Automated Malware Analysis IOC Report for

Details

Name:	00000005.00000002.360786474.0000000000072000.00000040.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	72000
Size:	32768

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected Njrat	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
May infect USB drives	Spreading	Replication Through Removable Media
Yara signature match	System Summary

Details

Name:	00000000.00000002.305336564.0000000000F22000.00000040.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	F22000
Size:	32768

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected Njrat	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
May infect USB drives	Spreading	Replication Through Removable Media
Yara signature match	System Summary

Details

Name:	00000001.00000002.558514473.0000000003CCE000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3CCE000
Size:	45056

Signature Hits	Behavior Group	Mitre Attack
Yara detected Njrat	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
May infect USB drives	Spreading	Replication Through Removable Media

Details

Name:	00000001.00000002.556263491.0000000000072000.00000040.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	72000
Size:	32768

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected Njrat	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
May infect USB drives	Spreading	Replication Through Removable Media
Yara signature match	System Summary

Details

Name:	00000006.00000002.378938056.0000000000072000.00000040.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	72000
Size:	32768

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected Njrat	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
May infect USB drives	Spreading	Replication Through Removable Media
Yara signature match	System Summary

Details

Name:	00000007.00000002.396666249.0000000000072000.00000040.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	72000
Size:	32768

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected Njrat	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
May infect USB drives	Spreading	Replication Through Removable Media
Yara signature match	System Summary

Details

Name:	00000005.00000002.366335779.0000000000510000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	510000
Size:	4096

Details

Name:	00000000.00000002.306621221.00000000013EA000.00000004.00000020.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	13EA000
Size:	245760

Signature Hits	Behavior Group	Mitre Attack
Creates a DirectInput object (often for capturing keystrokes)	Key, Mouse, Clipboard, Microphone and Screen Capturing	Input Capture

Details

Name:	00000006.00000003.378762324.0000000006501000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	6501000
Size:	65536

Details

Name:	00000005.00000002.367501238.00000000031DE000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	31DE000
Size:	8192

Details

Name:	00000001.00000002.557495706.0000000000A50000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	A50000
Size:	4096

Details

Name:	00000005.00000003.349340867.0000000003175000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3175000
Size:	12288

Details

Name:	00000000.00000002.308300371.000000000648E000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	648E000
Size:	8192

Details

Name:	00000001.00000003.434608237.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000006.00000002.380119699.0000000002BF0000.00000004.00000040.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2BF0000
Size:	12288

Details

Name:	00000000.00000002.305194415.00000000009B0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	9B0000
Size:	4096

Details

Name:	00000000.00000002.307383019.0000000003690000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	3690000
Size:	16384

Details

Name:	00000005.00000002.366578252.0000000000BB8000.00000004.00000020.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	BB8000
Size:	212992

Details

Name:	00000005.00000002.367460424.0000000002FC0000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2FC0000
Size:	4096

Details

Name:	00000006.00000000.366223231.00000000000A0000.00000080.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute and write copy
Base address:	A0000
Size:	192512

Details

Name:	00000000.00000002.305354898.0000000000F3A000.00000040.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	F3A000
Size:	4096

Details

Name:	00000005.00000001.348056301.0000000000070000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	image loaded
Regiontype:	unkown image
Protect:	page readonly
Base address:	70000
Size:	4096

Details

Name:	00000001.00000003.434244235.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000000.00000002.307529275.0000000003722000.00000040.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	3722000
Size:	4096

Details

Name:	00000001.00000002.557399378.00000000004C0000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	4C0000
Size:	4096

Details

Name:	00000005.00000002.367567552.0000000003D70000.00000040.00000040.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page execute and read and write
Base address:	3D70000
Size:	4096

Details

Name:	00000001.00000003.550471924.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	0000000B.00000002.556799668.0000023691135000.00000004.00000040.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	23691135000
Size:	12288

Details

Name:	00000001.00000003.434628640.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000007.00000002.397148303.0000000000E4E000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	E4E000
Size:	4096

Details

Name:	00000006.00000002.380181908.0000000002DE0000.00000040.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2DE0000
Size:	16384

Details

Name:	00000000.00000002.308613528.000000007F490000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F490000
Size:	4096

Details

Name:	00000001.00000003.550510666.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000002.556900203.00000000001F7000.00000040.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	1F7000
Size:	8192

Details

Name:	00000006.00000002.379610975.00000000005E0000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5E0000
Size:	4096

Details

Name:	00000005.00000003.348796330.0000000002EA4000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2EA4000
Size:	65536

Details

Name:	00000007.00000002.397507874.00000000033C0000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	33C0000
Size:	81920

Details

Name:	00000006.00000002.379856695.0000000000D28000.00000004.00000020.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	D28000
Size:	212992

Details

Name:	00000001.00000003.550434568.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000000.00000003.304921000.0000000001491000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1491000
Size:	122880

Details

Name:	0000000B.00000002.556878296.0000023691AF0000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	23691AF0000
Size:	4096

Details

Name:	00000006.00000002.378954598.000000000008E000.00000080.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and write copy
Base address:	8E000
Size:	69632

Details

Name:	00000006.00000002.379356413.0000000000332000.00000040.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	332000
Size:	4096

Details

Name:	00000001.00000003.512068978.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.396181864.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.464539671.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.428764911.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000000.00000002.307436342.00000000036D0000.00000040.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page execute and read and write
Base address:	36D0000
Size:	4096

Details

Name:	00000006.00000002.380577396.0000000006500000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6500000
Size:	163840

Details

Name:	00000001.00000003.550461820.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	0000000B.00000002.557132939.00007FF5E66E7000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FF5E66E7000
Size:	4096

Details

Name:	00000001.00000002.558273999.0000000002FEE000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2FEE000
Size:	8192

Details

Name:	00000000.00000002.306951793.0000000001F60000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	1F60000
Size:	4096

Details

Name:	00000006.00000003.366865557.0000000002DD4000.00000040.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2DD4000
Size:	65536

Details

Name:	00000001.00000003.442574943.0000000000B44000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	B44000
Size:	28672

Details

Name:	00000000.00000002.307325046.000000000367E000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	367E000
Size:	8192

Details

Name:	00000007.00000003.385008297.0000000003404000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	3404000
Size:	4096

Details

Name:	00000006.00000002.379756591.0000000000B10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	B10000
Size:	4096

Details

Name:	00000007.00000002.397852460.00000000041FE000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	41FE000
Size:	4096

Details

Name:	00000001.00000003.550324147.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000002.557946695.0000000002B6C000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2B6C000
Size:	4096

Details

Name:	00000000.00000000.288165772.000000007F4A0000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F4A0000
Size:	12288

Details

Name:	00000001.00000003.550378605.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000005.00000000.347755849.0000000000332000.00000080.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute and write copy
Base address:	332000
Size:	4096

Details

Name:	00000000.00000000.288159016.000000007F492000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F492000
Size:	4096

Details

Name:	00000005.00000000.348002622.000000007FC12000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FC12000
Size:	4096

Details

Name:	00000006.00000002.380342421.00000000030B0000.00000040.00000040.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page execute and read and write
Base address:	30B0000
Size:	4096

Details

Name:	00000001.00000003.550253572.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.396104293.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000002.558670207.0000000005EBE000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5EBE000
Size:	8192

Details

Name:	00000007.00000002.397536626.00000000034C0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	34C0000
Size:	4096

Details

Name:	00000000.00000002.308427167.0000000006C30000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6C30000
Size:	167936

Details

Name:	00000006.00000002.380549845.00000000060BE000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	60BE000
Size:	8192

Details

Name:	00000001.00000003.550226031.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000006.00000002.380675685.000000007F390000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F390000
Size:	4096

Details

Name:	00000001.00000003.305489083.0000000002CE4000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2CE4000
Size:	65536

Details

Name:	00000001.00000003.512106675.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000000.304499090.0000000000335000.00000080.00020000.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute and write copy
Base address:	335000
Size:	950272

Details

Name:	00000007.00000002.398000729.0000000006524000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6524000
Size:	12288

Details

Name:	00000006.00000002.380227805.0000000002ECA000.00000040.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2ECA000
Size:	4096

Details

Name:	00000007.00000002.397449550.00000000018FE000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	18FE000
Size:	8192

Details

Name:	00000006.00000002.380204798.0000000002EB0000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2EB0000
Size:	8192

Details

Name:	00000000.00000003.288696344.00000000034C4000.00000040.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	34C4000
Size:	65536

Details

Name:	00000007.00000003.385205146.0000000003404000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	3404000
Size:	65536

Details

Name:	00000000.00000002.305282249.0000000000D40000.00000004.00000020.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	D40000
Size:	16384

Details

Name:	00000001.00000000.304477197.0000000000332000.00000080.00020000.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute and write copy
Base address:	332000
Size:	4096

Details

Name:	00000001.00000000.304432783.00000000000A0000.00000080.00020000.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute and write copy
Base address:	A0000
Size:	192512

Details

Name:	00000007.00000002.397526016.0000000003400000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	3400000
Size:	16384

Details

Name:	00000000.00000002.308050100.000000000529F000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	529F000
Size:	950272

Details

Name:	00000001.00000003.434688603.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000006.00000002.379763377.0000000000B20000.00000040.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	B20000
Size:	4096

Details

Name:	00000006.00000002.379841180.0000000000D00000.00000004.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	D00000
Size:	4096

Details

Name:	00000000.00000000.287919241.0000000000F3E000.00000080.00020000.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute and write copy
Base address:	F3E000
Size:	69632

Details

Name:	00000007.00000002.397241027.00000000012B0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	12B0000
Size:	4096

Details

Name:	00000000.00000002.307824784.0000000003E4E000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3E4E000
Size:	8192

Details

Name:	00000000.00000002.307028076.00000000034B3000.00000040.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	34B3000
Size:	4096

Details

Name:	0000000B.00000002.556954984.0000023691D70000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	23691D70000
Size:	4096

Details

Name:	00000005.00000002.366449041.0000000000A7E000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	A7E000
Size:	8192

Details

Name:	00000001.00000003.305274441.0000000002CE4000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2CE4000
Size:	4096

Details

Name:	00000006.00000000.366187925.0000000000072000.00000080.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute and write copy
Base address:	72000
Size:	16384

Details

Name:	00000006.00000002.380556211.00000000062BE000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	62BE000
Size:	8192

Details

Name:	0000000B.00000000.544430274.00007FF5D27E1000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FF5D27E1000
Size:	8192

Details

Name:	00000006.00000002.380496788.0000000003C49000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3C49000
Size:	16384

Details

Name:	00000000.00000000.288004123.00000000011E5000.00000080.00020000.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute and write copy
Base address:	11E5000
Size:	950272

Details

Name:	00000000.00000002.306687788.000000000142E000.00000004.00000020.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	142E000
Size:	126976

Details

Name:	0000000B.00000002.556329340.00000073F82FF000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	73F82FF000
Size:	4096

Details

Name:	00000006.00000002.379987999.000000000111E000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	111E000
Size:	8192

Details

Name:	00000006.00000000.366213344.000000000008E000.00000080.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute and write copy
Base address:	8E000
Size:	69632

Details

Name:	00000007.00000002.397018212.0000000000335000.00000040.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	335000
Size:	950272

Details

Name:	00000000.00000002.307513919.000000000370C000.00000040.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	370C000
Size:	4096

Details

Name:	00000001.00000003.306060775.0000000002FC0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2FC0000
Size:	32768

