.0000000004D11000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4D11000
Size:	163840

Details

Name:	00000010.00000000.822952447.00007FF596456000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596456000
Size:	8192

Details

Name:	0000000F.00000002.801626716.000002197D255000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2197D255000
Size:	106496

Details

Name:	00000010.00000000.817395527.000000000A7BA000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	A7BA000
Size:	4096

Details

Name:	00000010.00000000.802439126.0000000002540000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2540000
Size:	12288

Details

Name:	0000000F.00000002.802989494.00007FF5BB37E000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BB37E000
Size:	4096

Details

Name:	00000009.00000003.748030174.000001C24DD6C000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD6C000
Size:	20480

Details

Name:	00000001.00000003.693791983.0000000004980000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4980000
Size:	65536

Details

Name:	00000001.00000003.693438616.0000000004B20000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4B20000
Size:	65536

Details

Name:	0000000E.00000003.797665775.0000000000AF6000.00000004.00000001.sdmp
TargetID:	14
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AF6000
Size:	4096

Details

Name:	0000000B.00000002.795253563.0000017915F00000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17915F00000
Size:	8192

Details

Name:	0000000B.00000002.794402163.0000017915BA4000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17915BA4000
Size:	65536

Details

Name:	00000011.00000003.847134526.0000000000F3C000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	F3C000
Size:	24576

Details

Name:	00000001.00000002.798003694.0000000000683000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	683000
Size:	4096

Details

Name:	00000009.00000003.744487077.000001C24DD48000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD48000
Size:	16384

Details

Name:	0000000A.00000003.745277030.000001D2E3FD1000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1D2E3FD1000
Size:	114688

Details

Name:	00000010.00000000.811397442.00000000049B0000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	49B0000
Size:	4096

Details

Name:	00000011.00000003.847116208.0000000000F3C000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	F3C000
Size:	24576

Details

Name:	00000001.00000003.792718593.00000000009C0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	9C0000
Size:	65536

Details

Name:	00000011.00000002.911041537.00000000052EB000.00000040.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	52EB000
Size:	4096

Details

Name:	00000006.00000002.706288779.00007FF530B5A000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF530B5A000
Size:	4096

Details

Name:	00000007.00000002.720733788.00007FF528885000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF528885000
Size:	4096

Details

Name:	00000009.00000002.762948279.000001C24E400000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1C24E400000
Size:	1269760

Details

Name:	00000001.00000002.798195610.0000000000700000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	700000
Size:	65536

Details

Name:	0000000B.00000003.779088156.0000017913C6C000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17913C6C000
Size:	20480

Details

Name:	00000002.00000002.644752784.00007FF589A5C000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589A5C000
Size:	8192

Details

Name:	00000001.00000003.692966614.00000000049D0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	49D0000
Size:	4096

Details

Name:	00000010.00000000.830961325.0000000002D3C000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2D3C000
Size:	4096

Details

Name:	00000010.00000000.810378856.0000000004320000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4320000
Size:	61440

Details

Name:	0000000E.00000003.838954845.0000000000BF1000.00000004.00000001.sdmp
TargetID:	14
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	BF1000
Size:	167936

Details

Name:	00000011.00000003.847087744.0000000000F42000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	F42000
Size:	20480

Details

Name:	00000001.00000002.797476044.00000000001D0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1D0000
Size:	8192

Details

Name:	00000010.00000000.810923714.00000000044DF000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	44DF000
Size:	36864

Details

Name:	00000001.00000003.796357285.00000000006C4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000002.00000002.644821504.00007FF589C9B000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589C9B000
Size:	4096

Details

Name:	00000010.00000000.807216304.0000000003909000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3909000
Size:	53248

Details

Name:	0000000F.00000002.802762866.00007FF5BB20B000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BB20B000
Size:	4096

Details

Name:	00000010.00000000.802983827.00000000028D0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	28D0000
Size:	73728

Details

Name:	0000000F.00000002.800340717.000002197D030000.00000004.00000020.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	2197D030000
Size:	8192

Details

Name:	00000006.00000002.705066848.000000E38876E000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	E38876E000
Size:	8192

Details

Name:	00000001.00000003.691936113.0000000004A14000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4A14000
Size:	24576

Details

Name:	00000009.00000002.762187805.000001C24D4C4000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24D4C4000
Size:	73728

Details

Name:	00000010.00000000.820998712.000000000FE1C000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	FE1C000
Size:	20480

Details

Name:	00000010.00000000.816741880.00000000083EC000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	83EC000
Size:	16384

Details

Name:	00000010.00000000.822498423.00007FF5962AD000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5962AD000
Size:	4096

Details

Name:	0000000B.00000003.785982965.0000017916310000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17916310000
Size:	647168

Details

Name:	00000010.00000000.836483875.0000000004511000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4511000
Size:	4096

Details

Name:	00000001.00000002.798967799.0000000002431000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2431000
Size:	159744

Details

Name:	00000002.00000002.644893051.00007FF589DB7000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589DB7000
Size:	49152

Details

Name:	00000010.00000000.827440256.00000000024C0000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	24C0000
Size:	8192

Details

Name:	00000009.00000003.738379151.000001C24DD96000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD96000
Size:	147456

Details

Name:	0000000B.00000002.795288189.0000017917000000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17917000000
Size:	8192

Details

Name:	00000010.00000000.801895765.0000000000B99000.00000004.00000020.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	heap default
Protect:	page read and write
Base address:	B99000
Size:	49152

Details

Name:	00000001.00000003.796327547.00000000006C4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000010.00000000.818039159.000000000ADEE000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	ADEE000
Size:	8192

Details

Name:	00000011.00000002.909985748.00000000010C0000.00000004.00000020.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	10C0000
Size:	16384

Details

Name:	00000010.00000000.822388081.00007FF596237000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596237000
Size:	24576

Details

Name:	00000007.00000002.720810119.00007FF528A27000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF528A27000
Size:	8192

Details

Name:	00000010.00000000.822099042.00007FF596153000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596153000
Size:	24576

Details

Name:	0000000D.00000002.794436622.0000000000370000.00000002.00020000.sdmp
TargetID:	13
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	370000
Size:	4096

Details

Name:	00000010.00000000.803796898.0000000002E60000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2E60000
Size:	4096

Details

Name:	00000009.00000002.761733865.0000004D5F2FF000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4D5F2FF000
Size:	4096

Details

Name:	00000001.00000003.693225091.00000000049A0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	49A0000
Size:	20480

Details

Name:	00000010.00000000.835730529.0000000004180000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4180000
Size:	323584

Details

Name:	00000007.00000002.720154621.000002083AA80000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2083AA80000
Size:	1269760

Details

Name:	00000010.00000000.810158934.00000000042C2000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	42C2000
Size:	102400

Details

Name:	00000010.00000000.811887556.0000000005107000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	5107000
Size:	36864

Details

Name:	00000010.00000000.814696313.00000000070F0000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	70F0000
Size:	131072

Details

Name:	0000000B.00000003.783753014.0000017915C20000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17915C20000
Size:	4096

Details

Name:	00000011.00000002.910313818.0000000002EF9000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2EF9000
Size:	12288

Details

Name:	00000010.00000000.808257369.0000000003EE5000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3EE5000
Size:	8192

Details

Name:	00000003.00000002.648213695.00007FF565634000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF565634000
Size:	20480

Details

Name:	00000010.00000000.837705392.00000000051C8000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	51C8000
Size:	32768

Details

Name:	00000009.00000002.765393001.00007FF57EE8B000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EE8B000
Size:	45056

Details

Name:	0000000B.00000003.791443769.0000017913D3F000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17913D3F000
Size:	69632

Details

Name:	00000010.00000000.822871051.00007FF5963DB000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5963DB000
Size:	12288

Details

Name:	0000000F.00000002.801289161.000002197D160000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2197D160000
Size:	16384

Details

Name:	00000009.00000003.750488476.000001C24DD1D000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD1D000
Size:	36864

Details

Name:	00000010.00000000.823216327.00007FF5964F4000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5964F4000
Size:	4096

Details

Name:	00000010.00000000.818237853.000000000B8EA000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	B8EA000
Size:	24576

Details

Name:	0000000B.00000002.795236397.0000017915EC5000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17915EC5000
Size:	32768

Details

Name:	0000000F.00000002.802792952.00007FF5BB2B2000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BB2B2000
Size:	24576

Details

Name:	00000010.00000000.816304277.00000000078CE000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	78CE000
Size:	49152

Details

Name:	00000004.00000002.667298782.00007FF5B3934000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B3934000
Size:	20480

