Automated Malware Analysis IOC Report for

Details

Name:	00000007.00000000.451843619.0000000000402000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	402000
Size:	118784

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected Nanocore RAT	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
Yara signature match	System Summary

Details

Name:	00000007.00000002.704763684.0000000000402000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	402000
Size:	118784

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected Nanocore RAT	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
Yara signature match	System Summary

Details

Name:	00000004.00000002.455467498.00000000034FB000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	34FB000
Size:	2224128

Signature Hits	Behavior Group	Mitre Attack
Detected Nanocore Rat	Remote Access Functionality	Remote Access Software
Malicious sample detected (through community Yara rule)	System Summary
Yara detected Nanocore RAT	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
Yara signature match	System Summary

Details

Name:	00000004.00000002.454624645.0000000002451000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2451000
Size:	245760

Signature Hits	Behavior Group	Mitre Attack
Yara detected AntiVM3	Malware Analysis System Evasion
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)	Malware Analysis System Evasion	Security Software Discovery
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000004.00000002.454727273.00000000024A6000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	24A6000
Size:	1724416

Signature Hits	Behavior Group	Mitre Attack
Yara detected AntiVM3	Malware Analysis System Evasion

Details

Name:	00000007.00000000.453026505.0000000000402000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	402000
Size:	118784

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected Nanocore RAT	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
Yara signature match	System Summary

Details

Name:	00000007.00000002.704932496.0000000000560000.00000004.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	560000
Size:	102400

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected Nanocore RAT	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
Yara signature match	System Summary

Details

Name:	00000007.00000000.452221812.0000000000402000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	402000
Size:	118784

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected Nanocore RAT	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
Yara signature match	System Summary

Details

Name:	00000007.00000002.706102715.0000000003676000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3676000
Size:	270336

Signature Hits	Behavior Group	Mitre Attack
Found malware configuration	AV Detection
Malicious sample detected (through community Yara rule)	System Summary
Yara detected Nanocore RAT	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
Yara signature match	System Summary

Details

Name:	00000007.00000000.452672182.0000000000402000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	402000
Size:	118784

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected Nanocore RAT	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
Yara signature match	System Summary

Details

Name:	00000004.00000002.455829246.000000000374F000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	374F000
Size:	118784

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected Nanocore RAT	AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality
Yara signature match	System Summary

Details

Name:	00000004.00000002.463310944.00000000063DA000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	63DA000
Size:	4096

Details

Name:	00000004.00000002.466715127.000000007EFC2000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000007.00000002.707673641.000000007EFC0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000007.00000003.543561427.0000000003867000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3867000
Size:	45056

Details

Name:	00000007.00000003.592302489.00000000036F1000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	36F1000
Size:	40960

Details

Name:	0000000B.00000002.469039086.00000000005C0000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	5C0000
Size:	12288

Details

Name:	00000007.00000000.450264034.000000007EFC2000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000004.00000003.443299778.0000000002120000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2120000
Size:	65536

Details

Name:	00000007.00000002.704694894.0000000000390000.00000004.00000040.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	390000
Size:	20480

Details

Name:	00000007.00000002.706092590.0000000003656000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3656000
Size:	40960

Details

Name:	00000007.00000003.673885655.0000000003770000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3770000
Size:	40960

Details

Name:	0000000A.00000002.705967546.000000000226C000.00000004.00000010.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	226C000
Size:	16384

Details

Name:	00000004.00000002.453754884.00000000001D2000.00000040.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	1D2000
Size:	4096

Details

Name:	00000004.00000002.464736127.00000000067F0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	67F0000
Size:	4096

Details

Name:	0000000F.00000002.476004953.0000000002130000.00000040.00000040.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page execute and read and write
Base address:	2130000
Size:	4096

Details

Name:	0000000C.00000003.467801546.0000000000930000.00000004.00000001.sdmp
TargetID:	12
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	930000
Size:	4096

Details

Name:	00000005.00000002.450034312.000000007EFB0000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000007.00000003.661798307.00000000038D0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	38D0000
Size:	40960