Details

Name:	00000005.00000002.367433876.0000000002FB0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2FB0000
Size:	65536

Details

Name:	00000000.00000002.308481285.000000000747E000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	747E000
Size:	8192

Details

Name:	00000001.00000003.472796273.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000005.00000002.366443392.0000000000A3E000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	A3E000
Size:	8192

Details

Name:	00000000.00000002.307891801.000000000424E000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	424E000
Size:	8192

Details

Name:	00000006.00000002.380232760.0000000002ED2000.00000040.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2ED2000
Size:	4096

Details

Name:	00000000.00000002.306557161.00000000013BE000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	13BE000
Size:	8192

Details

Name:	00000001.00000003.550499011.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000006.00000002.380364755.00000000031FD000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	31FD000
Size:	12288

Details

Name:	00000006.00000000.366444796.000000007F390000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F390000
Size:	4096

Details

Name:	00000001.00000002.558016129.0000000002BA2000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2BA2000
Size:	4096

Details

Name:	00000001.00000003.396112012.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000007.00000002.397979209.0000000006520000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6520000
Size:	8192

Details

Name:	00000001.00000003.396095720.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.511886203.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000007.00000002.397713517.0000000003743000.00000004.00000040.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	3743000
Size:	8192

Details

Name:	00000001.00000002.557999786.0000000002B9A000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2B9A000
Size:	4096

Details

Name:	00000007.00000000.384621765.0000000000DB0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	DB0000
Size:	102400

Details

Name:	00000001.00000002.558008114.0000000002BA0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2BA0000
Size:	4096

Details

Name:	00000000.00000003.304894701.0000000001491000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1491000
Size:	4096

Details

Name:	00000001.00000002.557430988.00000000005F0000.00000004.00000040.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	5F0000
Size:	16384

Details

Name:	00000006.00000002.378932608.0000000000070000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	70000
Size:	4096

Details

Name:	00000001.00000002.557489783.0000000000A20000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	A20000
Size:	4096

Details

Name:	00000001.00000003.434343025.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000007.00000002.397784705.0000000003FD0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3FD0000
Size:	4096

Details

Name:	00000007.00000003.385017449.00000000033F4000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	33F4000
Size:	65536

Details

Name:	00000001.00000003.550245952.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000005.00000003.348829830.0000000002EA4000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2EA4000
Size:	16384

Details

Name:	00000001.00000002.557412055.00000000005A0000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	5A0000
Size:	16384

Details

Name:	00000005.00000002.366785312.00000000013AF000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	13AF000
Size:	4096

Details

Name:	00000001.00000000.304418799.000000000008E000.00000080.00020000.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute and write copy
Base address:	8E000
Size:	69632

Details

Name:	00000001.00000003.550416560.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000005.00000003.348591870.0000000002E94000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2E94000
Size:	65536

Details

Name:	00000005.00000002.367514340.0000000003223000.00000004.00000040.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	3223000
Size:	8192

Details

Name:	00000006.00000002.378968325.00000000000A0000.00000040.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	A0000
Size:	1351680

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery
URLs found in memory or binary data	Networking

Details

Name:	00000001.00000002.558638219.0000000004CE7000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4CE7000
Size:	122880

Details

Name:	00000005.00000002.366313054.00000000004B0000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	4B0000
Size:	16384

Details

Name:	00000006.00000002.380354423.0000000003113000.00000004.00000040.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	3113000
Size:	8192

Details

Name:	00000005.00000002.366704979.0000000000C18000.00000004.00000020.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	C18000
Size:	98304

Details

Name:	00000006.00000003.367926894.0000000003090000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3090000
Size:	16384

Details

Name:	00000001.00000002.558082761.0000000002BF0000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2BF0000
Size:	12288

Details

Name:	00000005.00000002.367511197.0000000003220000.00000004.00000040.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	3220000
Size:	4096

Details

Name:	00000007.00000002.398176157.000000007FA50000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FA50000
Size:	4096

Details

Name:	0000000B.00000002.556696919.0000023690F06000.00000004.00000020.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	23690F06000
Size:	8192

Details

Name:	0000000B.00000003.544805682.0000023690EEE000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	23690EEE000
Size:	8192

Details

Name:	00000007.00000002.397738078.0000000003ED0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3ED0000
Size:	4096

Details

Name:	00000001.00000003.472818222.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000007.00000002.397142167.0000000000E4B000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	E4B000
Size:	4096

Details

Name:	00000005.00000002.367670792.000000007FC00000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FC00000
Size:	4096

Details

Name:	00000000.00000002.305995650.00000000010AC000.00000040.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	10AC000
Size:	110592

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000005.00000002.367585158.0000000003F7E000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3F7E000
Size:	8192

Details

Name:	00000000.00000000.287911852.0000000000F22000.00000080.00020000.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute and write copy
Base address:	F22000
Size:	16384

Details

Name:	00000006.00000002.380001352.000000000151F000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	151F000
Size:	4096

Details

Name:	00000006.00000000.366181183.0000000000070000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	70000
Size:	4096

Details

Name:	00000005.00000002.362042317.00000000001F7000.00000040.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	1F7000
Size:	8192

Details

Name:	00000000.00000002.308372592.00000000067EE000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	67EE000
Size:	8192

Details

Name:	00000000.00000002.307496808.0000000003702000.00000040.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	3702000
Size:	20480

Details

Name:	00000006.00000002.380222327.0000000002EBC000.00000040.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2EBC000
Size:	4096

Details

Name:	00000001.00000003.550368896.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000005.00000002.366374626.00000000007D1000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7D1000
Size:	4096

Details

Name:	00000007.00000002.397187916.000000000103C000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	103C000
Size:	16384

Details

Name:	00000001.00000003.512115488.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.396267785.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000000.00000002.308277506.000000000628E000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	628E000
Size:	8192

Details

Name:	00000001.00000003.472966137.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000007.00000002.397719257.0000000003C8E000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3C8E000
Size:	8192

Details

Name:	00000001.00000003.442560615.0000000000B4B000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	B4B000
Size:	12288

Details

Name:	00000005.00000002.367483586.0000000003100000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3100000
Size:	4096

Details

Name:	00000001.00000003.434665017.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	0000000B.00000002.556941116.0000023691D50000.00000002.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	23691D50000
Size:	4096

Details

Name:	00000007.00000002.397154504.0000000000E51000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	E51000
Size:	4096

Details

Name:	00000005.00000002.366392306.00000000007DA000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7DA000
Size:	4096

Details

Name:	00000006.00000002.379616765.00000000005F0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	5F0000
Size:	16384

Details

Name:	00000001.00000002.556887472.00000000001EB000.00000040.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	1EB000
Size:	32768

Details

Name:	00000001.00000002.558229941.0000000002F23000.00000004.00000040.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2F23000
Size:	8192

Details

Name:	00000001.00000002.558771564.000000007F362000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F362000
Size:	4096

Details

Name:	00000005.00000002.366668373.0000000000BFA000.00000004.00000020.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	BFA000
Size:	90112

Details

Name:	0000000B.00000002.557161868.00007FF5E67E3000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FF5E67E3000
Size:	8192

Details

Name:	00000007.00000002.397136179.0000000000E42000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	E42000
Size:	4096

Details

Name:	00000007.00000002.397565557.0000000003550000.00000004.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	3550000
Size:	4096

Details

Name:	00000007.00000002.397660013.00000000036F0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	36F0000
Size:	8192

Details

Name:	00000001.00000002.558381748.00000000036CE000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	36CE000
Size:	8192

Details

Name:	00000001.00000003.512088726.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	0000000B.00000000.544392658.00007DF5F4550000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7DF5F4550000
Size:	12288

Details

Name:	00000000.00000003.304882861.0000000000D47000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	D47000
Size:	8192

Details

Name:	00000000.00000002.307586445.0000000003750000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	3750000
Size:	4096

Details

Name:	00000001.00000003.550351814.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.512223161.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000000.00000002.306892127.0000000001BE0000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	1BE0000
Size:	32768

Details

Name:	00000001.00000002.557594260.0000000000B43000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	B43000
Size:	16384

Details

Name:	00000000.00000002.307792248.0000000003880000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	3880000
Size:	4096

Details

Name:	00000000.00000002.306045004.00000000010C8000.00000040.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	10C8000
Size:	1150976

Details

Name:	00000000.00000002.307958403.000000000426B000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	426B000
Size:	16384

Details

Name:	00000001.00000002.557656558.00000000014E0000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	14E0000
Size:	335872

Signature Hits	Behavior Group	Mitre Attack
May try to detect the Windows Explorer process (often used for injection)	HIPS / PFW / Operating System Protection Evasion	Process Injection Process Discovery

Details

Name:	00000000.00000002.305180767.00000000009AA000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	9AA000
Size:	4096

Details

Name:	00000001.00000003.550315349.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000007.00000002.397253712.0000000001300000.00000004.00000020.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	1300000
Size:	16384

Details

Name:	00000006.00000001.366483481.0000000000070000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	image loaded
Regiontype:	unkown image
Protect:	page readonly
Base address:	70000
Size:	4096

Details

Name:	00000001.00000003.305297827.0000000002CD4000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2CD4000
Size:	65536

Details

Name:	00000006.00000002.380392008.000000000383F000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	383F000
Size:	4096

Details

Name:	00000001.00000002.557405161.0000000000510000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	510000
Size:	8192

Details

Name:	00000001.00000003.472743801.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.511911762.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000006.00000002.379195568.0000000000218000.00000040.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	218000
Size:	1150976

Details

Name:	00000006.00000002.380187965.0000000002DEC000.00000040.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2DEC000
Size:	4096

Details

Name:	00000000.00000002.305331975.0000000000F20000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	F20000
Size:	4096

Details

Name:	00000000.00000002.306505405.00000000012D0000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	12D0000
Size:	4096

Details

Name:	00000001.00000002.558790293.000000007F380000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F380000
Size:	12288

Details

Name:	00000001.00000002.558360950.00000000030F0000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	30F0000
Size:	12288

Details

Name:	00000007.00000002.397673608.00000000036FA000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	36FA000
Size:	4096

Details

Name:	00000001.00000003.550478935.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000006.00000002.380753736.000000007F3B0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F3B0000
Size:	12288

Details

Name:	00000001.00000003.395979380.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000005.00000000.347674346.000000000008E000.00000080.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute and write copy
Base address:	8E000
Size:	69632

Details

Name:	0000000B.00000002.556554264.0000023690E60000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	23690E60000
Size:	8192

Details

Name:	00000001.00000003.322248838.00000000030F5000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	30F5000
Size:	8192

Details

Name:	0000000B.00000003.544828201.0000023690EEE000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	23690EEE000
Size:	8192

Details

Name:	00000005.00000002.366359183.00000000007BC000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7BC000
Size:	4096

Details

Name:	00000001.00000002.557881271.0000000002B40000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2B40000
Size:	8192

Details

Name:	00000001.00000003.376462384.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000006.00000000.366280014.0000000000332000.00000080.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute and write copy
Base address:	332000
Size:	4096

Details

Name:	00000006.00000002.379672149.00000000007EB000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7EB000
Size:	4096

Details

Name:	0000000B.00000002.557194465.00007FF5E6822000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FF5E6822000
Size:	28672

Details

Name:	00000005.00000002.360813231.000000000008E000.00000080.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and write copy
Base address:	8E000
Size:	69632