Details

Name:	00000010.00000000.811299245.0000000004890000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4890000
Size:	16384

Details

Name:	0000000B.00000002.793389366.0000017913DA1000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17913DA1000
Size:	8192

Details

Name:	00000002.00000002.644148130.000001FC46240000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1FC46240000
Size:	61440

Details

Name:	00000010.00000000.821345910.00007FF595F21000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF595F21000
Size:	12288

Details

Name:	00000010.00000000.803659767.0000000002DA0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2DA0000
Size:	733184

Details

Name:	00000010.00000000.823868251.00007FF596704000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596704000
Size:	20480

Details

Name:	0000000B.00000002.793030234.00000179139F0000.00000004.00000040.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	179139F0000
Size:	4096

Details

Name:	0000000B.00000003.788897193.0000017915B48000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17915B48000
Size:	45056

Details

Name:	00000009.00000003.750527507.000001C24DD91000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD91000
Size:	118784

Details

Name:	00000010.00000000.810671554.0000000004397000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4397000
Size:	4096

Details

Name:	00000010.00000000.836551501.00000000045A0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	45A0000
Size:	8192

Details

Name:	0000000B.00000003.786101077.0000017916510000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17916510000
Size:	421888

Details

Name:	00000010.00000000.814599230.0000000006CB0000.00000004.00000040.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	heap private
Protect:	page read and write
Base address:	6CB0000
Size:	4096

Details

Name:	00000010.00000000.829747974.00000000028C0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	28C0000
Size:	8192

Details

Name:	0000000B.00000002.796322683.00007FF5E01FE000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E01FE000
Size:	12288

Details

Name:	00000009.00000002.764197561.00007FF57ED2A000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57ED2A000
Size:	4096

Details

Name:	00000010.00000000.822317179.00007FF5961E6000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5961E6000
Size:	32768

Details

Name:	00000009.00000003.750612382.000001C24DD6B000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD6B000
Size:	20480

Details

Name:	00000002.00000002.644339124.000001FC47DC0000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1FC47DC0000
Size:	3371008

Details

Name:	00000011.00000003.900409307.0000000004F80000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4F80000
Size:	118784

Details

Name:	00000010.00000000.820938510.000000000FD93000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	FD93000
Size:	8192

Details

Name:	00000001.00000002.798183374.00000000006F0000.00000040.00000040.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page execute and read and write
Base address:	6F0000
Size:	4096

Details

Name:	00000010.00000000.817062872.000000000A64D000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	A64D000
Size:	245760

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000004.00000002.666540516.000001E73F900000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1E73F900000
Size:	4096

Details

Name:	00000010.00000000.834832058.0000000003F15000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3F15000
Size:	8192

Details

Name:	00000001.00000002.797603700.0000000000500000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	500000
Size:	806912

Details

Name:	00000002.00000002.644883290.00007FF589DAB000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589DAB000
Size:	45056

Details

Name:	0000000A.00000002.745700590.000001D2E40C0000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1D2E40C0000
Size:	806912

Details

Name:	00000009.00000003.743135626.000001C24DD38000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD38000
Size:	81920

Details

Name:	00000010.00000000.806676216.00000000035A4000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	35A4000
Size:	4096

Details

Name:	00000001.00000003.691998328.00000000049B0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	49B0000
Size:	65536

Details

Name:	00000010.00000000.802432229.0000000002500000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2500000
Size:	8192

Details

Name:	0000000B.00000002.796364589.00007FF5E020E000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E020E000
Size:	4096

Details

Name:	00000001.00000003.642360269.0000000000C30000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	C30000
Size:	8192

Details

Name:	00000010.00000000.803242694.0000000002BE0000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2BE0000
Size:	86016

Details

Name:	00000009.00000003.745977694.000001C24DD59000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD59000
Size:	81920

Details

Name:	00000007.00000003.719292681.000002083A44E000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2083A44E000
Size:	4096

Details

Name:	0000000B.00000002.796142564.00007FF5E01B7000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E01B7000
Size:	49152

Details

Name:	00000010.00000000.817579973.000000000A83C000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	A83C000
Size:	155648

Details

Name:	00000001.00000002.798153603.00000000006C0000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	6C0000
Size:	16384

Details

Name:	0000000F.00000002.802996211.00007FF5BB381000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BB381000
Size:	4096

Details

Name:	00000010.00000000.808682819.00000000040BB000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	40BB000
Size:	16384

Details

Name:	00000010.00000000.816552579.0000000007922000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7922000
Size:	311296

Details

Name:	00000010.00000000.830547892.0000000002B10000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2B10000
Size:	45056

Details

Name:	00000010.00000000.823264498.00007FF596521000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596521000
Size:	16384

Details

Name:	00000009.00000003.750569390.000001C24DD5E000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD5E000
Size:	36864

Details

Name:	00000011.00000002.910397215.0000000003029000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3029000
Size:	40960

Details

Name:	00000010.00000000.815869978.000000000775C000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	775C000
Size:	163840

Details

Name:	00000010.00000000.808393194.0000000003F94000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3F94000
Size:	110592

Details

Name:	00000010.00000000.821287651.00007FF595F10000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF595F10000
Size:	4096

Details

Name:	00000010.00000000.803117934.0000000002AD0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2AD0000
Size:	4096

Details

Name:	00000010.00000000.827293662.0000000000CF0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	CF0000
Size:	32768

Details

Name:	00000010.00000000.807486475.0000000003AA9000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3AA9000
Size:	20480

Details

Name:	00000010.00000000.803176978.0000000002B90000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2B90000
Size:	4096

Details

Name:	0000000B.00000002.796119910.00007FF5E01AB000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E01AB000
Size:	45056

Details

Name:	00000009.00000003.750503311.000001C24DD82000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD82000
Size:	4096

Details

Name:	00000007.00000002.720933916.00007FF528C9A000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF528C9A000
Size:	4096

Details

Name:	00000001.00000003.691734587.0000000004BE0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4BE0000
Size:	106496

Details

Name:	00000001.00000003.693254767.0000000004980000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4980000
Size:	65536

Details

Name:	00000010.00000000.827414221.00000000024B0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	24B0000
Size:	8192

Details

Name:	00000010.00000000.816252663.00000000078A5000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	78A5000
Size:	163840

Details

Name:	00000010.00000000.811451504.0000000004AEA000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4AEA000
Size:	24576

Details

Name:	00000010.00000000.800697948.0000000000720000.00000004.00000040.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	heap private
Protect:	page read and write
Base address:	720000
Size:	4096

Details

Name:	0000000B.00000003.778580901.0000017913C68000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17913C68000
Size:	4096

Details

Name:	00000010.00000000.823759845.00007FF596668000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596668000
Size:	40960

Details

Name:	00000009.00000003.745183870.000001C24DD98000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD98000
Size:	73728

Details

Name:	00000009.00000003.745707379.000001C24E202000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24E202000
Size:	671744

Details

Name:	00000010.00000000.811815658.0000000004F90000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4F90000
Size:	110592

Details

Name:	00000001.00000002.798300578.0000000000738000.00000004.00000040.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	738000
Size:	8192

Details

Name:	00000010.00000000.836877124.0000000004810000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4810000
Size:	4096

Details

Name:	00000001.00000003.693042913.00000000049B0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	49B0000
Size:	40960

Details

Name:	00000010.00000000.835463221.000000000409B000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	409B000
Size:	12288

Details

Name:	00000010.00000000.814919137.000000000745D000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	745D000
Size:	823296

Details

Name:	00000010.00000000.804185861.00000000031D0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	31D0000
Size:	12288

Details

Name:	00000001.00000003.692020322.0000000004990000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4990000
Size:	65536

Details

Name:	00000010.00000000.832460411.0000000003902000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3902000
Size:	24576

Details

Name:	00000010.00000000.836599432.00000000046D0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	46D0000
Size:	8192

Details

Name:	0000000F.00000002.802712973.00007FF5BAFE7000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BAFE7000
Size:	4096

Details

Name:	00000010.00000000.803145665.0000000002B10000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2B10000
Size:	45056

Details

Name:	00000010.00000000.811666821.0000000004D40000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4D40000
Size:	16384

Details

Name:	00000010.00000000.819083894.000000000CE8A000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	CE8A000
Size:	28672

Details

Name:	00000010.00000000.835275823.0000000004020000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4020000
Size:	258048

Details

Name:	00000010.00000000.808622190.0000000004074000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4074000
Size:	4096

Details

Name:	00000001.00000003.692991845.00000000049D5000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	49D5000
Size:	45056