Details

Name:	00000007.00000003.661748760.0000000003830000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3830000
Size:	40960

Details

Name:	00000007.00000003.592409516.00000000037D0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	37D0000
Size:	45056

Details

Name:	00000007.00000003.470591430.0000000000578000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	578000
Size:	32768

Details

Name:	00000007.00000003.527921184.0000000003967000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3967000
Size:	45056

Details

Name:	0000000C.00000002.468210364.0000000000209000.00000004.00000001.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	209000
Size:	28672

Details

Name:	00000004.00000002.455324889.0000000003451000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3451000
Size:	479232

Details

Name:	00000004.00000002.462300273.00000000063AB000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	63AB000
Size:	12288

Details

Name:	00000007.00000003.674098492.0000000003970000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3970000
Size:	40960

Details

Name:	0000000C.00000002.468679154.000000007EFC0000.00000002.00020000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	0000000F.00000002.475612159.000000000019A000.00000040.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	19A000
Size:	4096

Details

Name:	0000000F.00000002.476022339.0000000002611000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2611000
Size:	114688

Details

Name:	0000000B.00000000.466061250.000000007EFD0000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000007.00000000.451821535.0000000000090000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	90000
Size:	16384

Details

Name:	0000000C.00000002.468603679.0000000000DFE000.00000104.00000010.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write \| page guard
Base address:	DFE000
Size:	4096

Details

Name:	00000004.00000002.453681014.0000000000180000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	180000
Size:	8192

Details

Name:	00000011.00000002.486447606.0000000001082000.00000020.00020000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute read
Base address:	1082000
Size:	20480

Details

Name:	00000004.00000002.453985107.0000000000714000.00000004.00000020.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	714000
Size:	122880

Details

Name:	00000004.00000002.466742538.000000007EFE0000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFE0000
Size:	20480

Details

Name:	00000007.00000003.543585796.0000000003887000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3887000
Size:	12288

Details

Name:	00000005.00000002.449386990.0000000000474000.00000004.00000020.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	474000
Size:	98304

Details

Name:	00000011.00000003.485621954.00000000005E0000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E0000
Size:	16384

Details

Name:	00000007.00000003.689213723.0000000003790000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3790000
Size:	40960

Details

Name:	00000004.00000002.459572167.0000000005DF4000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5DF4000
Size:	12288

Details

Name:	0000000B.00000002.469961906.000000007EFB2000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000005.00000000.447737659.000000007EFC2000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000007.00000000.449657713.000000007EFB0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000004.00000002.460162868.0000000005F87000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5F87000
Size:	8192

Details

Name:	0000000C.00000002.468500263.0000000000790000.00000002.00020000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	790000
Size:	77824

Details

Name:	00000013.00000002.704520177.000007FFFFFD0000.00000002.00020000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFD0000
Size:	12288

Details

Name:	00000004.00000002.460372179.0000000005FCB000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5FCB000
Size:	12288

Details

Name:	00000004.00000002.458796149.0000000005C4A000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5C4A000
Size:	8192

Details

Name:	00000011.00000000.483434321.0000000001082000.00000020.00020000.sdmp
TargetID:	17
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute read
Base address:	1082000
Size:	20480

Details

Name:	00000004.00000002.461151533.00000000060AB000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	60AB000
Size:	135168

Details

Name:	0000000B.00000000.467050860.000000007EFB2000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000013.00000000.520413573.000007FFFFFD0000.00000002.00020000.sdmp
TargetID:	19
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFD0000
Size:	12288

Details

Name:	00000004.00000002.456331733.0000000004A03000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4A03000
Size:	20480

Details

Name:	00000004.00000003.437252361.00000000059F1000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	59F1000
Size:	200704

Details

Name:	00000005.00000002.450008703.00000000023AF000.00000004.00000010.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	23AF000
Size:	4096

Details

Name:	00000007.00000003.454251090.00000000003EC000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3EC000
Size:	16384

Details

Name:	00000005.00000002.449205920.0000000000010000.00000004.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	10000
Size:	4096