Details

Name:	00000007.00000002.396657209.0000000000070000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	70000
Size:	4096

Details

Name:	00000000.00000002.307478406.00000000036FA000.00000040.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	36FA000
Size:	8192

Details

Name:	0000000B.00000002.556296524.00000073F81F9000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	73F81F9000
Size:	28672

Details

Name:	00000001.00000002.558451192.0000000003A00000.00000004.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	3A00000
Size:	4096

Details

Name:	00000005.00000002.367257730.0000000002E93000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2E93000
Size:	4096

Details

Name:	00000001.00000003.433140084.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.393873084.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000000.00000002.305245982.0000000000C76000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	C76000
Size:	40960

Details

Name:	00000005.00000002.367056721.0000000002E60000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2E60000
Size:	81920

Details

Name:	00000007.00000002.398193247.000000007FA52000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FA52000
Size:	4096

Details

Name:	00000007.00000002.397371893.0000000001500000.00000004.00000020.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	1500000
Size:	20480

Details

Name:	00000005.00000003.349351817.0000000003170000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3170000
Size:	32768

Details

Name:	00000001.00000002.558628860.0000000004CC1000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4CC1000
Size:	24576

Details

Name:	00000006.00000002.380193408.0000000002EA2000.00000040.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2EA2000
Size:	4096

Details

Name:	00000007.00000002.398090193.000000000684E000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	684E000
Size:	8192

Details

Name:	00000001.00000003.512141332.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000007.00000000.384416184.0000000000335000.00000080.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute and write copy
Base address:	335000
Size:	950272

Details

Name:	00000005.00000002.367629267.000000000617E000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	617E000
Size:	8192

Details

Name:	0000000B.00000002.557004006.00007DF5F4550000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7DF5F4550000
Size:	12288

Details

Name:	00000001.00000003.396228971.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.434399516.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000000.00000002.307977466.0000000005251000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5251000
Size:	24576

Details

Name:	00000001.00000003.376451729.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000005.00000002.362061726.00000000001FC000.00000040.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	1FC000
Size:	110592

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000006.00000002.380237995.0000000002EE0000.00000004.00000040.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2EE0000
Size:	4096

Details

Name:	00000001.00000002.558024882.0000000002BA7000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2BA7000
Size:	4096

Details

Name:	00000007.00000002.397387292.0000000001518000.00000004.00000020.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	1518000
Size:	143360

Details

Name:	00000000.00000002.305184723.00000000009AD000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	9AD000
Size:	4096

Details

Name:	00000005.00000002.367647055.000000000657E000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	657E000
Size:	8192

Details

Name:	00000005.00000002.366789077.00000000013B0000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	13B0000
Size:	32768

Details

Name:	00000001.00000002.558243002.0000000002F6B000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2F6B000
Size:	20480

Details

Name:	00000001.00000002.557629519.0000000001350000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	1350000
Size:	65536

Details

Name:	00000001.00000003.396214856.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.550281875.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000007.00000000.384639388.000000007FA50000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FA50000
Size:	4096

Details

Name:	00000001.00000003.434468377.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.482417786.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	0000000B.00000002.556887856.0000023691B00000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	23691B00000
Size:	45056

Details

Name:	00000001.00000002.558616833.0000000003DB0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3DB0000
Size:	57344

Signature Hits	Behavior Group	Mitre Attack
May try to detect the Windows Explorer process (often used for injection)	HIPS / PFW / Operating System Protection Evasion	Process Injection Process Discovery

Details

Name:	00000001.00000003.306046823.0000000002FB0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2FB0000
Size:	65536

Details

Name:	00000000.00000003.289204202.0000000006575000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	6575000
Size:	12288

Details

Name:	00000007.00000002.397128716.0000000000E3E000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	E3E000
Size:	8192

Details

Name:	00000001.00000003.512132207.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000002.557365345.0000000000450000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	450000
Size:	102400

Details

Name:	00000006.00000002.379793174.0000000000B70000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	B70000
Size:	65536

Details

Name:	00000007.00000002.397424437.000000000156C000.00000004.00000020.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	156C000
Size:	4096

Details

Name:	00000000.00000002.308361901.00000000067AE000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	67AE000
Size:	8192

Details

Name:	00000001.00000003.472832200.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.365899056.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.511921527.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	0000000B.00000002.557110405.00007FF5E6159000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FF5E6159000
Size:	12288

Details

Name:	00000000.00000002.305987095.00000000010A7000.00000040.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	10A7000
Size:	8192

Details

Name:	00000001.00000003.434223657.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000000.00000002.306823406.00000000017DE000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17DE000
Size:	8192

Details

Name:	00000000.00000002.307646193.0000000003763000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	3763000
Size:	8192

Details

Name:	00000000.00000002.307568898.000000000373B000.00000040.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	373B000
Size:	4096

Details

Name:	00000007.00000002.397779069.0000000003FC0000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	3FC0000
Size:	4096

Details

Name:	00000001.00000003.365871580.00000000069B1000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	69B1000
Size:	65536

Details

Name:	00000001.00000003.550360075.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000005.00000002.367663720.000000007FB00000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FB00000
Size:	20480

Details

Name:	00000001.00000002.557466438.00000000009FA000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	9FA000
Size:	24576

Details

Name:	00000006.00000002.379847299.0000000000D20000.00000004.00000020.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	D20000
Size:	24576

Details

Name:	00000007.00000002.397927022.000000000650B000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	650B000
Size:	20480

Details

Name:	00000005.00000002.367506793.000000000321C000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	321C000
Size:	16384

Details

Name:	0000000B.00000002.557127591.00007FF5E66E2000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FF5E66E2000
Size:	8192

Details

Name:	00000007.00000002.397732278.0000000003ECE000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3ECE000
Size:	8192

Details

Name:	00000001.00000003.535526047.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000007.00000002.397531911.000000000340C000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	340C000
Size:	4096

Details

Name:	00000007.00000002.397595312.000000000362E000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	362E000
Size:	8192

Details

Name:	00000001.00000002.557922836.0000000002B62000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2B62000
Size:	20480

Details

Name:	00000006.00000002.379723854.0000000000A7E000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	A7E000
Size:	8192

Details

Name:	00000006.00000000.366426335.0000000000450000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	450000
Size:	102400

Details

Name:	00000006.00000000.366453832.000000007F3A0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F3A0000
Size:	4096

Details

Name:	00000001.00000000.304402986.0000000000070000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	70000
Size:	4096

Details

Name:	00000001.00000003.550543396.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000007.00000003.385735720.0000000006525000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	6525000
Size:	12288

Details

Name:	00000007.00000002.396704118.00000000000A0000.00000040.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	A0000
Size:	1351680

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery
URLs found in memory or binary data	Networking

Details

Name:	00000001.00000003.499939079.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000005.00000002.360803398.000000000008A000.00000040.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	8A000
Size:	4096

Details

Name:	00000000.00000002.305317779.0000000000EF0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	EF0000
Size:	4096

Details

Name:	00000000.00000002.308311134.000000000652E000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	652E000
Size:	8192

Details

Name:	00000001.00000003.504295415.0000000000B43000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	B43000
Size:	12288

Details

Name:	00000006.00000002.379834206.0000000000CF0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	CF0000
Size:	4096

Details

Name:	00000007.00000003.385727461.0000000006520000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	6520000
Size:	16384

Details

Name:	0000000B.00000002.557099221.00007FF5E614D000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FF5E614D000
Size:	4096

Details

Name:	00000001.00000003.396135671.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000007.00000002.397274915.00000000013F0000.00000004.00000040.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	13F0000
Size:	12288

Details

Name:	00000006.00000002.379664756.00000000007E8000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7E8000
Size:	4096

Details

Name:	00000007.00000002.398160380.000000007F950000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F950000
Size:	20480

Details

Name:	00000001.00000003.550342778.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000007.00000000.384647381.000000007FA52000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FA52000
Size:	4096

Details

Name:	00000007.00000002.397461801.0000000001B00000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	1B00000
Size:	32768

Details

Name:	00000000.00000003.299950669.0000000006C30000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	6C30000
Size:	24576

Details

Name:	00000001.00000003.550442520.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.373432847.00000000069B1000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	69B1000
Size:	159744

Details

Name:	0000000B.00000000.544364300.00007DF5F4540000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7DF5F4540000
Size:	4096

Details

Name:	00000005.00000002.366468666.0000000000B00000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	B00000
Size:	12288

Details

Name:	00000000.00000002.307416390.00000000036A0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	36A0000
Size:	4096

Details

Name:	00000001.00000003.504275862.0000000000B3B000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	B3B000
Size:	28672

Details

Name:	00000001.00000003.434538773.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	0000000B.00000002.557248077.00007FF5E68C1000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FF5E68C1000
Size:	12288

Details

Name:	00000006.00000002.380528306.0000000005E3E000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5E3E000
Size:	8192

Details

Name:	00000001.00000003.472844486.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000002.558162336.0000000002CE0000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2CE0000
Size:	16384

Details

Name:	00000001.00000003.535657801.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000005.00000002.367690809.000000007FC12000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FC12000
Size:	4096

Details

Name:	00000001.00000002.557955715.0000000002B70000.00000004.00000040.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2B70000
Size:	8192

Details

Name:	00000001.00000003.504302726.0000000000B48000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	B48000
Size:	12288

Details

Name:	00000006.00000002.380199015.0000000002EAA000.00000040.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2EAA000
Size:	8192

Details

Name:	00000005.00000000.347948833.0000000000450000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	450000
Size:	102400

Details

Name:	00000001.00000003.472735586.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000002.557422373.00000000005B0000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	5B0000
Size:	16384

Details

Name:	00000000.00000002.308470823.000000000723E000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	723E000
Size:	8192

Details

Name:	00000005.00000002.366934507.0000000002C82000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2C82000
Size:	4096

Details

Name:	00000000.00000002.305253213.0000000000C80000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	C80000
Size:	16384

Details

Name:	0000000B.00000002.556587162.0000023690E80000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	23690E80000
Size:	4096

Details

Name:	00000007.00000002.396893506.0000000000218000.00000040.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	218000
Size:	1150976

Details

Name:	00000001.00000002.558523576.0000000003CDA000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3CDA000
Size:	872448

Details

Name:	00000005.00000003.348879302.0000000002EAC000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2EAC000
Size:	4096

Details

Name:	00000001.00000003.472893621.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000007.00000002.398011539.0000000006528000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6528000
Size:	159744

Details

Name:	0000000B.00000002.556947390.0000023691D60000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	23691D60000
Size:	4096

Details

Name:	00000001.00000003.393888305.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.499857356.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.395989044.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.322243587.00000000030F0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	30F0000
Size:	16384

Details

Name:	00000005.00000002.366319313.00000000004C0000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	4C0000
Size:	4096

Details

Name:	00000000.00000000.287934772.0000000000F50000.00000080.00020000.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute and write copy
Base address:	F50000
Size:	192512

Details

Name:	00000005.00000002.366816352.0000000002B50000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	2B50000
Size:	733184

Details

Name:	00000001.00000003.511832748.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000002.556923512.00000000001FC000.00000040.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	1FC000
Size:	110592

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000001.00000003.512212731.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000002.558152583.0000000002CD3000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2CD3000
Size:	4096

Details

Name:	00000001.00000002.557382377.00000000004AC000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4AC000
Size:	16384

Details

Name:	00000000.00000000.287878197.0000000000A20000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	A20000
Size:	102400