Details

Name:	00000010.00000000.808657866.00000000040A0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	40A0000
Size:	4096

Details

Name:	00000001.00000002.801933266.00000000043F8000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	43F8000
Size:	4096

Details

Name:	00000010.00000000.821819178.00007FF5960F2000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5960F2000
Size:	4096

Details

Name:	0000000A.00000002.746064800.00007FF572394000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF572394000
Size:	20480

Details

Name:	00000001.00000002.803205492.0000000004BC0000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	4BC0000
Size:	65536

Details

Name:	00000010.00000000.827581915.0000000002560000.00000004.00000040.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	heap private
Protect:	page read and write
Base address:	2560000
Size:	8192

Details

Name:	0000000B.00000002.794560231.0000017915BF5000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17915BF5000
Size:	45056

Details

Name:	00000010.00000000.836226846.0000000004350000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4350000
Size:	53248

Details

Name:	00000010.00000000.821632522.00007FF595F8D000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF595F8D000
Size:	28672

Details

Name:	0000000B.00000003.792640356.0000017913DA3000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17913DA3000
Size:	69632

Details

Name:	00000010.00000000.823398503.00007FF596590000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596590000
Size:	4096

Details

Name:	00000010.00000000.837036284.00000000048B0000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	48B0000
Size:	4096

Details

Name:	00000011.00000002.909951480.000000000108E000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	108E000
Size:	8192

Details

Name:	00000010.00000000.821301996.00007FF595F12000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF595F12000
Size:	4096

Details

Name:	00000007.00000002.720938732.00007FF528C9C000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF528C9C000
Size:	8192

Details

Name:	00000010.00000000.802133783.0000000000BD0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	BD0000
Size:	806912

Details

Name:	0000000A.00000002.746111617.00007FF57242A000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57242A000
Size:	12288

Details

Name:	00000010.00000000.807246934.0000000003932000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3932000
Size:	24576

Details

Name:	00000010.00000000.811157564.0000000004791000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4791000
Size:	495616

Details

Name:	00000010.00000000.836374645.00000000043D0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	43D0000
Size:	126976

Details

Name:	00000009.00000002.762373923.000001C24DAE0000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DAE0000
Size:	8192

Details

Name:	00000010.00000000.817175497.000000000A6AE000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	A6AE000
Size:	159744

Details

Name:	00000010.00000000.811703788.0000000004D80000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4D80000
Size:	8192

Details

Name:	00000010.00000000.830617995.0000000002BC0000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2BC0000
Size:	122880

Details

Name:	00000004.00000002.666459124.000001E73F813000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1E73F813000
Size:	86016

Details

Name:	0000000A.00000002.745631878.000001D2E3FD6000.00000004.00000020.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	1D2E3FD6000
Size:	65536

Details

Name:	00000010.00000000.800926089.0000000000A30000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	A30000
Size:	8192

Details

Name:	00000010.00000000.809479152.00000000041F0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	41F0000
Size:	118784

Details

Name:	00000010.00000000.837119931.00000000049A0000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	49A0000
Size:	4096

Details

Name:	0000000F.00000002.802692853.00007FF5BAFDA000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BAFDA000
Size:	16384

Details

Name:	00000010.00000000.827460260.00000000024D0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	24D0000
Size:	73728

Details

Name:	0000000E.00000000.795957268.00000000004E0000.00000002.00020000.sdmp
TargetID:	14
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	4E0000
Size:	4096

Details

Name:	00000001.00000003.691932229.0000000004A12000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4A12000
Size:	4096

Details

Name:	00000001.00000003.693642146.00000000049C7000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	49C7000
Size:	36864

Details

Name:	00000010.00000000.822262341.00007FF5961D4000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5961D4000
Size:	16384

Details

Name:	00000010.00000000.835977082.000000000424D000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	424D000
Size:	73728

Details

Name:	00000009.00000003.740954068.000001C24DD73000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD73000
Size:	4096

Details

Name:	00000011.00000000.846013922.0000000001366000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	1366000
Size:	8192

Details

Name:	00000001.00000003.691766415.0000000004BC0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4BC0000
Size:	65536

Details

Name:	0000000B.00000003.791719753.0000017913D70000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17913D70000
Size:	69632

Details

Name:	00000004.00000002.666339670.000001E73F6A0000.00000004.00000020.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	1E73F6A0000
Size:	8192

Details

Name:	0000000F.00000002.801782594.000002197D302000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2197D302000
Size:	36864

Details

Name:	00000004.00000002.667114723.00007FF5B312C000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B312C000
Size:	4096

Details

Name:	00000009.00000003.739755679.000001C24DD59000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD59000
Size:	28672

Details

Name:	00000010.00000000.816647580.0000000007D67000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	7D67000
Size:	36864

Details

Name:	0000000B.00000002.792935125.00000047E72FB000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	47E72FB000
Size:	20480

Details

Name:	00000010.00000000.837254571.0000000004BF0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4BF0000
Size:	4096

Details

Name:	00000001.00000003.692007709.00000000049A0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	49A0000
Size:	32768

Details

Name:	0000000B.00000003.785808360.0000017915F83000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17915F83000
Size:	139264

Details

Name:	00000010.00000000.811241407.0000000004810000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4810000
Size:	4096

Details

Name:	00000010.00000000.822534995.00007FF5962C8000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5962C8000
Size:	8192

Details

Name:	00000010.00000000.824675739.00007FFAA5B33000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFAA5B33000
Size:	90112

Details

Name:	0000000B.00000003.791387329.0000017913C8A000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17913C8A000
Size:	16384

Details

Name:	00000010.00000000.808611667.0000000004062000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4062000
Size:	69632

Details

Name:	00000010.00000000.803404057.0000000002C5A000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2C5A000
Size:	69632

Details

Name:	00000001.00000003.796551885.00000000006C4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	6C4000
Size:	8192

Details

Name:	00000002.00000003.643107445.000001FC4626E000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1FC4626E000
Size:	24576

Details

Name:	00000009.00000002.764153543.00007FF57ED23000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57ED23000
Size:	24576

Details

Name:	00000010.00000000.821701143.00007FF595FB1000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF595FB1000
Size:	8192

Details

Name:	00000011.00000002.910469167.0000000003066000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	3066000
Size:	16384

Details

Name:	0000000B.00000002.793252220.0000017913C41000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17913C41000
Size:	90112

Details

Name:	00000010.00000000.835539231.00000000040C0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	40C0000
Size:	454656

Details

Name:	00000011.00000003.848334517.00000000010C4000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	10C4000
Size:	4096

Details

Name:	00000003.00000002.647923245.00007FF564DAD000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF564DAD000
Size:	12288

Details

Name:	00000010.00000000.810987100.00000000045A0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	45A0000
Size:	8192

Details

Name:	00000007.00000002.720699651.00007FF5284F6000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5284F6000
Size:	16384

Details

Name:	00000004.00000002.667321057.00007FF5B394E000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B394E000
Size:	16384

Details

Name:	00000009.00000002.765663303.00007FF57EF71000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EF71000
Size:	20480

Details

Name:	00000007.00000002.720849631.00007FF528B53000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF528B53000
Size:	8192

Details

Name:	00000010.00000000.822412790.00007FF596253000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596253000
Size:	12288

Details

Name:	00000011.00000003.848059129.00000000010C4000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	10C4000
Size:	4096

Details

Name:	00000010.00000000.823273710.00007FF596528000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596528000
Size:	28672

Details

Name:	00000010.00000000.821772697.00007FF595FC5000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF595FC5000
Size:	24576

Details

Name:	0000000B.00000002.792927298.00000047E727B000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	47E727B000
Size:	20480

Details

Name:	00000010.00000000.832261793.00000000038A9000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	38A9000
Size:	53248

Details

Name:	00000007.00000002.720116952.000002083A470000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2083A470000
Size:	61440

Details

Name:	00000010.00000000.830591472.0000000002B50000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2B50000
Size:	24576

Details

Name:	00000001.00000003.691688864.0000000004C50000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4C50000
Size:	65536

Details

Name:	00000010.00000000.830969401.0000000002D3E000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2D3E000
Size:	8192

Details

Name:	00000010.00000000.830519312.0000000002AE0000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2AE0000
Size:	4096

Details

Name:	0000000F.00000002.802779020.00007FF5BB218000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BB218000
Size:	4096

Details

Name:	00000010.00000000.837376998.0000000004D20000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4D20000
Size:	8192

Details

Name:	00000001.00000002.798439242.00000000007F1000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	7F1000
Size:	20480