Details

Name:	00000011.00000000.483482482.000000007EFC0000.00000002.00020000.sdmp
TargetID:	17
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	0000000F.00000002.475832550.00000000006BF000.00000004.00000010.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	6BF000
Size:	4096

Details

Name:	00000007.00000003.454097107.00000000003E0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E0000
Size:	45056

Details

Name:	00000004.00000002.456237803.000000000495E000.00000004.00000010.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	495E000
Size:	8192

Details

Name:	00000004.00000002.453802142.0000000000310000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	310000
Size:	4096

Details

Name:	00000007.00000003.592458790.0000000003850000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3850000
Size:	45056

Details

Name:	00000007.00000003.673903837.00000000037B0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	37B0000
Size:	40960

Details

Name:	00000004.00000002.454334309.0000000000950000.00000004.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	950000
Size:	28672

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000011.00000002.486119409.00000000003B7000.00000004.00000020.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	3B7000
Size:	4096

Details

Name:	00000008.00000000.457536033.000000007EFB2000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000011.00000002.486468959.0000000001088000.00000002.00020000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	1088000
Size:	4096

Details

Name:	00000007.00000000.451888700.000000007EFC2000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	0000000B.00000002.469979800.000000007EFD0000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000004.00000002.454439880.00000000009C0000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	9C0000
Size:	77824

Details

Name:	00000004.00000002.463432031.0000000006423000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6423000
Size:	8192

Details

Name:	00000004.00000002.454614978.0000000002140000.00000040.00000040.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page execute and read and write
Base address:	2140000
Size:	8192

Details

Name:	0000000C.00000002.468659645.000000000474E000.00000004.00000010.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	474E000
Size:	8192

Details

Name:	00000004.00000002.458477767.0000000005B8E000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5B8E000
Size:	4096

Details

Name:	00000004.00000002.459892929.0000000005EF7000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5EF7000
Size:	4096

Details

Name:	00000004.00000002.458288041.0000000005AAE000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5AAE000
Size:	8192

Details

Name:	0000000A.00000002.706071787.000007FFFFFD0000.00000002.00020000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFD0000
Size:	12288

Details

Name:	00000004.00000003.443231862.00000000046D9000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	46D9000
Size:	28672

Details

Name:	0000000A.00000002.704148293.00000000000D0000.00000004.00020000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	D0000
Size:	8192

Details

Name:	00000007.00000003.454392850.00000000003E0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E0000
Size:	16384

Details

Name:	0000000A.00000002.705854191.000000000200B000.00000004.00000040.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	200B000
Size:	12288

Details

Name:	00000007.00000003.470990760.0000000000530000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	530000
Size:	16384

Details

Name:	00000007.00000000.451894286.000000007EFD0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000007.00000003.607725349.0000000003810000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3810000
Size:	40960

Details

Name:	00000004.00000002.459397252.0000000005D76000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5D76000
Size:	12288

Details

Name:	00000008.00000002.460736263.0000000001CF0000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	1CF0000
Size:	3133440

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000004.00000003.443167676.0000000004850000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4850000
Size:	65536

Details

Name:	00000004.00000003.437293609.0000000004A12000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4A12000
Size:	12288

Details

Name:	00000005.00000000.447429237.000000007EFB2000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000004.00000002.466264658.00000000078BE000.00000004.00000010.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	78BE000
Size:	8192

Details

Name:	00000007.00000003.674084244.0000000003950000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3950000
Size:	40960

Details

Name:	00000004.00000002.456666155.0000000005048000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5048000
Size:	12288

Details

Name:	00000004.00000002.466530775.0000000007DAE000.00000004.00000010.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7DAE000
Size:	8192

Details

Name:	00000004.00000003.437354324.0000000004A12000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4A12000
Size:	12288

Details

Name:	00000005.00000000.447106607.0000000000050000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	50000
Size:	16384

Details

Name:	00000011.00000002.486590822.000000007EFE0000.00000002.00020000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFE0000
Size:	20480

Details

Name:	00000004.00000002.466486779.0000000007C6E000.00000004.00000010.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7C6E000
Size:	8192