Details

Name:	00000000.00000002.308343157.00000000065AE000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	65AE000
Size:	8192

Details

Name:	00000006.00000002.380177022.0000000002DD3000.00000040.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2DD3000
Size:	4096

Details

Name:	0000000B.00000002.556722430.0000023690F09000.00000004.00000020.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	23690F09000
Size:	4096

Details

Name:	00000001.00000002.557438264.00000000006B3000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6B3000
Size:	8192

Details

Name:	00000006.00000002.380318583.0000000003060000.00000040.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	3060000
Size:	4096

Details

Name:	00000007.00000002.398247988.000000007FA70000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FA70000
Size:	12288

Details

Name:	00000001.00000003.396128601.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000002.556280268.000000000008A000.00000040.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	8A000
Size:	4096

Details

Name:	00000001.00000002.557236018.0000000000332000.00000040.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	332000
Size:	4096

Details

Name:	00000007.00000002.397281124.0000000001430000.00000004.00000040.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	1430000
Size:	8192

Details

Name:	00000001.00000003.550306113.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000005.00000002.362767582.0000000000332000.00000040.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	332000
Size:	4096

Details

Name:	00000006.00000002.380310170.0000000003050000.00000004.00000040.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	3050000
Size:	12288

Details

Name:	00000001.00000003.329187321.0000000003A60000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3A60000
Size:	8192

Details

Name:	00000007.00000003.385172082.0000000003404000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	3404000
Size:	65536

Details

Name:	00000001.00000003.434529222.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	0000000B.00000002.557092952.00007FF5E612F000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FF5E612F000
Size:	4096

Details

Name:	00000000.00000002.305138672.00000000007F0000.00000004.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	7F0000
Size:	4096

Details

Name:	00000000.00000002.308392499.00000000069EE000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	69EE000
Size:	8192

Details

Name:	00000005.00000002.366917744.0000000002C30000.00000004.00000040.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2C30000
Size:	12288

Details

Name:	0000000B.00000002.557265147.00007FF5E68D1000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FF5E68D1000
Size:	16384

Details

Name:	00000001.00000003.305472822.0000000002CE4000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2CE4000
Size:	65536

Details

Name:	00000005.00000002.367416749.0000000002F9E000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2F9E000
Size:	8192

Details

Name:	00000000.00000002.307843682.000000000404E000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	404E000
Size:	8192

Details

Name:	0000000B.00000002.556479535.0000023690E30000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	23690E30000
Size:	12288

Details

Name:	00000001.00000002.558256051.0000000002FAA000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2FAA000
Size:	24576

Details

Name:	00000001.00000003.517407758.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000007.00000002.397182544.0000000000E60000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	E60000
Size:	4096

Details

Name:	00000000.00000002.305201098.00000000009B6000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	9B6000
Size:	4096

Details

Name:	00000001.00000003.472838059.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000002.558102908.0000000002C10000.00000004.00000040.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2C10000
Size:	4096

Details

Name:	00000006.00000002.380136487.0000000002C7E000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2C7E000
Size:	8192

Details

Name:	00000000.00000002.308476162.000000000727D000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	727D000
Size:	12288

Details

Name:	00000001.00000003.396059387.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	0000000B.00000002.556919544.0000023691D20000.00000004.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	23691D20000
Size:	4096

Details

Name:	00000006.00000002.380281531.000000000301E000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	301E000
Size:	8192

Details

Name:	00000000.00000003.288709089.00000000034C4000.00000040.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	34C4000
Size:	16384

Details

Name:	0000000B.00000002.557239432.00007FF5E68BA000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FF5E68BA000
Size:	12288

Details

Name:	00000001.00000002.558390630.00000000038CE000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	38CE000
Size:	8192

Details

Name:	00000001.00000003.434490211.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.396208084.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.434676581.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000006.00000002.379775597.0000000000B60000.00000004.00000020.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	B60000
Size:	16384

Details

Name:	00000001.00000003.512124010.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000006.00000003.367407096.0000000002DE4000.00000040.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2DE4000
Size:	65536

Details

Name:	00000005.00000002.362126911.0000000000218000.00000040.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	218000
Size:	1150976

Details

Name:	00000005.00000002.367641762.000000000637E000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	637E000
Size:	8192

Details

Name:	00000006.00000002.379747716.0000000000B00000.00000004.00000040.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	B00000
Size:	8192

Details

Name:	00000001.00000003.457729542.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000000.00000002.307722907.0000000003850000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3850000
Size:	65536

Details

Name:	00000001.00000003.434518229.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000006.00000002.380398633.0000000003A3E000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3A3E000
Size:	8192

Details

Name:	00000006.00000002.380156893.0000000002CA0000.00000040.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2CA0000
Size:	4096

Details

Name:	00000007.00000002.397160456.0000000000E54000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	E54000
Size:	4096

Details

Name:	0000000B.00000002.556419943.0000023690E10000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	23690E10000
Size:	102400

Details

Name:	00000007.00000002.397261109.0000000001305000.00000004.00000020.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	1305000
Size:	16384

Details

Name:	00000007.00000002.398225225.000000007FA60000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FA60000
Size:	4096

Details

Name:	00000001.00000003.305502668.0000000002CE4000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2CE4000
Size:	16384

Details

Name:	00000001.00000003.472784702.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.511842468.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000006.00000002.379361025.0000000000335000.00000040.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	335000
Size:	950272

Details

Name:	0000000B.00000002.556395927.0000023690E00000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	23690E00000
Size:	4096

Details

Name:	00000000.00000000.287905923.0000000000F20000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	F20000
Size:	4096

Details

Name:	00000007.00000002.397226669.000000000123A000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	123A000
Size:	24576

Details

Name:	00000000.00000002.305321488.0000000000F00000.00000040.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	F00000
Size:	4096

Details

Name:	00000006.00000002.379138068.00000000001EB000.00000040.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	1EB000
Size:	32768

Details

Name:	00000001.00000003.305280217.0000000002CE4000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2CE4000
Size:	61440

Details

Name:	00000005.00000002.360774164.0000000000070000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	70000
Size:	4096

Details

Name:	00000001.00000003.305511198.0000000002CE4000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2CE4000
Size:	65536

Details

Name:	00000001.00000002.558677985.00000000060BE000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	60BE000
Size:	8192

Details

Name:	00000006.00000002.379638331.00000000007DC000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7DC000
Size:	4096

Details

Name:	00000007.00000000.384160140.000000000008E000.00000080.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute and write copy
Base address:	8E000
Size:	69632

Details

Name:	00000001.00000002.558690725.00000000064BE000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	64BE000
Size:	8192

Details

Name:	00000007.00000002.397549815.000000000353E000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	353E000
Size:	8192

Details

Name:	00000000.00000002.305295886.0000000000E9E000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	E9E000
Size:	8192

Details

Name:	00000005.00000002.367518248.000000000326E000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	326E000
Size:	8192

Details

Name:	00000001.00000003.322277064.00000000030F0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	30F0000
Size:	40960

Details

Name:	0000000B.00000002.557188114.00007FF5E681B000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FF5E681B000
Size:	12288

Details

Name:	00000007.00000003.385230961.0000000003404000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	3404000
Size:	65536

Details

Name:	00000001.00000003.365910128.0000000000B41000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	B41000
Size:	40960

Details

Name:	00000001.00000003.365920491.0000000000B3C000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	B3C000
Size:	20480

Details

Name:	00000007.00000002.397875534.000000000622E000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	622E000
Size:	8192

Details

Name:	00000001.00000003.434372253.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000006.00000003.367432428.0000000002DEC000.00000040.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2DEC000
Size:	4096

Details

Name:	00000001.00000003.434384894.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000005.00000002.366398020.00000000007DD000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7DD000
Size:	4096

Details

Name:	00000007.00000002.397218042.0000000001236000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1236000
Size:	8192

Details

Name:	00000005.00000002.366938612.0000000002C8A000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2C8A000
Size:	8192

Details

Name:	00000000.00000002.308465384.000000000703E000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	703E000
Size:	8192

Details

Name:	0000000B.00000002.556503909.0000023690E40000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	23690E40000
Size:	4096

Details

Name:	00000000.00000002.307555838.0000000003737000.00000040.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	3737000
Size:	4096

Details

Name:	00000005.00000002.367675201.000000007FC02000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FC02000
Size:	4096

Details

Name:	00000005.00000000.347964198.000000007FC00000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FC00000
Size:	4096

Details

Name:	0000000B.00000002.556985150.00007DF5F4532000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7DF5F4532000
Size:	4096

Details

Name:	00000001.00000003.517388752.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000005.00000002.367522058.00000000032AE000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	32AE000
Size:	8192

Details

Name:	00000001.00000002.558736505.00000000068BE000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	68BE000
Size:	8192

Details

Name:	0000000B.00000002.556776410.00000236910D0000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	236910D0000
Size:	4096

Details

Name:	00000000.00000003.288529742.00000000034C4000.00000040.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	34C4000
Size:	4096

Details

Name:	00000005.00000002.367540738.0000000003B7E000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3B7E000
Size:	8192

Details

Name:	00000001.00000003.305523973.0000000002CEC000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2CEC000
Size:	4096

Details

Name:	00000006.00000002.380243395.0000000002EF0000.00000004.00000040.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2EF0000
Size:	4096

Details

Name:	00000005.00000002.362023075.00000000001EB000.00000040.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	1EB000
Size:	32768

Details

Name:	00000001.00000003.550556861.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000005.00000003.348529862.0000000002EA4000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2EA4000
Size:	61440

Details

Name:	00000005.00000000.347692889.00000000000A0000.00000080.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute and write copy
Base address:	A0000
Size:	192512

Details

Name:	00000005.00000002.366533720.0000000000BA0000.00000004.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	BA0000
Size:	4096

Details

Name:	00000001.00000002.557771864.0000000002970000.00000004.00000040.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2970000
Size:	16384

Details

Name:	00000001.00000003.434234472.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000006.00000002.379572103.00000000004B0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	4B0000
Size:	16384

Details

Name:	00000001.00000002.557244078.0000000000335000.00000040.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	335000
Size:	950272

Details

Name:	00000000.00000002.306519874.00000000012E0000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	12E0000
Size:	4096

Details

Name:	00000005.00000002.366986234.0000000002CCB000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2CCB000
Size:	4096

Details

Name:	00000001.00000003.376440749.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.442705521.0000000000B38000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	B38000
Size:	12288

Details

Name:	00000006.00000002.380372894.000000000323C000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	323C000
Size:	16384

Details

Name:	00000007.00000002.397235529.00000000012AE000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	12AE000
Size:	8192

Details

Name:	00000005.00000002.367312389.0000000002EA0000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2EA0000
Size:	16384

Details

Name:	00000006.00000002.379737221.0000000000AF0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	AF0000
Size:	12288

Details

Name:	0000000B.00000002.556307637.00000073F8279000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	73F8279000
Size:	28672

Details

Name:	00000006.00000002.379562311.00000000004AC000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4AC000
Size:	16384

Details

Name:	00000000.00000002.307681422.00000000037AE000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	37AE000
Size:	4096

Details

Name:	00000001.00000002.557889228.0000000002B52000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2B52000
Size:	8192

Details

Name:	00000001.00000002.558182380.0000000002CEC000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2CEC000
Size:	4096

Details

Name:	00000007.00000000.384665383.000000007FA70000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FA70000
Size:	12288

Details

Name:	00000000.00000002.308546778.000000007F480000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F480000
Size:	4096