Details

Name:	00000010.00000000.800867174.0000000000A10000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	A10000
Size:	8192

Details

Name:	00000010.00000000.830400975.0000000002930000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2930000
Size:	16384

Details

Name:	00000002.00000002.644906504.00007FF589DCC000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589DCC000
Size:	4096

Details

Name:	0000000B.00000002.793153767.0000017913B30000.00000008.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page write copy
Base address:	17913B30000
Size:	266240

Details

Name:	0000000B.00000003.786519255.0000017917102000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17917102000
Size:	143360

Details

Name:	00000010.00000000.821583477.00007FF595F55000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF595F55000
Size:	20480

Details

Name:	00000010.00000000.806708500.00000000035CB000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	35CB000
Size:	1597440

Details

Name:	00000010.00000000.816475737.0000000007905000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7905000
Size:	24576

Details

Name:	00000010.00000000.836304024.0000000004397000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4397000
Size:	4096

Details

Name:	00000004.00000002.667163601.00007FF5B37DB000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B37DB000
Size:	8192

Details

Name:	00000010.00000000.814228996.000000000682F000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	682F000
Size:	4096

Details

Name:	00000010.00000000.837684897.0000000005120000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	5120000
Size:	20480

Details

Name:	0000000B.00000002.793356961.0000017913CEF000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17913CEF000
Size:	16384

Details

Name:	00000010.00000000.806963299.00000000037A7000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	37A7000
Size:	303104

Details

Name:	0000000F.00000002.802803935.00007FF5BB2D3000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BB2D3000
Size:	8192

Details

Name:	0000000B.00000002.795634670.00007FF5DFE6F000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5DFE6F000
Size:	8192

Details

Name:	00000001.00000003.691622287.0000000004CC0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4CC0000
Size:	65536

Details

Name:	0000000A.00000002.745995777.00007FF572340000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF572340000
Size:	16384

Details

Name:	0000000B.00000002.794726897.0000017915C60000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	17915C60000
Size:	73728

Details

Name:	00000010.00000000.815584688.0000000007692000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7692000
Size:	421888

Details

Name:	0000000E.00000003.839139524.00000000009C4000.00000004.00000001.sdmp
TargetID:	14
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	9C4000
Size:	4096

Details

Name:	00000010.00000000.832227569.00000000038A2000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	38A2000
Size:	24576

Details

Name:	00000010.00000000.836102972.00000000042DD000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	42DD000
Size:	4096

Details

Name:	0000000B.00000003.778505569.0000017913C69000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17913C69000
Size:	32768

Details

Name:	00000010.00000000.808187190.0000000003EA2000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3EA2000
Size:	73728

Details

Name:	00000010.00000000.823598421.00007FF59660C000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59660C000
Size:	8192

Details

Name:	00000004.00000002.666482369.000001E73F83C000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1E73F83C000
Size:	40960

Details

Name:	00000002.00000002.644923551.00007FF589DE4000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589DE4000
Size:	4096

Details

Name:	00000010.00000000.823095522.00007FF5964C1000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5964C1000
Size:	32768

Details

Name:	00000009.00000003.750584441.000001C24DD5E000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD5E000
Size:	36864

Details

Name:	00000003.00000002.648181211.00007FF5655BE000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5655BE000
Size:	4096

Details

Name:	00000010.00000000.830950608.0000000002CAC000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2CAC000
Size:	32768

Details

Name:	00000001.00000002.798728733.00000000009C0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	9C0000
Size:	4096

Details

Name:	0000000E.00000002.848149879.000000000103B000.00000040.00000001.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	103B000
Size:	4096

Details

Name:	00000010.00000000.831146765.0000000002F70000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2F70000
Size:	4096

Details

Name:	0000000A.00000002.746105917.00007FF572424000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF572424000
Size:	20480

Details

Name:	00000010.00000000.836610367.00000000046E0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	46E0000
Size:	8192

Details

Name:	00000010.00000000.835154571.0000000003FB4000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3FB4000
Size:	110592

Details

Name:	00000011.00000002.910826461.0000000005040000.00000040.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	5040000
Size:	1150976

Signature Hits	Behavior Group	Mitre Attack
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000001.00000002.798285188.0000000000730000.00000004.00000040.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	730000
Size:	24576

Details

Name:	00000003.00000002.648155346.00007FF56559A000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF56559A000
Size:	20480

Details

Name:	00000010.00000000.811321224.00000000048B0000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	48B0000
Size:	4096

Details

Name:	00000009.00000002.765476749.00007FF57EED4000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EED4000
Size:	20480

Details

Name:	0000000B.00000002.792951227.00000047E73FA000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	47E73FA000
Size:	24576

Details

Name:	0000000F.00000002.802756557.00007FF5BB1F1000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BB1F1000
Size:	4096

Details

Name:	00000011.00000003.847050059.0000000000F3C000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	F3C000
Size:	24576

Details

Name:	0000000F.00000002.800091883.0000009EA26EB000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	9EA26EB000
Size:	20480

Details

Name:	00000010.00000000.823643030.00007FF596620000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596620000
Size:	16384

Details

Name:	00000010.00000000.837494453.0000000004F0A000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4F0A000
Size:	45056

Details

Name:	00000004.00000002.667354015.00007FF5B39CA000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B39CA000
Size:	12288

Details

Name:	00000011.00000002.910588065.0000000003440000.00000004.00000040.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	3440000
Size:	12288

Details

Name:	0000000B.00000002.792845096.00000047E6C7F000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	47E6C7F000
Size:	4096

Details

Name:	00000010.00000000.823719363.00007FF59664C000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59664C000
Size:	4096

Details

Name:	0000000B.00000002.794533152.0000017915BED000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17915BED000
Size:	12288

Details

Name:	0000000A.00000002.745987181.00007FF57201A000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57201A000
Size:	4096

Details

Name:	0000000B.00000003.778876123.0000017913C6A000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17913C6A000
Size:	28672

Details

Name:	0000000B.00000002.793380369.0000017913D13000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17913D13000
Size:	40960

Details

Name:	00000002.00000002.644087263.000000D58DD7F000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	D58DD7F000
Size:	4096

Details

Name:	00000003.00000002.647301375.000001BD50F02000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1BD50F02000
Size:	40960

Details

Name:	00000001.00000003.642472204.0000000000720000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	720000
Size:	49152

Details

Name:	0000000F.00000002.800304573.0000009EA2CFF000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	9EA2CFF000
Size:	4096

Details

Name:	00000002.00000002.644848882.00007FF589D63000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589D63000
Size:	8192

Details

Name:	00000003.00000002.648138331.00007FF565588000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF565588000
Size:	24576

Details

Name:	0000000B.00000000.772647088.00007FF5E0292000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E0292000
Size:	16384

Details

Name:	00000001.00000003.692014148.00000000049A9000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	49A9000
Size:	28672

Details

Name:	00000010.00000000.814680551.000000000706A000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	706A000
Size:	24576

Details

Name:	00000010.00000000.803064183.00000000029BA000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	29BA000
Size:	24576

Details

Name:	00000001.00000003.794118561.0000000000858000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	858000
Size:	122880

Details

Name:	0000000E.00000002.846912293.00000000004E0000.00000002.00020000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	4E0000
Size:	4096

Details

Name:	00000009.00000002.764038982.00007FF57ECB4000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57ECB4000
Size:	4096

Details

Name:	00000009.00000003.742246466.000001C24DDA6000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DDA6000
Size:	294912

Details

Name:	00000011.00000002.910922664.000000000515F000.00000040.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	515F000
Size:	1601536

Details

Name:	00000010.00000000.821377422.00007FF595F25000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF595F25000
Size:	8192

Details

Name:	0000000B.00000002.794598921.0000017915C10000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	17915C10000
Size:	12288

Details

Name:	0000000F.00000002.802872094.00007FF5BB327000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BB327000
Size:	49152

Details

Name:	00000010.00000000.823240175.00007FF596501000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596501000
Size:	4096

Details

Name:	00000011.00000002.910558814.000000000339E000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	339E000
Size:	8192

Details

Name:	00000009.00000003.739761760.000001C24DD79000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD79000
Size:	49152

Details

Name:	00000010.00000000.811334545.00000000048D0000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	48D0000
Size:	4096

Details

Name:	00000010.00000000.830387633.0000000002900000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2900000
Size:	12288

Details

Name:	00000010.00000000.817934608.000000000AB70000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	AB70000
Size:	507904

Details

Name:	00000003.00000002.646840692.00000036884FF000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	36884FF000
Size:	4096