Details

Name:	00000013.00000002.704412960.000000000057F000.00000004.00000010.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	57F000
Size:	4096

Details

Name:	00000007.00000002.704403354.00000000001F2000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1F2000
Size:	4096

Details

Name:	00000011.00000002.485845215.0000000000010000.00000004.00020000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	10000
Size:	4096

Details

Name:	00000007.00000002.704192541.0000000000160000.00000004.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	160000
Size:	4096

Details

Name:	00000013.00000002.704213548.000000000016D000.00000004.00000020.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	16D000
Size:	32768

Details

Name:	00000004.00000002.459247379.0000000005D3D000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5D3D000
Size:	4096

Details

Name:	00000004.00000002.461360064.0000000006115000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6115000
Size:	4096

Details

Name:	00000007.00000002.706021260.0000000002889000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2889000
Size:	53248

Signature Hits	Behavior Group	Mitre Attack
May try to detect the Windows Explorer process (often used for injection)	HIPS / PFW / Operating System Protection Evasion	Process Injection Process Discovery

Details

Name:	00000007.00000003.607679645.0000000003770000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3770000
Size:	40960

Details

Name:	00000007.00000003.454365295.00000000003E0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E0000
Size:	16384

Details

Name:	00000013.00000000.520374598.000007FFFFFB0000.00000002.00020000.sdmp
TargetID:	19
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFB0000
Size:	4096

Details

Name:	00000011.00000002.486127058.00000000003D4000.00000004.00000020.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	3D4000
Size:	122880

Details

Name:	00000007.00000002.706316264.00000000047A7000.00000040.00000040.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page execute and read and write
Base address:	47A7000
Size:	4096

Details

Name:	00000004.00000000.436073834.000000007EFB0000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000004.00000002.454592904.00000000020FD000.00000004.00000010.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	20FD000
Size:	12288

Details

Name:	00000007.00000002.704506953.0000000000312000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	312000
Size:	4096

Details

Name:	00000004.00000002.453764190.00000000001E2000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1E2000
Size:	4096

Details

Name:	00000004.00000002.454050319.0000000000766000.00000004.00000020.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	766000
Size:	446464

Details

Name:	00000007.00000003.454028355.00000000003E6000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E6000
Size:	4096

Details

Name:	00000007.00000003.470494106.0000000000530000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	530000
Size:	28672

Details

Name:	00000011.00000002.486111663.00000000003B0000.00000004.00000020.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	3B0000
Size:	16384

Details

Name:	00000007.00000002.705047161.000000000070E000.00000004.00000010.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	70E000
Size:	8192

Details

Name:	00000007.00000003.453927070.00000000003E0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E0000
Size:	40960

Details

Name:	00000008.00000002.459953323.00000000005F0000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	5F0000
Size:	12288

Details

Name:	00000004.00000002.463408402.0000000006421000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6421000
Size:	4096

Details

Name:	00000007.00000000.451510534.000000007EFB0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000004.00000002.455891688.000000000458D000.00000004.00000010.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	458D000
Size:	12288

Details

Name:	00000008.00000002.463373073.00000000023C4000.00000004.00000040.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	23C4000
Size:	4096

Details

Name:	00000004.00000002.460894517.0000000006029000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6029000
Size:	172032

Details

Name:	00000011.00000002.485872014.0000000000060000.00000002.00020000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	60000
Size:	4096

Details

Name:	00000007.00000003.470166615.0000000000490000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	490000
Size:	28672

Details

Name:	00000004.00000002.456701158.000000000504E000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	504E000
Size:	61440

Details

Name:	00000004.00000002.453792456.00000000002E8000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2E8000
Size:	32768

Details

Name:	00000007.00000000.450536846.000000007EFC2000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000011.00000002.486035016.000000000037A000.00000040.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	37A000
Size:	12288

Details

Name:	00000007.00000002.704273881.00000000001D2000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	1D2000
Size:	36864

Details

Name:	00000007.00000002.706537627.00000000052AD000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	52AD000
Size:	12288