Details

Name:	0000000B.00000002.556992357.00007DF5F4540000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7DF5F4540000
Size:	4096

Details

Name:	00000001.00000002.558399262.000000000390D000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	390D000
Size:	12288

Details

Name:	00000006.00000002.380292850.0000000003040000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3040000
Size:	65536

Details

Name:	00000001.00000003.545879113.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000000.304723941.000000007F362000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F362000
Size:	4096

Details

Name:	00000006.00000002.380731251.000000007F3A2000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F3A2000
Size:	4096

Details

Name:	00000001.00000003.395996528.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.428807552.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000000.00000003.288717350.00000000034C4000.00000040.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	34C4000
Size:	65536

Details

Name:	00000005.00000002.366912619.0000000002C20000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2C20000
Size:	8192

Details

Name:	00000005.00000002.366505429.0000000000B8E000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	B8E000
Size:	8192

Details

Name:	00000000.00000002.306606598.00000000013E0000.00000004.00000020.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	13E0000
Size:	32768

Details

Name:	00000007.00000002.397943277.0000000006510000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6510000
Size:	36864

Details

Name:	00000005.00000002.366943368.0000000002C90000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2C90000
Size:	8192

Details

Name:	00000007.00000002.397455625.0000000001AFF000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1AFF000
Size:	4096

Details

Name:	00000006.00000002.380258882.0000000002F77000.00000040.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2F77000
Size:	4096

Details

Name:	00000000.00000002.306846146.00000000019DE000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	19DE000
Size:	8192

Details

Name:	00000001.00000003.434580382.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000005.00000003.348512153.0000000002EA4000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2EA4000
Size:	4096

Details

Name:	00000001.00000002.558507402.0000000003CC9000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3CC9000
Size:	16384

Details

Name:	00000000.00000002.306538909.0000000001360000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	1360000
Size:	16384

Details

Name:	0000000B.00000002.556928202.0000023691D40000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	23691D40000
Size:	65536

Details

Name:	00000000.00000000.288136642.000000007F480000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F480000
Size:	4096

Details

Name:	00000001.00000002.558369749.0000000003100000.00000004.00000040.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	3100000
Size:	4096

Details

Name:	00000005.00000003.348838625.0000000002EA4000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2EA4000
Size:	65536

Details

Name:	00000001.00000002.558071609.0000000002BE0000.00000004.00000040.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2BE0000
Size:	16384

Details

Name:	00000001.00000002.557460369.00000000009F6000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	9F6000
Size:	8192

Details

Name:	00000005.00000002.366518636.0000000000B90000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	B90000
Size:	4096

Details

Name:	0000000B.00000002.556614460.0000023690EA9000.00000004.00000020.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	23690EA9000
Size:	28672

Details

Name:	00000007.00000002.397118008.0000000000DD0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	DD0000
Size:	16384

Details

Name:	00000001.00000003.396602108.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000007.00000003.385708037.0000000006510000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	6510000
Size:	32768

Details

Name:	00000000.00000002.306758455.000000000145F000.00000004.00000020.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	145F000
Size:	204800

Details

Name:	00000001.00000002.556321941.00000000000A0000.00000040.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	A0000
Size:	1351680

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery
URLs found in memory or binary data	Networking

Details

Name:	00000006.00000003.367034643.0000000002DE4000.00000040.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2DE4000
Size:	65536

Details

Name:	00000006.00000002.380129148.0000000002C3E000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2C3E000
Size:	8192

Details

Name:	00000000.00000003.288736365.00000000034CC000.00000040.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	34CC000
Size:	4096

Details

Name:	00000001.00000003.396221751.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000007.00000002.397177896.0000000000E5D000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	E5D000
Size:	4096

Details

Name:	0000000B.00000002.556757095.0000023691070000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	23691070000
Size:	16384

Details

Name:	00000005.00000002.367593689.0000000003F81000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3F81000
Size:	28672

Details

Name:	00000006.00000002.380276365.0000000002FC0000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2FC0000
Size:	4096

Details

Name:	00000000.00000003.288678767.00000000034C4000.00000040.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	34C4000
Size:	65536

Details

Name:	00000005.00000002.366435458.00000000009FA000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	9FA000
Size:	24576

Details

Name:	00000000.00000003.288550854.00000000034B4000.00000040.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	34B4000
Size:	65536

Details

Name:	00000007.00000002.397700792.000000000372B000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	372B000
Size:	4096

Details

Name:	00000005.00000002.366303253.00000000004AC000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4AC000
Size:	16384

Details

Name:	00000005.00000002.366657744.0000000000BF4000.00000004.00000020.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	BF4000
Size:	12288

Details

Name:	0000000B.00000000.544347647.00007DF5F4532000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7DF5F4532000
Size:	4096

Details

Name:	00000000.00000002.305366042.0000000000F3E000.00000080.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and write copy
Base address:	F3E000
Size:	69632

Details

Name:	00000006.00000002.379715875.0000000000A3E000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	A3E000
Size:	8192

Details

Name:	0000000B.00000002.557144865.00007FF5E67D6000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FF5E67D6000
Size:	4096

Details

Name:	00000000.00000002.306997153.0000000003480000.00000040.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	3480000
Size:	81920

Details

Name:	00000007.00000002.397573200.0000000003560000.00000004.00000040.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	3560000
Size:	4096

Details

Name:	0000000B.00000002.556257438.00000073F807C000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	73F807C000
Size:	16384

Details

Name:	00000006.00000002.380162161.0000000002DA0000.00000040.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2DA0000
Size:	81920

Details

Name:	00000006.00000002.379657508.00000000007E5000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7E5000
Size:	4096

Details

Name:	00000000.00000002.305306671.0000000000EE0000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	EE0000
Size:	12288

Details

Name:	00000006.00000002.380426504.0000000003C41000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3C41000
Size:	28672

Details

Name:	00000000.00000002.307463744.00000000036F2000.00000040.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	36F2000
Size:	4096

Details

Name:	00000001.00000003.472873629.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.434476725.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000005.00000002.367685700.000000007FC10000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FC10000
Size:	4096

Details

Name:	00000001.00000003.512060131.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.472757528.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000007.00000002.398233108.000000007FA62000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FA62000
Size:	4096

Details

Name:	00000000.00000002.305291528.0000000000E5E000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	E5E000
Size:	8192

Details

Name:	00000005.00000002.367529256.00000000033B0000.00000004.00000040.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	33B0000
Size:	4096

Details

Name:	00000001.00000003.472825665.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000007.00000002.397829630.00000000041F1000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	41F1000
Size:	28672

Details

Name:	00000001.00000003.511948138.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000007.00000003.385244153.000000000340C000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	340C000
Size:	4096

Details

Name:	00000005.00000002.367404002.0000000002EAC000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2EAC000
Size:	4096

Details

Name:	00000001.00000003.472919852.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	0000000B.00000002.556766569.00000236910C0000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	236910C0000
Size:	4096

Details

Name:	00000001.00000000.304732369.000000007F370000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F370000
Size:	4096

Details

Name:	00000001.00000002.558192042.0000000002DDE000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2DDE000
Size:	8192

Details

Name:	0000000B.00000002.556833543.0000023691350000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	23691350000
Size:	4096

Details

Name:	00000001.00000003.365936066.0000000000B4B000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	B4B000
Size:	118784

Details

Name:	00000007.00000002.397708367.0000000003740000.00000004.00000040.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	3740000
Size:	4096

Details

Name:	00000007.00000000.384150849.0000000000072000.00000080.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute and write copy
Base address:	72000
Size:	16384

Details

Name:	00000000.00000000.288145185.000000007F482000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F482000
Size:	4096

Details

Name:	00000006.00000002.380536276.0000000005E7E000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5E7E000
Size:	8192

Details

Name:	00000001.00000003.472956595.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.535819778.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	0000000B.00000002.557229190.00007FF5E68B4000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FF5E68B4000
Size:	20480

Details

Name:	00000001.00000002.558127248.0000000002CA0000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2CA0000
Size:	81920

Details

Name:	00000001.00000003.434433674.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000007.00000000.384407380.0000000000332000.00000080.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute and write copy
Base address:	332000
Size:	4096

Details

Name:	00000005.00000002.367043646.0000000002E50000.00000004.00000040.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2E50000
Size:	8192

Details

Name:	00000006.00000002.379651582.00000000007E2000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7E2000
Size:	4096

Details

Name:	00000001.00000003.511851854.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000000.00000002.305286686.0000000000D45000.00000004.00000020.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	D45000
Size:	8192

Details

Name:	00000007.00000002.397123975.0000000000DE0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	DE0000
Size:	4096

Details

Name:	00000001.00000003.434501981.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000006.00000002.380417104.0000000003C3E000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3C3E000
Size:	8192

Details

Name:	00000001.00000003.511823516.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000002.557983205.0000000002B8A000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2B8A000
Size:	4096

Details

Name:	00000001.00000002.558463012.0000000003A5E000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3A5E000
Size:	8192

Details

Name:	00000001.00000003.472933301.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000005.00000002.366347319.0000000000525000.00000004.00000020.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	525000
Size:	12288

Details

Name:	00000001.00000002.557550871.0000000000ADB000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	ADB000
Size:	421888

Details

Name:	00000001.00000003.396235178.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000000.00000002.308580656.000000007F482000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F482000
Size:	4096

Details

Name:	00000001.00000003.550425049.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000000.00000002.308641008.000000007F4A0000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F4A0000
Size:	12288

Details

Name:	00000001.00000003.411306909.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000002.557898331.0000000002B5A000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2B5A000
Size:	8192

Details

Name:	00000007.00000002.397910637.00000000064CD000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	64CD000
Size:	12288

Details

Name:	00000000.00000003.288731160.00000000034CC000.00000040.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	34CC000
Size:	4096

Details

Name:	00000001.00000003.396200706.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000002.558765619.000000007F360000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F360000
Size:	4096

Details

Name:	00000006.00000000.366285360.0000000000335000.00000080.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute and write copy
Base address:	335000
Size:	950272

Details

Name:	00000006.00000002.379707842.00000000009FA000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	9FA000
Size:	24576

Details

Name:	0000000B.00000002.557176083.00007FF5E67F0000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FF5E67F0000
Size:	4096

Details

Name:	00000001.00000002.558497449.0000000003CC1000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3CC1000
Size:	28672

Details

Name:	00000007.00000002.397845108.00000000041F9000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	41F9000
Size:	16384

Details

Name:	00000001.00000003.447098112.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000002.557508836.0000000000A80000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	A80000
Size:	32768

Details

Name:	00000006.00000002.380248923.0000000002F00000.00000004.00000040.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2F00000
Size:	4096

Details

Name:	00000001.00000003.464530439.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000001.304831043.0000000000070000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	image loaded
Regiontype:	unkown image
Protect:	page readonly
Base address:	70000
Size:	4096

Details

Name:	0000000B.00000002.556815036.0000023691140000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	23691140000
Size:	4096

Details

Name:	00000007.00000002.398116644.0000000006A8E000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6A8E000
Size:	8192

Details

Name:	00000001.00000002.557517413.0000000000A8A000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	A8A000
Size:	155648

Details

Name:	00000001.00000003.396248680.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000007.00000002.397378185.0000000001507000.00000004.00000020.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	1507000
Size:	65536

Details

Name:	0000000B.00000002.557206138.00007FF5E684A000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FF5E684A000
Size:	8192