Details

Name:	00000010.00000000.823204795.00007FF5964F0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5964F0000
Size:	12288

Details

Name:	00000010.00000000.837202945.0000000004B6C000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4B6C000
Size:	16384

Details

Name:	00000010.00000000.816426285.00000000078F7000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	78F7000
Size:	4096

Details

Name:	00000009.00000003.738443739.000001C24DD55000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD55000
Size:	4096

Details

Name:	00000001.00000003.691899183.0000000004B40000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4B40000
Size:	65536

Details

Name:	00000009.00000003.740908792.000001C24DDA5000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DDA5000
Size:	221184

Details

Name:	00000010.00000000.813603979.0000000005D48000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	5D48000
Size:	32768

Details

Name:	00000002.00000002.644929759.00007FF589DEA000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589DEA000
Size:	20480

Details

Name:	0000000A.00000002.745515250.000000219C4BA000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	219C4BA000
Size:	24576

Details

Name:	00000011.00000002.909916918.0000000000F18000.00000004.00000020.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	F18000
Size:	106496

Details

Name:	00000010.00000000.809701819.0000000004242000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4242000
Size:	12288

Details

Name:	00000009.00000002.765093898.00007FF57EE54000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EE54000
Size:	16384

Details

Name:	00000010.00000000.811252415.0000000004820000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4820000
Size:	4096

Details

Name:	00000003.00000002.647224237.000001BD50E3F000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1BD50E3F000
Size:	61440

Details

Name:	00000010.00000000.810773448.00000000043C7000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	43C7000
Size:	4096

Details

Name:	00000010.00000000.822515601.00007FF5962AF000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5962AF000
Size:	8192

Details

Name:	00000001.00000003.691821396.0000000004BA0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4BA0000
Size:	65536

Details

Name:	00000011.00000002.909943411.000000000104E000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	104E000
Size:	8192

Details

Name:	00000001.00000003.691652680.0000000004C90000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4C90000
Size:	65536

Details

Name:	00000010.00000000.823029618.00007FF596493000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596493000
Size:	4096

Details

Name:	00000007.00000002.720024401.000002083A3C0000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2083A3C0000
Size:	4096

Details

Name:	00000004.00000002.667231387.00007FF5B38E0000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B38E0000
Size:	16384

Details

Name:	00000010.00000000.817924607.000000000AB6B000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	AB6B000
Size:	20480

Details

Name:	00000011.00000003.878063481.0000000004F80000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4F80000
Size:	122880

Details

Name:	00000010.00000000.803011422.00000000028F0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	28F0000
Size:	8192

Details

Name:	00000009.00000002.765646709.00007FF57EF6A000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EF6A000
Size:	12288

Details

Name:	00000001.00000002.803222085.0000000004CCE000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4CCE000
Size:	8192

Details

Name:	00000001.00000002.797950963.00000000005F0000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	5F0000
Size:	28672

Details

Name:	00000010.00000000.837756608.00000000052CE000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	52CE000
Size:	8192

Details

Name:	00000002.00000002.644185437.000001FC46313000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1FC46313000
Size:	20480

Details

Name:	00000010.00000000.830430869.0000000002ABE000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2ABE000
Size:	8192

Details

Name:	00000009.00000003.736980480.000001C24DD73000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD73000
Size:	102400

Details

Name:	00000001.00000003.691679520.0000000004C60000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4C60000
Size:	65536

Details

Name:	00000010.00000000.819351515.000000000D8E0000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	D8E0000
Size:	8192

Details

Name:	00000001.00000003.693139090.00000000049A0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	49A0000
Size:	12288

Details

Name:	00000001.00000003.693460661.0000000004A10000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4A10000
Size:	65536

Details

Name:	00000010.00000000.808337710.0000000003F57000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3F57000
Size:	4096

Details

Name:	00000010.00000000.821865596.00007FF596102000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596102000
Size:	12288

Details

Name:	00000002.00000002.644069905.000000D58DBFE000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	D58DBFE000
Size:	8192

Details

Name:	00000010.00000000.804044237.0000000003090000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3090000
Size:	69632

Details

Name:	00000010.00000000.818129266.000000000B26A000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	B26A000
Size:	24576

Details

Name:	00000009.00000003.745865090.000001C24DD7D000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD7D000
Size:	61440

Details

Name:	00000003.00000002.647326630.000001BD51000000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1BD51000000
Size:	32768

Details

Name:	0000000E.00000003.797584984.0000000000960000.00000004.00000001.sdmp
TargetID:	14
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	960000
Size:	126976

Details

Name:	00000009.00000002.761633526.0000004D5EC7F000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4D5EC7F000
Size:	4096

Details

Name:	00000009.00000002.764580231.00007FF57EDE4000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EDE4000
Size:	4096

Details

Name:	00000010.00000000.810974353.0000000004580000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4580000
Size:	4096

Details

Name:	00000001.00000003.693503031.00000000049F0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	49F0000
Size:	65536

Details

Name:	00000009.00000003.743090105.000001C24DD35000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD35000
Size:	94208

Details

Name:	00000006.00000002.705328833.000002E19068E000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2E19068E000
Size:	12288

Details

Name:	00000010.00000000.825226576.00000000007D6000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	7D6000
Size:	40960

Details

Name:	00000009.00000003.737026444.000001C24DD32000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD32000
Size:	4096

Details

Name:	00000010.00000000.801726151.0000000000B75000.00000004.00000020.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	heap default
Protect:	page read and write
Base address:	B75000
Size:	143360

Details

Name:	00000010.00000000.807049498.0000000003847000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3847000
Size:	368640

Details

Name:	00000001.00000003.692802952.0000000004B30000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4B30000
Size:	49152

Details

Name:	00000010.00000000.822571132.00007FF5962E8000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5962E8000
Size:	24576

Details

Name:	00000006.00000002.706222424.00007FF530AD4000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF530AD4000
Size:	4096

Details

Name:	00000009.00000002.765545684.00007FF57EEEE000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EEEE000
Size:	16384

Details

Name:	00000004.00000002.667337495.00007FF5B395D000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B395D000
Size:	16384

Details

Name:	00000009.00000003.742425629.000001C24DD5B000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD5B000
Size:	40960

Details

Name:	00000010.00000000.821603631.00007FF595F60000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF595F60000
Size:	12288

Details

Name:	0000000F.00000002.802829467.00007FF5BB310000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BB310000
Size:	16384

Details

Name:	00000009.00000002.763171955.00007FF57E7D7000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57E7D7000
Size:	4096

Details

Name:	0000000B.00000003.773795582.0000017913C68000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17913C68000
Size:	40960

Details

Name:	00000006.00000002.706105036.00007FF530A6B000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF530A6B000
Size:	8192

Details

Name:	00000010.00000000.823730116.00007FF59664F000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59664F000
Size:	16384

Details

Name:	00000001.00000002.802020520.0000000004590000.00000002.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	4590000
Size:	3371008

Details

Name:	00000009.00000003.751542997.000001C24DD3D000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD3D000
Size:	65536

Details

Name:	00000009.00000002.762394953.000001C24DC02000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DC02000
Size:	4096

Details

Name:	0000000B.00000002.794435503.0000017915BC1000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17915BC1000
Size:	65536

Details

Name:	00000009.00000003.742412250.000001C24DD5B000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD5B000
Size:	40960

Details

Name:	00000011.00000002.910454106.000000000304F000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	304F000
Size:	4096

Details

Name:	0000000B.00000002.795764114.00007FF5DFFD6000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5DFFD6000
Size:	4096

Details

Name:	00000006.00000002.706819821.00007FF530C61000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF530C61000
Size:	20480

Details

Name:	00000009.00000002.762361612.000001C24DAD0000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1C24DAD0000
Size:	12288

Details

Name:	00000010.00000000.835514560.00000000040BB000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	40BB000
Size:	16384

Details

Name:	00000009.00000003.742172142.000001C24DD90000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD90000
Size:	73728

Details

Name:	00000004.00000002.666439157.000001E73F790000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1E73F790000
Size:	4096

Details

Name:	00000006.00000002.706637365.00007FF530BC4000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF530BC4000
Size:	20480

Details

Name:	00000010.00000000.824640686.00007FFAA5B2D000.00000008.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page write copy
Base address:	7FFAA5B2D000
Size:	4096

Details

Name:	00000010.00000000.822635543.00007FF5962FD000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5962FD000
Size:	16384

Details

Name:	0000000B.00000003.785607765.0000017916510000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17916510000
Size:	339968

Details

Name:	00000010.00000000.822354502.00007FF5961FC000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5961FC000
Size:	12288