Details

Name:	00000007.00000003.673938241.00000000037F0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	37F0000
Size:	40960

Details

Name:	00000005.00000002.449252921.00000000001CF000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1CF000
Size:	4096

Details

Name:	00000007.00000000.449928682.000000007EFB0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000004.00000002.461650035.00000000061F9000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	61F9000
Size:	184320

Details

Name:	00000007.00000003.543665389.0000000003927000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3927000
Size:	45056

Details

Name:	00000004.00000002.457047341.00000000055CE000.00000004.00000010.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	55CE000
Size:	8192

Details

Name:	00000005.00000002.449419545.00000000006D0000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	6D0000
Size:	12288

Details

Name:	00000005.00000000.447446034.000000007EFC2000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000007.00000002.704442798.0000000000200000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	200000
Size:	4096

Details

Name:	0000000B.00000002.468902021.00000000001DF000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF000
Size:	4096

Details

Name:	00000004.00000002.458689784.0000000005BF0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5BF0000
Size:	4096

Details

Name:	0000000A.00000002.706003793.0000000002935000.00000004.00000040.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2935000
Size:	4096

Details

Name:	0000000F.00000000.473966811.000000007EFB2000.00000002.00020000.sdmp
TargetID:	15
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000008.00000000.458261525.000000007EFB2000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000007.00000003.453681465.0000000000370000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	370000
Size:	20480

Details

Name:	00000007.00000003.689445879.0000000003930000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3930000
Size:	40960

Details

Name:	00000007.00000000.452662311.0000000000400000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	400000
Size:	4096

Details

Name:	00000004.00000003.445819529.0000000005390000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5390000
Size:	4096

Details

Name:	00000004.00000003.443364775.0000000002110000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2110000
Size:	16384

Details

Name:	00000007.00000003.527942881.0000000003990000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3990000
Size:	69632

Details

Name:	00000011.00000002.486221776.00000000004F0000.00000040.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	4F0000
Size:	4096

Details

Name:	00000005.00000000.447993573.000000007EFC0000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000004.00000002.459160216.0000000005D10000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5D10000
Size:	12288

Details

Name:	0000000F.00000003.475356518.00000000006F0000.00000040.00000040.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	heap private
Protect:	page execute and read and write
Base address:	6F0000
Size:	4096

Details

Name:	00000004.00000002.456386866.0000000004A60000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4A60000
Size:	4096

Details

Name:	0000000A.00000000.464795083.000007FFFFFD0000.00000002.00020000.sdmp
TargetID:	10
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFD0000
Size:	12288

Details

Name:	00000007.00000003.592439540.0000000003830000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3830000
Size:	45056

Details

Name:	00000007.00000002.706008895.0000000002881000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2881000
Size:	28672

Details

Name:	00000004.00000002.462148033.0000000006368000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6368000
Size:	16384

Details

Name:	0000000B.00000000.466680734.000000007EFD0000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000007.00000002.704360366.00000000001E0000.00000004.00000040.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	1E0000
Size:	12288

Details

Name:	0000000C.00000002.468457508.00000000005F0000.00000004.00000040.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	5F0000
Size:	12288

Details

Name:	00000007.00000000.450257190.000000007EFC0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000005.00000002.449248181.00000000001CB000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1CB000
Size:	12288

Details

Name:	00000007.00000003.453875271.00000000003E4000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E4000
Size:	49152

Details

Name:	00000013.00000002.704485162.000007FFFFFB2000.00000002.00020000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFB2000
Size:	4096

Details

Name:	00000011.00000002.486579964.000000007EFD0000.00000002.00020000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000007.00000002.705796159.000000000270A000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	270A000
Size:	77824

Details

Name:	00000004.00000002.460168769.0000000005F8C000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5F8C000
Size:	131072

Details

Name:	0000000B.00000000.467593541.000000007EFB2000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000004.00000002.456745555.000000000522F000.00000004.00000010.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	522F000
Size:	4096