Details

Name:	00000001.00000003.393857005.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000006.00000002.380265848.0000000002F7B000.00000040.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2F7B000
Size:	4096

Details

Name:	00000001.00000003.434254758.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	0000000B.00000002.557138703.00007FF5E673C000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FF5E673C000
Size:	16384

Details

Name:	00000001.00000003.553379254.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000005.00000000.347989185.000000007FC02000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FC02000
Size:	4096

Details

Name:	00000001.00000003.504250630.0000000000B4E000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	B4E000
Size:	32768

Details

Name:	00000001.00000003.434412002.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000000.00000002.305267760.0000000000D2E000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	D2E000
Size:	8192

Details

Name:	00000007.00000002.397689701.0000000003712000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	3712000
Size:	4096

Details

Name:	00000005.00000002.366781488.00000000011AF000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	11AF000
Size:	4096

Details

Name:	0000000B.00000002.557105155.00007FF5E614F000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FF5E614F000
Size:	4096

Details

Name:	00000007.00000003.384980828.0000000003404000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	3404000
Size:	4096

Details

Name:	00000001.00000002.558784077.000000007F372000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F372000
Size:	4096

Details

Name:	00000001.00000002.557965768.0000000002B80000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2B80000
Size:	4096

Details

Name:	00000000.00000003.304830051.0000000006C31000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	6C31000
Size:	65536

Details

Name:	00000006.00000002.380505970.0000000004C41000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4C41000
Size:	20480

Details

Name:	0000000B.00000002.557155230.00007FF5E67DF000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FF5E67DF000
Size:	12288

Details

Name:	00000001.00000003.550386918.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.550396305.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000000.304412751.0000000000072000.00000080.00020000.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute and write copy
Base address:	72000
Size:	16384

Details

Name:	00000001.00000003.396190688.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	0000000B.00000002.557079850.00007FF5E6128000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FF5E6128000
Size:	4096

Details

Name:	00000001.00000002.557937993.0000000002B6A000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2B6A000
Size:	4096

Details

Name:	00000001.00000003.434652272.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000002.558223128.0000000002F20000.00000004.00000040.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2F20000
Size:	4096

Details

Name:	0000000B.00000002.557116001.00007FF5E615E000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FF5E615E000
Size:	4096

Details

Name:	00000001.00000002.558471825.0000000003AB0000.00000040.00000040.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page execute and read and write
Base address:	3AB0000
Size:	4096

Details

Name:	00000005.00000000.347666344.0000000000072000.00000080.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute and write copy
Base address:	72000
Size:	16384

Details

Name:	00000001.00000003.472973363.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000000.00000002.308625683.000000007F492000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F492000
Size:	4096

Details

Name:	00000006.00000002.380271225.0000000002FBE000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2FBE000
Size:	8192

Details

Name:	0000000B.00000003.544785043.0000023690EEE000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	23690EEE000
Size:	8192

Details

Name:	00000001.00000003.472850044.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.512049271.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.553398013.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000005.00000002.366364167.00000000007C8000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7C8000
Size:	4096

Details

Name:	0000000B.00000002.557254109.00007FF5E68C5000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FF5E68C5000
Size:	16384

Details

Name:	00000007.00000002.397247127.00000000012FE000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	12FE000
Size:	8192

Details

Name:	00000001.00000003.472939705.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000006.00000002.379731047.0000000000ABE000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	ABE000
Size:	8192

Details

Name:	00000005.00000002.367492407.0000000003190000.00000004.00000040.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	3190000
Size:	12288

Details

Name:	00000001.00000003.499869943.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000006.00000002.380688857.000000007F392000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F392000
Size:	4096

Details

Name:	00000001.00000002.557974652.0000000002B87000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2B87000
Size:	4096

Details

Name:	00000001.00000002.556251498.0000000000070000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	70000
Size:	4096

Details

Name:	00000000.00000002.307522454.000000000371A000.00000040.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	371A000
Size:	4096

Details

Name:	00000000.00000002.305273674.0000000000D30000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	D30000
Size:	16384

Details

Name:	00000005.00000002.366352706.00000000007B8000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7B8000
Size:	8192

Details

Name:	0000000B.00000002.556866316.00000236916E0000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	236916E0000
Size:	12288

Details

Name:	0000000B.00000002.556980409.00007DF5F4530000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7DF5F4530000
Size:	4096

Details

Name:	00000007.00000002.397748003.0000000003F90000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	3F90000
Size:	4096

Details

Name:	00000006.00000002.379604672.00000000004C0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	4C0000
Size:	4096

Details

Name:	00000001.00000003.512150527.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	0000000B.00000002.557049384.00007FF5D27E1000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FF5D27E1000
Size:	8192

Details

Name:	00000006.00000003.367971632.0000000003095000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3095000
Size:	12288

Details

Name:	00000007.00000002.397606123.0000000003640000.00000004.00000040.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	3640000
Size:	4096

Details

Name:	00000001.00000003.434421933.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000007.00000002.397171198.0000000000E5A000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	E5A000
Size:	4096

Details

Name:	00000001.00000002.558034720.0000000002BAB000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2BAB000
Size:	4096

Details

Name:	00000001.00000002.558043111.0000000002BC0000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	2BC0000
Size:	4096

Details

Name:	0000000B.00000002.557201324.00007FF5E682E000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FF5E682E000
Size:	4096

Details

Name:	00000006.00000002.379677070.00000000007EE000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7EE000
Size:	4096

Details

Name:	00000007.00000002.397760972.0000000003FB0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3FB0000
Size:	65536

Details

Name:	00000001.00000002.556948094.0000000000218000.00000040.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	218000
Size:	1150976

Details

Name:	00000001.00000003.327069466.0000000000B40000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	B40000
Size:	53248

Details

Name:	00000007.00000003.384988126.0000000003404000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	3404000
Size:	61440

Details

Name:	00000007.00000002.397558136.0000000003540000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	3540000
Size:	4096

Details

Name:	00000007.00000002.397105447.0000000000DB0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	DB0000
Size:	102400

Details

Name:	00000001.00000000.304697103.0000000000450000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	450000
Size:	102400

Details

Name:	00000006.00000002.379782432.0000000000B65000.00000004.00000020.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	B65000
Size:	12288

Details

Name:	00000006.00000003.367163963.0000000002DE4000.00000040.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2DE4000
Size:	65536

Details

Name:	00000001.00000003.316797170.0000000003070000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3070000
Size:	24576

Details

Name:	00000007.00000002.398099311.000000000688E000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	688E000
Size:	8192

Details

Name:	00000000.00000003.288535588.00000000034C4000.00000040.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	34C4000
Size:	61440

Details

Name:	00000001.00000002.558209172.0000000002EBE000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2EBE000
Size:	8192

Details

Name:	0000000B.00000002.556598095.0000023690EA0000.00000004.00000020.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	23690EA0000
Size:	28672

Details

Name:	00000007.00000002.397431306.000000000156E000.00000004.00000020.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	156E000
Size:	131072

Details

Name:	00000006.00000002.379537073.0000000000450000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	450000
Size:	102400

Details

Name:	00000001.00000003.482430373.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.434620074.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.472804075.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000007.00000002.397541304.00000000034D0000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	34D0000
Size:	4096

Details

Name:	00000007.00000002.397503257.00000000033B0000.00000004.00000040.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	33B0000
Size:	16384

Details

Name:	00000006.00000002.379529118.0000000000440000.00000004.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	440000
Size:	4096

Details

Name:	00000001.00000002.557602774.0000000000B48000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	B48000
Size:	12288

Details

Name:	00000001.00000003.511901644.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000000.00000002.307099460.0000000003580000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	3580000
Size:	733184

Details

Name:	00000007.00000002.397790455.0000000003FE0000.00000040.00000040.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page execute and read and write
Base address:	3FE0000
Size:	4096

Details

Name:	00000000.00000002.305959794.000000000109B000.00000040.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	109B000
Size:	32768

Details

Name:	00000001.00000002.558489761.0000000003CBE000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3CBE000
Size:	8192

Details

Name:	00000001.00000002.558410000.000000000394B000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	394B000
Size:	20480

Details

Name:	00000006.00000002.380543527.000000000607E000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	607E000
Size:	8192

Details

Name:	00000007.00000002.397012680.0000000000332000.00000040.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	332000
Size:	4096

Details

Name:	00000001.00000003.512157463.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000007.00000002.397165597.0000000000E57000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	E57000
Size:	4096

Details

Name:	00000006.00000002.380148911.0000000002C90000.00000004.00000040.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2C90000
Size:	16384

Details

Name:	0000000B.00000002.556280330.00000073F817E000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	73F817E000
Size:	8192

Details

Name:	00000001.00000003.472860777.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000002.558051575.0000000002BD0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2BD0000
Size:	65536

Details

Name:	00000000.00000000.288152001.000000007F490000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F490000
Size:	4096

Details

Name:	00000000.00000002.305208272.00000000009BC000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	9BC000
Size:	4096

Details

Name:	00000007.00000003.385221753.0000000003404000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	3404000
Size:	16384

Details

Name:	00000001.00000003.512183411.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000007.00000000.384144136.0000000000070000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	70000
Size:	4096

Details

Name:	00000007.00000002.397695405.0000000003727000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	3727000
Size:	4096

Details

Name:	00000005.00000002.366370172.00000000007CE000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7CE000
Size:	4096

Details

Name:	00000005.00000002.366454558.0000000000ABE000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	ABE000
Size:	8192

Details

Name:	0000000B.00000002.556963749.0000023691DC0000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	23691DC0000
Size:	20480

Details

Name:	00000001.00000000.304738654.000000007F372000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F372000
Size:	4096

Details

Name:	00000001.00000003.447073997.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	0000000B.00000002.557211876.00007FF5E684D000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FF5E684D000
Size:	8192

Details

Name:	00000006.00000002.380142992.0000000002C80000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2C80000
Size:	8192

Details

Name:	0000000B.00000002.556859294.00000236916D0000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	236916D0000
Size:	4096

Details

Name:	0000000B.00000000.544383425.00007DF5F4542000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7DF5F4542000
Size:	4096

Details

Name:	00000000.00000000.287993946.00000000011E2000.00000080.00020000.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute and write copy
Base address:	11E2000
Size:	4096

Details

Name:	00000001.00000003.470114654.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	0000000B.00000002.556748198.0000023690F0D000.00000004.00000020.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	23690F0D000
Size:	8192

Details

Name:	0000000B.00000002.557058374.00007FF5E60E8000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FF5E60E8000
Size:	16384

Details

Name:	0000000B.00000000.544341451.00007DF5F4530000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7DF5F4530000
Size:	4096

Details

Name:	00000000.00000002.306303567.00000000011E5000.00000040.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	11E5000
Size:	950272

Details

Name:	00000001.00000002.558307036.00000000030AD000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	30AD000
Size:	12288

Details

Name:	00000001.00000003.472926922.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.506853322.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000000.00000002.305395430.0000000000F50000.00000040.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	F50000
Size:	1351680

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery
URLs found in memory or binary data	Networking

Details

Name:	00000006.00000002.380210740.0000000002EB2000.00000040.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2EB2000
Size:	20480

Details

Name:	00000000.00000002.307505291.000000000370A000.00000040.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	370A000
Size:	4096

Details

Name:	00000007.00000002.397643670.00000000036D0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	36D0000
Size:	8192

Details

Name:	00000000.00000002.305227555.0000000000A7C000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	A7C000
Size:	16384