Details

Name:	00000002.00000002.644788691.00007FF589BC1000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589BC1000
Size:	12288

Details

Name:	00000002.00000002.644876906.00007FF589DA5000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589DA5000
Size:	12288

Details

Name:	00000009.00000003.743674189.000001C24E202000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24E202000
Size:	4096

Details

Name:	00000001.00000003.693541030.00000000049E0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	49E0000
Size:	12288

Details

Name:	0000000B.00000003.789146198.0000017915ECD000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17915ECD000
Size:	8192

Details

Name:	00000010.00000000.832032865.0000000003817000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3817000
Size:	40960

Details

Name:	00000010.00000000.831710608.0000000003592000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3592000
Size:	69632

Details

Name:	00000002.00000002.644063105.000000D58DB79000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	D58DB79000
Size:	28672

Details

Name:	00000007.00000002.720821589.00007FF528A30000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF528A30000
Size:	4096

Details

Name:	00000010.00000000.820872819.000000000FD51000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	FD51000
Size:	262144

Details

Name:	0000000B.00000003.786216699.0000017916610000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17916610000
Size:	331776

Details

Name:	00000001.00000003.692669940.0000000004BB0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4BB0000
Size:	36864

Details

Name:	00000010.00000000.807301503.0000000003962000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3962000
Size:	24576

Details

Name:	00000010.00000000.802462486.0000000002563000.00000004.00000040.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	heap private
Protect:	page read and write
Base address:	2563000
Size:	49152

Details

Name:	00000009.00000002.762471407.000001C24DD61000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD61000
Size:	16384

Details

Name:	0000000B.00000002.795971578.00007FF5E0142000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E0142000
Size:	24576

Details

Name:	00000006.00000002.705211754.000002E190600000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2E190600000
Size:	73728

Details

Name:	0000000F.00000002.802966767.00007FF5BB36E000.00000002.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5BB36E000
Size:	12288

Details

Name:	00000010.00000000.821931951.00007FF596112000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596112000
Size:	8192

Details

Name:	0000000B.00000002.795861301.00007FF5E0081000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E0081000
Size:	4096

Details

Name:	00000010.00000000.807005347.00000000037F2000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	37F2000
Size:	86016

Details

Name:	0000000B.00000002.795917629.00007FF5E00E6000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E00E6000
Size:	12288

Details

Name:	00000009.00000003.748058245.000001C24DD6D000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD6D000
Size:	16384

Details

Name:	00000010.00000000.823372820.00007FF596584000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596584000
Size:	24576

Details

Name:	00000007.00000002.721015671.00007FF528CDC000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF528CDC000
Size:	4096

Details

Name:	00000009.00000002.764378565.00007FF57EDCD000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EDCD000
Size:	20480

Details

Name:	00000010.00000000.823161137.00007FF5964E1000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5964E1000
Size:	20480

Details

Name:	0000000E.00000002.847135129.00000000009B0000.00000002.00000001.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	9B0000
Size:	16384

Details

Name:	00000007.00000002.721060020.00007FF528D04000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF528D04000
Size:	20480

Details

Name:	00000009.00000003.745833084.000001C24DD3C000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD3C000
Size:	61440

Details

Name:	00000007.00000002.720035431.000002083A400000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2083A400000
Size:	4096

Details

Name:	00000007.00000002.721001704.00007FF528CC7000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF528CC7000
Size:	49152

Details

Name:	00000001.00000003.693748289.0000000004990000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4990000
Size:	65536

Details

Name:	00000009.00000002.764631374.00007FF57EDEC000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EDEC000
Size:	8192

Details

Name:	0000000B.00000003.778591537.0000017913C6A000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17913C6A000
Size:	28672

Details

Name:	00000010.00000000.802306294.0000000000CE0000.00000004.00000040.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	heap private
Protect:	page read and write
Base address:	CE0000
Size:	16384

Details

Name:	0000000E.00000002.847168979.00000000009D0000.00000002.00000001.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	9D0000
Size:	806912

Details

Name:	00000010.00000000.822433210.00007FF596277000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596277000
Size:	4096

Details

Name:	0000000B.00000003.792319511.0000017916010000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17916010000
Size:	610304

Details

Name:	00000001.00000003.642368498.0000000000720000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	720000
Size:	24576

Details

Name:	00000010.00000000.817547501.000000000A821000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	A821000
Size:	94208

Details

Name:	00000010.00000000.808645777.0000000004094000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4094000
Size:	4096

Details

Name:	00000001.00000002.798069158.000000000069D000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	69D000
Size:	4096

Details

Name:	00000002.00000002.644083955.000000D58DCFF000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	D58DCFF000
Size:	4096

Details

Name:	00000010.00000000.822600808.00007FF5962F7000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5962F7000
Size:	8192

Details

Name:	00000001.00000002.798014735.0000000000684000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	684000
Size:	4096

Details

Name:	00000010.00000000.836495396.0000000004560000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4560000
Size:	8192

Details

Name:	00000011.00000002.909907375.0000000000F10000.00000004.00000020.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	F10000
Size:	24576

Details

Name:	0000000B.00000002.795664281.00007FF5DFF5B000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5DFF5B000
Size:	12288

Details

Name:	0000000B.00000002.792973900.00000047E757C000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	47E757C000
Size:	16384

Details

Name:	00000006.00000002.705239258.000002E190629000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2E190629000
Size:	73728

Details

Name:	0000000F.00000002.801447801.000002197D229000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2197D229000
Size:	86016

Details

Name:	0000000E.00000002.847115972.000000000099E000.00000004.00000001.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	99E000
Size:	8192

Details

Name:	00000010.00000000.825294930.0000000000A40000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	A40000
Size:	20480

Details

Name:	00000004.00000002.666343681.000001E73F6B0000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1E73F6B0000
Size:	806912

Details

Name:	00000006.00000002.705293144.000002E190655000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2E190655000
Size:	69632

Details

Name:	00000007.00000002.720721006.00007FF528876000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF528876000
Size:	32768

Details

Name:	00000002.00000003.643783028.000001FC46270000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1FC46270000
Size:	16384

Details

Name:	00000001.00000003.691718354.0000000004C20000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4C20000
Size:	65536

Details

Name:	0000000B.00000003.789075702.0000017913CEE000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17913CEE000
Size:	20480

Details

Name:	00000009.00000002.765402995.00007FF57EE97000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EE97000
Size:	49152

Details

Name:	00000010.00000000.810949065.0000000004511000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4511000
Size:	4096

Details

Name:	00000010.00000000.823888629.00007FF596711000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596711000
Size:	20480

Details

Name:	0000000B.00000002.795984495.00007FF5E0163000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E0163000
Size:	8192

Details

Name:	00000009.00000003.735707346.000001C24D4ED000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24D4ED000
Size:	36864

Details

Name:	0000000E.00000003.839206129.00000000009C4000.00000004.00000001.sdmp
TargetID:	14
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	9C4000
Size:	4096

Details

Name:	00000009.00000003.742473585.000001C24DD5E000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD5E000
Size:	28672

Details

Name:	00000010.00000000.820848817.000000000FD42000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	FD42000
Size:	28672

Details

Name:	00000010.00000000.811954112.00000000052D0000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	52D0000
Size:	5242880

Details

Name:	0000000A.00000002.746014552.00007FF572345000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF572345000
Size:	12288

Details

Name:	0000000E.00000003.797756275.00000000009C4000.00000004.00000001.sdmp
TargetID:	14
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	9C4000
Size:	4096

Details

Name:	00000010.00000000.830585046.0000000002B32000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2B32000
Size:	4096

Details

Name:	00000006.00000002.706579684.00007FF530B9F000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF530B9F000
Size:	16384

Details

Name:	0000000E.00000003.846700310.00000000009C4000.00000004.00000001.sdmp
TargetID:	14
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	9C4000
Size:	4096

Details

Name:	00000007.00000002.720926054.00007FF528C1C000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF528C1C000
Size:	8192

Details

Name:	00000001.00000003.692038809.0000000004970000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4970000
Size:	65536

Details

Name:	00000009.00000002.761639000.0000004D5EE78000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4D5EE78000
Size:	32768

Details

Name:	00000002.00000000.642417943.00007FF589E92000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589E92000
Size:	16384

Details

Name:	00000003.00000002.647313699.000001BD50F13000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1BD50F13000
Size:	20480

Details

Name:	00000010.00000000.821785201.00007FF595FD7000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF595FD7000
Size:	8192

Details

Name:	00000001.00000003.792667064.00000000009D0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	9D0000
Size:	65536