Details

Name:	00000007.00000000.450840041.000000007EFD0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000004.00000003.453391921.0000000000440000.00000040.00000040.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	heap private
Protect:	page execute and read and write
Base address:	440000
Size:	4096

Details

Name:	00000007.00000002.707719241.000000007EFD0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000007.00000002.704465594.000000000020A000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	20A000
Size:	4096

Details

Name:	00000007.00000000.449670952.000000007EFC2000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000004.00000002.460388431.0000000005FCF000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5FCF000
Size:	4096

Details

Name:	00000007.00000000.451883181.000000007EFC0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	0000000A.00000000.464786567.000007FFFFFC2000.00000002.00020000.sdmp
TargetID:	10
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFC2000
Size:	4096

Details

Name:	00000004.00000002.459953009.0000000005F21000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5F21000
Size:	8192

Details

Name:	00000008.00000000.457970756.000000007EFC2000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000004.00000002.454253676.00000000007D4000.00000004.00000020.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	7D4000
Size:	114688

Details

Name:	00000004.00000002.459713473.0000000005E60000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5E60000
Size:	4096

Details

Name:	00000007.00000002.707519587.0000000006AAD000.00000004.00000010.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	6AAD000
Size:	12288

Details

Name:	00000004.00000002.454323042.0000000000914000.00000004.00000040.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	914000
Size:	4096

Details

Name:	00000007.00000003.454082957.00000000003E0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E0000
Size:	16384

Details

Name:	00000007.00000003.470604414.0000000000530000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	530000
Size:	49152

Details

Name:	0000000B.00000000.467624831.000000007EFC0000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000011.00000003.485581612.0000000000580000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	580000
Size:	4096

Details

Name:	0000000F.00000003.475331265.0000000000560000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	560000
Size:	12288

Details

Name:	0000000C.00000002.468153609.0000000000010000.00000004.00020000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	10000
Size:	4096

Details

Name:	00000008.00000000.458251305.000000007EFB0000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000007.00000003.454049793.00000000003E0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E0000
Size:	20480

Details

Name:	00000007.00000000.449919231.00000000000A0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	A0000
Size:	4096

Details

Name:	00000005.00000002.450054927.000000007EFD0000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000008.00000002.459795182.0000000000030000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	30000
Size:	28672

Details

Name:	00000013.00000002.704498856.000007FFFFFC0000.00000002.00020000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFC0000
Size:	4096

Details

Name:	0000000B.00000000.467633524.000000007EFC2000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000007.00000000.449972807.000000007EFD0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	0000000C.00000002.468206063.0000000000207000.00000104.00000001.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write \| page guard
Base address:	207000
Size:	4096

Details

Name:	00000007.00000000.451101161.0000000000090000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	90000
Size:	16384

Details

Name:	00000011.00000002.486265224.0000000000560000.00000040.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	560000
Size:	8192

Details

Name:	00000011.00000003.485674461.00000000005E0000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5E0000
Size:	16384

Details

Name:	00000007.00000003.543645672.00000000038F7000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	38F7000
Size:	4096

Details

Name:	00000004.00000003.448030850.0000000004C20000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4C20000
Size:	57344

Details

Name:	00000007.00000000.453059468.000000007EFC0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000007.00000000.449409835.000000007EFB2000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000004.00000002.466362090.0000000007A6E000.00000004.00000010.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7A6E000
Size:	8192

Details

Name:	00000007.00000003.454405848.00000000003E0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E0000
Size:	20480

Details

Name:	00000004.00000002.462027533.0000000006334000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6334000
Size:	118784

Details

Name:	0000000F.00000002.475656648.00000000001D7000.00000040.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	1D7000
Size:	4096

Details

Name:	00000007.00000000.449052812.000000007EFC0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	0000000A.00000002.704234090.00000000002A0000.00000004.00000020.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	2A0000
Size:	20480

Details

Name:	00000007.00000003.689363191.00000000038D0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	38D0000
Size:	40960

Details

Name:	00000007.00000000.449957308.000000007EFC2000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000007.00000000.452653032.00000000000A0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	A0000
Size:	4096