Details

Name:	00000001.00000003.472980598.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000000.00000003.289209365.0000000006580000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	6580000
Size:	32768

Details

Name:	00000007.00000002.397522176.00000000033F3000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	33F3000
Size:	4096

Details

Name:	00000001.00000002.558755747.000000007F260000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F260000
Size:	20480

Details

Name:	00000000.00000002.307918789.0000000004251000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4251000
Size:	102400

Details

Name:	00000007.00000002.397683443.000000000370A000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	370A000
Size:	4096

Details

Name:	00000006.00000002.379624899.00000000007C9000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7C9000
Size:	8192

Details

Name:	00000005.00000000.347779856.0000000000335000.00000080.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute and write copy
Base address:	335000
Size:	950272

Details

Name:	00000005.00000002.366541430.0000000000BB0000.00000004.00000020.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	BB0000
Size:	24576

Details

Name:	00000001.00000003.411324238.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	0000000B.00000002.556635219.0000023690EB1000.00000004.00000020.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	23690EB1000
Size:	344064

Details

Name:	00000007.00000001.384698463.0000000000070000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	image loaded
Regiontype:	unkown image
Protect:	page readonly
Base address:	70000
Size:	4096

Details

Name:	00000000.00000002.306866943.0000000001BDF000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1BDF000
Size:	4096

Details

Name:	00000001.00000003.396157339.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000005.00000002.367525910.00000000032EE000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	32EE000
Size:	8192

Details

Name:	00000001.00000003.550406931.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000005.00000002.366953902.0000000002C9A000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2C9A000
Size:	4096

Details

Name:	00000005.00000003.349332823.0000000003170000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3170000
Size:	16384

Details

Name:	00000005.00000002.366997313.0000000002CE0000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2CE0000
Size:	4096

Details

Name:	00000001.00000002.557358748.0000000000440000.00000004.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	440000
Size:	4096

Details

Name:	00000005.00000002.367695680.000000007FC20000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FC20000
Size:	12288

Details

Name:	00000001.00000003.396283111.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	0000000B.00000002.556788817.0000023691130000.00000004.00000040.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	23691130000
Size:	12288

Details

Name:	00000000.00000002.306593871.00000000013D0000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	13D0000
Size:	4096

Details

Name:	0000000B.00000002.556840066.0000023691550000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	23691550000
Size:	12288

Details

Name:	00000005.00000002.366976599.0000000002CB2000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2CB2000
Size:	4096

Details

Name:	00000006.00000002.380563534.00000000062FE000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	62FE000
Size:	8192

Details

Name:	00000001.00000002.557906954.0000000002B60000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2B60000
Size:	8192

Details

Name:	00000001.00000002.557475435.0000000000A00000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	A00000
Size:	12288

Details

Name:	00000007.00000002.396687519.000000000008E000.00000080.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and write copy
Base address:	8E000
Size:	69632

Details

Name:	00000005.00000002.367009482.0000000002E1E000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2E1E000
Size:	8192

Details

Name:	00000001.00000002.557501848.0000000000A60000.00000004.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	A60000
Size:	4096

Details

Name:	00000000.00000002.306525056.00000000012F0000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	12F0000
Size:	4096

Details

Name:	00000001.00000002.558431009.00000000039F0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	39F0000
Size:	65536

Details

Name:	00000005.00000002.366341170.0000000000520000.00000004.00000020.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	520000
Size:	16384

Details

Name:	00000007.00000002.397678438.00000000036FC000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	36FC000
Size:	4096

Details

Name:	00000005.00000002.367470748.0000000002FE0000.00000004.00000040.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2FE0000
Size:	4096

Details

Name:	00000007.00000002.396880289.00000000001FC000.00000040.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	1FC000
Size:	110592

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000000.00000002.308410904.0000000006C2E000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6C2E000
Size:	8192

Details

Name:	00000005.00000002.367607225.0000000004F81000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4F81000
Size:	20480

Details

Name:	00000006.00000002.380570700.00000000064FE000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	64FE000
Size:	8192

Details

Name:	00000001.00000002.558684391.00000000062BE000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	62BE000
Size:	8192

Details

Name:	00000000.00000002.306913832.0000000001DE0000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	1DE0000
Size:	65536

Details

Name:	00000000.00000002.305212192.0000000000A20000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	A20000
Size:	102400

Details

Name:	00000000.00000002.305168220.00000000009A7000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	9A7000
Size:	4096

Details

Name:	00000005.00000002.366498459.0000000000B20000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	B20000
Size:	4096

Details

Name:	00000007.00000002.397286717.0000000001440000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	1440000
Size:	733184

Details

Name:	00000006.00000002.379915723.0000000000D64000.00000004.00000020.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	D64000
Size:	184320

Details

Name:	00000005.00000002.366812272.0000000001730000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	1730000
Size:	4096

Details

Name:	00000001.00000002.557535382.0000000000AB9000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	AB9000
Size:	110592

Details

Name:	00000005.00000002.366922964.0000000002C7E000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2C7E000
Size:	8192

Details

Name:	00000001.00000000.304719794.000000007F360000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F360000
Size:	4096

Details

Name:	00000006.00000002.380709722.000000007F3A0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F3A0000
Size:	4096

Details

Name:	00000000.00000002.307073714.00000000034CC000.00000040.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	34CC000
Size:	4096

Details

Name:	00000005.00000002.367536666.000000000397E000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	397E000
Size:	8192

Details

Name:	00000001.00000003.511956875.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000005.00000002.366379800.00000000007D4000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7D4000
Size:	4096

Details

Name:	00000001.00000003.472750106.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000007.00000000.384658295.000000007FA62000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FA62000
Size:	4096

Details

Name:	00000007.00000002.397655034.00000000036EA000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	36EA000
Size:	8192

Details

Name:	00000001.00000003.327095601.0000000000B34000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	B34000
Size:	49152

Details

Name:	00000000.00000002.307451353.00000000036E0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	36E0000
Size:	8192

Details

Name:	0000000B.00000002.557085743.00007FF5E612A000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FF5E612A000
Size:	4096

Details

Name:	00000000.00000002.306728862.000000000144E000.00000004.00000020.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	144E000
Size:	65536

Details

Name:	00000001.00000003.447082953.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.512168234.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000005.00000002.367652477.000000000677E000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	677E000
Size:	8192

Details

Name:	0000000B.00000002.556997914.00007DF5F4542000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7DF5F4542000
Size:	4096

Details

Name:	00000000.00000002.308502528.00000000076BC000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	76BC000
Size:	16384

Details

Name:	00000001.00000003.434638369.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000000.00000002.307766801.0000000003870000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3870000
Size:	4096

Details

Name:	00000001.00000002.558420589.000000000398C000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	398C000
Size:	16384

Details

Name:	0000000B.00000000.544441822.00007FF5E68D1000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FF5E68D1000
Size:	16384

Details

Name:	00000001.00000003.472867104.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000000.00000002.306980523.0000000003380000.00000040.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	3380000
Size:	4096

Details

Name:	00000001.00000003.396241425.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	0000000B.00000002.557260359.00007FF5E68CA000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FF5E68CA000
Size:	4096

Details

Name:	00000001.00000003.472811617.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000005.00000002.366162921.0000000000450000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	450000
Size:	102400

Details

Name:	00000000.00000002.307487435.0000000003700000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3700000
Size:	8192

Details

Name:	00000006.00000002.380007414.0000000001520000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	1520000
Size:	32768

Details

Name:	00000001.00000003.482394594.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000002.557991663.0000000002B92000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2B92000
Size:	4096

Details

Name:	00000007.00000002.397469293.0000000001D00000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	1D00000
Size:	65536

Details

Name:	00000006.00000002.378948726.000000000008A000.00000040.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	8A000
Size:	4096

Details

Name:	00000000.00000002.307967345.0000000004270000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4270000
Size:	8192

Details

Name:	00000005.00000002.366981756.0000000002CC7000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2CC7000
Size:	4096

Details

Name:	00000006.00000003.366859636.0000000002DE4000.00000040.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2DE4000
Size:	4096

Details

Name:	00000001.00000002.557390834.00000000004B0000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	4B0000
Size:	16384

Details

Name:	00000005.00000002.366422225.00000000009F6000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	9F6000
Size:	8192

Details

Name:	00000005.00000002.366158146.0000000000440000.00000004.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	440000
Size:	4096

Details

Name:	00000007.00000002.396867029.00000000001EB000.00000040.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	1EB000
Size:	32768

Details

Name:	00000006.00000003.367994489.0000000003090000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3090000
Size:	32768

Details

Name:	00000005.00000003.348576788.0000000002EA4000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2EA4000
Size:	4096

Details

Name:	00000005.00000002.366958354.0000000002C9C000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2C9C000
Size:	4096

Details

Name:	00000007.00000002.397817710.00000000041EE000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	41EE000
Size:	8192

Details

Name:	00000001.00000003.550236593.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.396120808.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000002.557795026.0000000002A80000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	2A80000
Size:	733184

Details

Name:	00000005.00000000.347659912.0000000000070000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	70000
Size:	4096

Details

Name:	00000001.00000003.396149627.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000005.00000003.348777421.0000000002EA4000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2EA4000
Size:	65536

Details

Name:	00000001.00000003.512203113.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.457739577.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	0000000B.00000002.556972124.00007DF4F2400000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7DF4F2400000
Size:	20480

Details

Name:	00000001.00000003.517380602.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000007.00000002.397268068.00000000013E0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	13E0000
Size:	16384

Details

Name:	00000001.00000002.557482734.0000000000A10000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	A10000
Size:	4096

Details

Name:	00000000.00000002.305259169.0000000000C90000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	C90000
Size:	4096

Details

Name:	00000000.00000002.308518175.000000007F380000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F380000
Size:	20480

Details

Name:	0000000B.00000002.557068235.00007FF5E6123000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FF5E6123000
Size:	8192

Details

Name:	00000005.00000002.366971563.0000000002CAA000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2CAA000
Size:	4096

Details

Name:	00000001.00000003.396258288.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000007.00000002.397650535.00000000036E2000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	36E2000
Size:	4096

Details

Name:	00000001.00000002.557762623.000000000296E000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	296E000
Size:	8192

Details

Name:	0000000B.00000002.556379547.0000023690DF0000.00000004.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	23690DF0000
Size:	4096

Details

Name:	00000001.00000002.558118068.0000000002C30000.00000004.00000040.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2C30000
Size:	4096

Details

Name:	00000001.00000002.557618188.0000000001150000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	1150000
Size:	32768

Details

Name:	0000000B.00000002.557167854.00007FF5E67E6000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FF5E67E6000
Size:	16384

Details

Name:	00000001.00000003.434448393.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000007.00000002.396678499.000000000008A000.00000040.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	8A000
Size:	4096

Details

Name:	00000001.00000003.428788124.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000000.00000003.289199547.0000000006570000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	6570000
Size:	16384

Details

Name:	00000005.00000002.366776912.0000000000FAF000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	FAF000
Size:	4096

Details

Name:	00000001.00000003.550532556.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000007.00000002.397494535.00000000032A0000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	32A0000
Size:	4096

Details

Name:	00000007.00000002.397725719.0000000003E8E000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3E8E000
Size:	8192

Details

Name:	00000000.00000002.306568380.00000000013C0000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	13C0000
Size:	20480

Details

Name:	00000007.00000002.398075141.000000000664E000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	664E000
Size:	8192