Details

Name:	00000003.00000002.647939680.00007FF56521A000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF56521A000
Size:	16384

Details

Name:	00000004.00000002.666524968.000001E73F88A000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1E73F88A000
Size:	12288

Details

Name:	00000011.00000000.846518538.00000000011A0000.00000040.00000001.sdmp
TargetID:	17
Dumpstage:	process new
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	11A0000
Size:	1523712

Details

Name:	00000006.00000002.706092511.00007FF530A13000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF530A13000
Size:	8192

Details

Name:	00000003.00000002.647935100.00007FF56520C000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF56520C000
Size:	8192

Details

Name:	00000010.00000000.806663808.0000000003592000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3592000
Size:	69632

Details

Name:	00000010.00000000.808426101.0000000003FB4000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3FB4000
Size:	110592

Details

Name:	00000010.00000000.817470278.000000000A7EF000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	A7EF000
Size:	4096

Details

Name:	0000000B.00000003.786686516.0000017916310000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17916310000
Size:	720896

Details

Name:	0000000B.00000002.795797309.00007FF5DFFF1000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5DFFF1000
Size:	12288

Details

Name:	00000006.00000002.706451855.00007FF530B75000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF530B75000
Size:	12288

Details

Name:	00000010.00000000.836449893.0000000004498000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4498000
Size:	32768

Details

Name:	00000010.00000000.815361294.00000000075FF000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	75FF000
Size:	61440

Details

Name:	00000010.00000000.822684847.00007FF59633E000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59633E000
Size:	98304

Details

Name:	00000010.00000000.833943277.0000000003B2C000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3B2C000
Size:	1474560

Details

Name:	00000010.00000000.816709455.0000000008267000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	8267000
Size:	36864

Details

Name:	00000010.00000000.826038840.0000000000BD0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	BD0000
Size:	806912

Details

Name:	00000009.00000002.762349831.000001C24DAC0000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	1C24DAC0000
Size:	65536

Details

Name:	00000010.00000000.817669070.000000000A897000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	A897000
Size:	1089536

Details

Name:	00000010.00000000.801132985.0000000000AA0000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	AA0000
Size:	8192

Details

Name:	00000006.00000002.706613476.00007FF530BB4000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF530BB4000
Size:	4096

Details

Name:	00000010.00000000.810616574.0000000004370000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4370000
Size:	4096

Details

Name:	00000010.00000000.811907391.0000000005120000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	5120000
Size:	20480

Details

Name:	00000010.00000000.829756986.00000000028D0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	28D0000
Size:	73728

Details

Name:	00000010.00000000.802106703.0000000000BB4000.00000004.00000020.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	heap default
Protect:	page read and write
Base address:	BB4000
Size:	110592

Details

Name:	0000000B.00000003.786754951.0000017916410000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17916410000
Size:	692224

Details

Name:	0000000B.00000002.795099532.0000017915E12000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17915E12000
Size:	131072

Details

Name:	00000010.00000000.801155548.0000000000AB0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	AB0000
Size:	16384

Details

Name:	0000000B.00000002.796081723.00007FF5E019E000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E019E000
Size:	4096

Details

Name:	00000010.00000000.817827864.000000000A9A2000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	A9A2000
Size:	45056

Details

Name:	00000010.00000000.837597374.0000000004FF0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4FF0000
Size:	8192

Details

Name:	00000009.00000002.765557677.00007FF57EEF6000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EEF6000
Size:	8192

Details

Name:	00000010.00000000.823916192.00007FFAA5990000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFAA5990000
Size:	4096

Details

Name:	00000001.00000003.692830559.0000000004B3D000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4B3D000
Size:	12288

Details

Name:	0000000A.00000002.745559505.000000219C8F9000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	219C8F9000
Size:	28672

Details

Name:	00000010.00000000.816785163.00000000084EE000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	84EE000
Size:	8192

Details

Name:	00000010.00000000.838615711.0000000005A00000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	5A00000
Size:	585728

Details

Name:	00000010.00000000.827513503.0000000002500000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2500000
Size:	8192

Details

Name:	0000000B.00000003.786605968.0000017916210000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17916210000
Size:	622592

Details

Name:	00000010.00000000.825831598.0000000000B99000.00000004.00000020.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	heap default
Protect:	page read and write
Base address:	B99000
Size:	49152

Details

Name:	00000010.00000000.823798089.00007FF596688000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596688000
Size:	12288

Details

Name:	00000009.00000002.765346848.00007FF57EE7A000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EE7A000
Size:	8192

Details

Name:	00000011.00000000.846290381.00000000030E3000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	30E3000
Size:	16384

Details

Name:	00000010.00000000.822201625.00007FF59618C000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF59618C000
Size:	12288

Details

Name:	00000004.00000002.666549292.000001E73F908000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1E73F908000
Size:	12288

Details

Name:	00000002.00000002.644176884.000001FC46302000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1FC46302000
Size:	40960

Details

Name:	00000010.00000000.816678107.000000000806F000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	806F000
Size:	4096

Details

Name:	00000010.00000000.830577793.0000000002B20000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2B20000
Size:	4096

Details

Name:	0000000B.00000002.795747313.00007FF5DFFD4000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5DFFD4000
Size:	4096

Details

Name:	00000002.00000002.644857009.00007FF589D9A000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589D9A000
Size:	8192

Details

Name:	00000001.00000002.802895864.0000000004A1E000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4A1E000
Size:	8192

Details

Name:	00000010.00000000.810485894.0000000004350000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4350000
Size:	53248

Details

Name:	00000009.00000003.740972355.000001C24DDBF000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DDBF000
Size:	114688

Details

Name:	00000001.00000003.796479846.00000000006C4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	6C4000
Size:	8192

Details

Name:	00000010.00000000.814024955.0000000006814000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	6814000
Size:	12288

Details

Name:	0000000B.00000003.785918609.0000017916210000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17916210000
Size:	622592

Details

Name:	00000001.00000003.693333085.0000000004B80000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4B80000
Size:	16384

Details

Name:	00000010.00000000.835219835.0000000003FD4000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3FD4000
Size:	307200

Details

Name:	0000000B.00000002.796213019.00007FF5E01D7000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E01D7000
Size:	28672

Details

Name:	00000006.00000002.705309730.000002E190667000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2E190667000
Size:	77824

Details

Name:	00000010.00000000.823572734.00007FF596608000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596608000
Size:	4096

Details

Name:	00000010.00000000.837439101.0000000004D60000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4D60000
Size:	4096

Details

Name:	00000009.00000003.750460268.000001C24DD83000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD83000
Size:	176128

Details

Name:	00000010.00000000.832498338.0000000003909000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3909000
Size:	53248

Details

Name:	00000001.00000003.642514636.0000000000720000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	720000
Size:	20480

Details

Name:	00000010.00000000.834396397.0000000003C95000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3C95000
Size:	20480

Details

Name:	00000010.00000000.803852077.0000000002F90000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2F90000
Size:	294912

Details

Name:	00000010.00000000.820774125.000000000FCE0000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	FCE0000
Size:	61440

Details

Name:	00000010.00000000.810006584.0000000004292000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4292000
Size:	192512

Details

Name:	00000001.00000003.691700782.0000000004C40000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4C40000
Size:	65536

Details

Name:	00000006.00000002.706496747.00007FF530B7B000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF530B7B000
Size:	45056

Details

Name:	00000006.00000002.706380048.00007FF530B6E000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF530B6E000
Size:	4096

Details

Name:	0000000B.00000002.793015076.00000047E77FC000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	47E77FC000
Size:	16384

Details

Name:	00000010.00000000.802335692.0000000001080000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	1080000
Size:	299008

Details

Name:	00000011.00000002.910298241.0000000002E7C000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2E7C000
Size:	8192

Details

Name:	00000001.00000003.692915550.00000000049F6000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	49F6000
Size:	16384

Details

Name:	00000007.00000002.719885661.000000E496A7B000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	E496A7B000
Size:	20480

Details

Name:	0000000B.00000002.795072488.0000017915E00000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17915E00000
Size:	40960

Details

Name:	0000000B.00000002.794422869.0000017915BB5000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17915BB5000
Size:	36864

Details

Name:	00000009.00000003.743872104.000001C24DD66000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD66000
Size:	8192

Details

Name:	00000010.00000000.803272888.0000000002BF6000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2BF6000
Size:	28672

Details

Name:	00000001.00000003.691875448.0000000004B6F000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4B6F000
Size:	8192

Details

Name:	00000010.00000000.803443564.0000000002C7A000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2C7A000
Size:	36864