Details

Name:	00000006.00000003.366848332.0000000002DE4000.00000040.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2DE4000
Size:	61440

Details

Name:	00000001.00000003.411314796.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.396273858.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000007.00000002.397901172.000000000642E000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	642E000
Size:	8192

Details

Name:	00000007.00000002.397754085.0000000003FA0000.00000004.00000040.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	3FA0000
Size:	12288

Details

Name:	00000005.00000002.366460729.0000000000AC0000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	AC0000
Size:	16384

Details

Name:	00000000.00000002.305263344.0000000000CE0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	CE0000
Size:	8192

Details

Name:	00000000.00000001.288219295.0000000000F20000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	image loaded
Regiontype:	unkown image
Protect:	page readonly
Base address:	F20000
Size:	4096

Details

Name:	0000000B.00000002.557217344.00007FF5E68A2000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FF5E68A2000
Size:	12288

Details

Name:	00000005.00000002.366385032.00000000007D7000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7D7000
Size:	4096

Details

Name:	00000006.00000002.379146160.00000000001F7000.00000040.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	1F7000
Size:	8192

Details

Name:	00000000.00000003.288546242.00000000034C4000.00000040.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	34C4000
Size:	4096

Details

Name:	00000007.00000000.384653582.000000007FA60000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FA60000
Size:	4096

Details

Name:	00000006.00000002.379631981.00000000007CD000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7CD000
Size:	4096

Details

Name:	00000001.00000002.557443609.00000000006B7000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6B7000
Size:	4096

Details

Name:	00000005.00000002.366736835.0000000000C32000.00000004.00000020.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	C32000
Size:	135168

Details

Name:	00000005.00000003.360117608.0000000003B81000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3B81000
Size:	65536

Details

Name:	00000006.00000002.380348696.0000000003110000.00000004.00000040.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	3110000
Size:	4096

Details

Name:	00000006.00000002.380217327.0000000002EBA000.00000040.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2EBA000
Size:	4096

Details

Name:	0000000B.00000002.556364880.00000073F83FF000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	73F83FF000
Size:	4096

Details

Name:	00000000.00000002.305149931.0000000000997000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	997000
Size:	8192

Details

Name:	00000007.00000002.396875004.00000000001F7000.00000040.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	1F7000
Size:	8192

Details

Name:	00000005.00000000.348008563.000000007FC20000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FC20000
Size:	12288

Details

Name:	00000001.00000002.557787967.0000000002980000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2980000
Size:	4096

Details

Name:	00000005.00000002.367544434.0000000003B80000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3B80000
Size:	163840

Details

Name:	00000007.00000002.398141694.0000000006CCE000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6CCE000
Size:	8192

Details

Name:	00000001.00000003.512031009.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.550296865.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000005.00000002.362774391.0000000000335000.00000040.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	335000
Size:	950272

Details

Name:	00000000.00000002.308333813.000000000656C000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	656C000
Size:	16384

Details

Name:	00000005.00000002.367601136.0000000003F89000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3F89000
Size:	16384

Details

Name:	00000001.00000003.396142709.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	0000000B.00000002.557180893.00007FF5E67F3000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FF5E67F3000
Size:	12288

Details

Name:	00000006.00000002.380333119.0000000003070000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3070000
Size:	4096

Details

Name:	00000001.00000002.558778184.000000007F370000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F370000
Size:	4096

Details

Name:	00000006.00000002.379769260.0000000000B50000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	B50000
Size:	4096

Details

Name:	00000001.00000003.512097294.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000006.00000002.380287750.0000000003030000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	3030000
Size:	4096

Details

Name:	00000000.00000002.305164458.000000000099B000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	99B000
Size:	4096

Details

Name:	00000005.00000002.366990384.0000000002CD0000.00000004.00000040.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2CD0000
Size:	16384

Details

Name:	00000006.00000002.380017225.0000000002B30000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	2B30000
Size:	733184

Details

Name:	00000001.00000002.558296709.000000000306E000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	306E000
Size:	8192

Details

Name:	00000005.00000002.366476217.0000000000B10000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	B10000
Size:	4096

Details

Name:	00000005.00000002.367014429.0000000002E20000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2E20000
Size:	4096

Details

Name:	00000001.00000003.472887192.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000002.557755668.000000000292E000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	292E000
Size:	8192

Details

Name:	00000001.00000003.322261427.00000000030F0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	30F0000
Size:	20480

Details

Name:	00000001.00000002.556290962.000000000008E000.00000080.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and write copy
Base address:	8E000
Size:	69632

Details

Name:	00000001.00000003.511939404.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	0000000B.00000002.556271593.00000073F80FD000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	73F80FD000
Size:	12288

Details

Name:	00000001.00000002.557608693.0000000000B4E000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	B4E000
Size:	32768

Details

Name:	00000005.00000002.367474390.0000000002FF0000.00000004.00000040.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2FF0000
Size:	4096

Details

Name:	00000000.00000002.308490961.00000000074BE000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	74BE000
Size:	8192

Details

Name:	00000006.00000003.366828792.0000000002DE4000.00000040.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2DE4000
Size:	4096

Details

Name:	00000001.00000002.558110862.0000000002C20000.00000004.00000040.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2C20000
Size:	4096

Details

Name:	00000005.00000002.367424417.0000000002FA0000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	2FA0000
Size:	4096

Details

Name:	00000001.00000003.434458347.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.396004653.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000007.00000002.397863954.00000000051F1000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	51F1000
Size:	20480

Details

Name:	0000000B.00000000.544280583.0000023690E10000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	23690E10000
Size:	102400

Details

Name:	00000001.00000002.558743491.00000000069B0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	69B0000
Size:	4096

Details

Name:	00000001.00000003.305292352.0000000002CE4000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2CE4000
Size:	4096

Details

Name:	0000000B.00000002.557149750.00007FF5E67DD000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FF5E67DD000
Size:	4096

Details

Name:	00000006.00000002.379152364.00000000001FC000.00000040.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	1FC000
Size:	110592

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000001.00000002.558286005.000000000302E000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	302E000
Size:	8192

Details

Name:	00000006.00000003.367331809.0000000002DE4000.00000040.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2DE4000
Size:	16384

Details

Name:	00000001.00000003.472905909.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000005.00000000.347996927.000000007FC10000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FC10000
Size:	4096

Details

Name:	00000000.00000002.307538571.000000000372A000.00000040.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	372A000
Size:	4096

Details

Name:	00000001.00000003.396088279.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000000.00000002.307044633.00000000034C0000.00000040.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	34C0000
Size:	16384

Details

Name:	00000007.00000002.397100420.0000000000DA0000.00000004.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	DA0000
Size:	4096

Details

Name:	00000001.00000003.472947747.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000000.00000002.307617528.0000000003760000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	3760000
Size:	4096

Details

Name:	00000005.00000002.367466238.0000000002FD0000.00000004.00000040.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2FD0000
Size:	4096

Details

Name:	00000000.00000002.305204531.00000000009B9000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	9B9000
Size:	4096

Details

Name:	00000001.00000002.558717187.00000000066BD000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	66BD000
Size:	12288

Details

Name:	00000001.00000003.434359874.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000007.00000002.397584874.0000000003580000.00000004.00000040.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	3580000
Size:	4096

Details

Name:	0000000B.00000002.556809004.0000023691139000.00000004.00000040.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	23691139000
Size:	4096

Details

Name:	00000006.00000002.379699452.00000000009F5000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	9F5000
Size:	12288

Details

Name:	00000001.00000003.512079308.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	0000000B.00000002.557121984.00007FF5E666A000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FF5E666A000
Size:	12288

Details

Name:	0000000B.00000002.557223185.00007FF5E68A9000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FF5E68A9000
Size:	12288

Details

Name:	00000000.00000002.306290413.00000000011E2000.00000040.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	11E2000
Size:	4096

Details

Name:	00000007.00000002.397665246.00000000036F2000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	36F2000
Size:	20480

Details

Name:	0000000B.00000003.544778639.0000023690EE6000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	23690EE6000
Size:	4096

Details

Name:	00000007.00000002.397490034.0000000001E80000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	1E80000
Size:	4096

Details

Name:	00000007.00000002.397498816.00000000033A0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	33A0000
Size:	12288

Details

Name:	00000006.00000000.366448356.000000007F392000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F392000
Size:	4096

Details

Name:	00000001.00000003.550452663.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000005.00000002.360850734.00000000000A0000.00000040.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute and read and write
Base address:	A0000
Size:	1351680

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery
URLs found in memory or binary data	Networking

Details

Name:	00000000.00000002.307987202.0000000005258000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5258000
Size:	282624

Details

Name:	00000007.00000002.397579140.0000000003570000.00000004.00000040.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	3570000
Size:	4096

Details

Name:	00000001.00000002.557650312.00000000014D0000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	14D0000
Size:	4096

Details

Name:	00000001.00000002.558335618.00000000030EB000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	30EB000
Size:	20480

Details

Name:	00000001.00000003.511930585.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000006.00000002.380657985.000000007F290000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F290000
Size:	20480

Details

Name:	00000001.00000003.396164677.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000006.00000002.379963883.0000000000D92000.00000004.00000020.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	D92000
Size:	139264

Details

Name:	00000001.00000003.472879737.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000006.00000002.379995173.000000000131F000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	131F000
Size:	4096

Details

Name:	00000000.00000002.307750907.0000000003860000.00000040.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	3860000
Size:	8192

Details

Name:	00000000.00000002.305300746.0000000000ED0000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	ED0000
Size:	8192

Details

Name:	00000001.00000003.550332824.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000007.00000000.384188150.00000000000A0000.00000080.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute and write copy
Base address:	A0000
Size:	192512

Details

Name:	00000001.00000003.396174134.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000000.00000002.308400341.0000000006A2E000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6A2E000
Size:	8192

Details

Name:	00000005.00000002.366947913.0000000002C92000.00000040.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2C92000
Size:	20480

Details

Name:	00000006.00000002.379644234.00000000007DF000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7DF000
Size:	4096

Details

Name:	00000001.00000002.558092885.0000000002C00000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2C00000
Size:	12288

Details

Name:	00000001.00000003.553365702.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.472899767.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000000.00000002.307548761.0000000003730000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3730000
Size:	4096

Details

Name:	00000001.00000000.304747570.000000007F380000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F380000
Size:	12288

Details

Name:	00000000.00000002.305197912.00000000009B3000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	9B3000
Size:	4096

Details

Name:	00000005.00000002.366795704.00000000015B0000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	15B0000
Size:	65536

Details

Name:	00000007.00000002.398130309.0000000006ACE000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6ACE000
Size:	8192

Details

Name:	00000001.00000003.434563347.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000001.00000003.464521731.00000000005A4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5A4000
Size:	4096

Details

Name:	00000006.00000002.380381352.0000000003270000.00000004.00000040.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	3270000
Size:	4096

Details

Name:	00000007.00000002.397404643.0000000001543000.00000004.00000020.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	1543000
Size:	163840

Details

Name:	0000000B.00000002.556337206.00000073F8379000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	73F8379000
Size:	28672

Details

Name:	00000006.00000000.366458804.000000007F3A2000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F3A2000
Size:	4096

Details

Name:	00000006.00000000.366464407.000000007F3B0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F3B0000
Size:	12288

Details

Name:	00000000.00000002.307352925.0000000003680000.00000004.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	3680000
Size:	4096

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report

Files

Processes

URLs

Domains

IPs

Registry

Memdumps