Details

Name:	00000001.00000003.691833301.0000000004B90000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4B90000
Size:	65536

Details

Name:	0000000A.00000002.746054348.00007FF572384000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF572384000
Size:	4096

Details

Name:	00000010.00000000.820792745.000000000FCF0000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	FCF0000
Size:	204800

Details

Name:	00000011.00000003.863203697.00000000010C4000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	10C4000
Size:	4096

Details

Name:	00000009.00000003.749359828.000001C24DD70000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD70000
Size:	8192

Details

Name:	0000000B.00000002.795947282.00007FF5E013C000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5E013C000
Size:	8192

Details

Name:	00000010.00000000.816043413.00000000077EC000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	77EC000
Size:	163840

Details

Name:	00000011.00000003.847154574.0000000000F3C000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	F3C000
Size:	24576

Details

Name:	00000010.00000000.817572986.000000000A839000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	A839000
Size:	8192

Details

Name:	00000003.00000002.646823803.000000368847A000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	368847A000
Size:	24576

Details

Name:	00000010.00000000.830976431.0000000002D40000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2D40000
Size:	393216

Details

Name:	00000011.00000002.910477734.000000000306B000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	306B000
Size:	49152

Details

Name:	00000006.00000002.706022710.00007FF530745000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF530745000
Size:	4096

Details

Name:	00000001.00000003.692061811.0000000000842000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	842000
Size:	36864

Details

Name:	0000000E.00000003.797711960.00000000009C4000.00000004.00000001.sdmp
TargetID:	14
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	9C4000
Size:	4096

Details

Name:	0000000B.00000003.778674610.0000017913C68000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	17913C68000
Size:	4096

Details

Name:	00000011.00000003.847069421.0000000000F3C000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	F3C000
Size:	24576

Details

Name:	00000007.00000002.721075613.00007FF528D18000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF528D18000
Size:	12288

Details

Name:	00000010.00000000.817203156.000000000A716000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	A716000
Size:	552960

Signature Hits	Behavior Group	Mitre Attack
May try to detect the Windows Explorer process (often used for injection)	HIPS / PFW / Operating System Protection Evasion	Process Injection Process Discovery
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000009.00000002.764802766.00007FF57EE22000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EE22000
Size:	24576

Details

Name:	0000000A.00000002.745902011.000001D2E4350000.00000004.00000040.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	1D2E4350000
Size:	12288

Details

Name:	00000009.00000003.740957857.000001C24DD8F000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD8F000
Size:	57344

Details

Name:	00000010.00000000.832348071.00000000038D9000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	38D9000
Size:	53248

Details

Name:	0000000B.00000002.793338206.0000017913CDE000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17913CDE000
Size:	53248

Details

Name:	0000000B.00000002.793966254.0000017915B00000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17915B00000
Size:	106496

Details

Name:	00000011.00000002.910789977.0000000004E40000.00000040.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	4E40000
Size:	69632

Details

Name:	00000010.00000000.811060173.0000000004700000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4700000
Size:	8192

Details

Name:	00000004.00000002.667348549.00007FF5B39C4000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B39C4000
Size:	20480

Details

Name:	00000007.00000002.719919905.000002083A270000.00000004.00000040.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2083A270000
Size:	4096

Details

Name:	00000001.00000003.691968779.00000000049E0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	49E0000
Size:	65536

Details

Name:	0000000B.00000002.794127267.0000017915B35000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17915B35000
Size:	32768

Details

Name:	00000007.00000002.720902071.00007FF528C03000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF528C03000
Size:	24576

Details

Name:	00000009.00000003.742466158.000001C24DD5E000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD5E000
Size:	28672

Details

Name:	0000000B.00000002.793272517.0000017913C58000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17913C58000
Size:	180224

Details

Name:	00000009.00000002.763267810.00007FF57EA46000.00000002.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57EA46000
Size:	32768

Details

Name:	00000010.00000000.837107947.0000000004990000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4990000
Size:	4096

Details

Name:	00000009.00000003.738449430.000001C24DD65000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD65000
Size:	32768

Details

Name:	00000010.00000000.824068067.00007FFAA5A79000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFAA5A79000
Size:	696320

Details

Name:	00000006.00000002.705273600.000002E19063C000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2E19063C000
Size:	73728

Details

Name:	00000010.00000000.815170508.00000000075A1000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	75A1000
Size:	155648

Details

Name:	00000010.00000000.807719165.0000000003C9C000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3C9C000
Size:	253952

Details

Name:	00000010.00000000.821948727.00007FF596115000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596115000
Size:	16384

Details

Name:	00000010.00000000.811683346.0000000004D60000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4D60000
Size:	4096

Details

Name:	00000010.00000000.813647454.0000000005E4C000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	5E4C000
Size:	16384

Details

Name:	00000006.00000002.706141922.00007FF530A6E000.00000002.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF530A6E000
Size:	4096

Details

Name:	00000009.00000003.746090738.000001C24DD65000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD65000
Size:	32768

Details

Name:	00000010.00000000.803124177.0000000002AE0000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	2AE0000
Size:	4096

Details

Name:	00000009.00000002.762216840.000001C24D4D9000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24D4D9000
Size:	32768

Details

Name:	00000004.00000002.667149163.00007FF5B3731000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B3731000
Size:	12288

Details

Name:	00000010.00000000.803136813.0000000002B00000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2B00000
Size:	8192

Details

Name:	0000000A.00000002.745553466.000000219C87F000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	219C87F000
Size:	4096

Details

Name:	00000010.00000000.806691038.00000000035B2000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	35B2000
Size:	69632

Details

Name:	00000001.00000003.692906515.00000000049F0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	49F0000
Size:	20480

Details

Name:	00000009.00000003.746637337.000001C24DD1C000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD1C000
Size:	40960

Details

Name:	00000010.00000000.811767517.0000000004F0A000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	4F0A000
Size:	45056

Details

Name:	00000004.00000002.667221640.00007FF5B38DA000.00000002.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF5B38DA000
Size:	8192

Details

Name:	00000002.00000003.643810576.000001FC4626C000.00000004.00000001.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1FC4626C000
Size:	32768

Details

Name:	00000010.00000000.834726883.0000000003ED2000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3ED2000
Size:	73728

Details

Name:	00000009.00000003.746075701.000001C24DD5D000.00000004.00000001.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1C24DD5D000
Size:	65536

Details

Name:	00000010.00000000.832611130.0000000003939000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	3939000
Size:	53248

Details

Name:	0000000A.00000002.746071875.00007FF57239E000.00000002.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF57239E000
Size:	12288

Details

Name:	00000010.00000000.815093227.0000000007527000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7527000
Size:	495616

Details

Name:	00000010.00000000.804177053.0000000003170000.00000004.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	3170000
Size:	4096

Details

Name:	00000010.00000000.802405623.00000000024D0000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	24D0000
Size:	73728

Details

Name:	00000007.00000002.721092153.00007FF528D26000.00000002.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF528D26000
Size:	8192

Details

Name:	00000003.00000002.648228325.00007FF565641000.00000002.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF565641000
Size:	20480

Details

Name:	00000002.00000002.644808003.00007FF589BF9000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589BF9000
Size:	4096

Details

Name:	00000010.00000000.808573638.0000000004020000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	4020000
Size:	258048

Details

Name:	00000010.00000000.801241059.0000000000AD8000.00000004.00000020.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	heap default
Protect:	page read and write
Base address:	AD8000
Size:	561152

Details

Name:	0000000B.00000002.792898011.00000047E707B000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	47E707B000
Size:	20480

Details

Name:	00000011.00000002.910346604.0000000002FEC000.00000002.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	2FEC000
Size:	12288

Details

Name:	00000010.00000000.818252620.000000000B970000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	B970000
Size:	16384

Details

Name:	00000010.00000000.823741515.00007FF596657000.00000002.00000001.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF596657000
Size:	28672

Details

Name:	00000010.00000000.814755511.0000000007122000.00000002.00020000.sdmp
TargetID:	16
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7122000
Size:	24576

Details

Name:	00000002.00000002.644917787.00007FF589DD8000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589DD8000
Size:	24576

Details

Name:	00000002.00000002.644999760.00007FF589E91000.00000002.00000001.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	7FF589E91000
Size:	20480

Details

Name:	00000001.00000003.795448827.00000000006C4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	6C4000
Size:	4096

Details

Name:	00000001.00000003.794201749.00000000009C1000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	9C1000
Size:	167936

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOCReport

Files

Processes

URLs

Memdumps