Details

Name:	00000004.00000002.463305115.00000000063D7000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	63D7000
Size:	4096

Details

Name:	00000004.00000002.459279393.0000000005D43000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5D43000
Size:	4096

Details

Name:	00000008.00000000.457475594.0000000000050000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	50000
Size:	16384

Details

Name:	00000007.00000000.449419716.000000007EFC2000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000004.00000002.456768867.000000000527E000.00000004.00000010.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	527E000
Size:	8192

Details

Name:	00000007.00000002.706175645.0000000003770000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3770000
Size:	36864

Details

Name:	00000004.00000002.463327876.00000000063E5000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	63E5000
Size:	8192

Details

Name:	00000004.00000002.459407926.0000000005D7A000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5D7A000
Size:	4096

Details

Name:	00000007.00000003.471163016.00000000006C0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	6C0000
Size:	65536

Details

Name:	00000008.00000000.457646421.000000007EFD0000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000013.00000002.704274577.000000000032F000.00000004.00000010.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	32F000
Size:	4096

Details

Name:	00000013.00000002.704426516.0000000000ABF000.00000004.00000010.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	ABF000
Size:	4096

Details

Name:	00000007.00000000.451537374.000000007EFD0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000011.00000002.486482464.0000000002491000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2491000
Size:	114688

Details

Name:	00000004.00000002.459898881.0000000005EF9000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5EF9000
Size:	4096

Details

Name:	0000000B.00000000.466990464.0000000000050000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	50000
Size:	16384

Details

Name:	00000007.00000002.705145166.00000000007A9000.00000004.00000020.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	7A9000
Size:	253952

Details

Name:	00000004.00000002.459875708.0000000005EE6000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5EE6000
Size:	8192

Details

Name:	00000007.00000002.704218643.00000000001B0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1B0000
Size:	8192

Details

Name:	00000007.00000003.592380199.0000000003790000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3790000
Size:	45056

Details

Name:	0000000F.00000003.475253705.00000000004B0000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4B0000
Size:	16384

Details

Name:	00000004.00000002.464548226.00000000067B4000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	67B4000
Size:	131072

Details

Name:	00000004.00000002.453666456.0000000000140000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	140000
Size:	4096

Details

Name:	0000000F.00000002.475779385.0000000000440000.00000004.00000040.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	440000
Size:	12288

Details

Name:	00000004.00000002.458940387.0000000005CB5000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5CB5000
Size:	16384

Details

Name:	00000007.00000002.704732483.00000000003B0000.00000004.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	3B0000
Size:	8192

Details

Name:	0000000F.00000002.475800734.00000000004C0000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4C0000
Size:	4096

Details

Name:	00000007.00000000.453063649.000000007EFC2000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000004.00000002.464071526.0000000006595000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6595000
Size:	94208

Details

Name:	00000004.00000002.460048882.0000000005F45000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5F45000
Size:	131072

Details

Name:	00000007.00000000.450794974.00000000000A0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	A0000
Size:	4096

Details

Name:	00000011.00000002.486094750.00000000003A7000.00000040.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	3A7000
Size:	4096

Details

Name:	00000011.00000002.486336693.0000000000820000.00000002.00020000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	820000
Size:	12288

Details

Name:	00000007.00000002.705013648.00000000005B3000.00000004.00000020.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	5B3000
Size:	4096

Details

Name:	00000005.00000000.447134036.000000007EFC0000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000004.00000002.465578092.0000000006C9A000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6C9A000
Size:	1441792

Details

Name:	00000004.00000002.461275167.00000000060E7000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	60E7000
Size:	135168

Details

Name:	00000007.00000003.473382316.00000000006C0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	6C0000
Size:	28672

Details

Name:	00000007.00000003.470863198.0000000000530000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	530000
Size:	24576

Details

Name:	00000004.00000002.454606569.0000000002110000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	2110000
Size:	8192

Details

Name:	00000011.00000000.483459108.000000007EFB0000.00000002.00020000.sdmp
TargetID:	17
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000007.00000002.704100151.0000000000010000.00000004.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	10000
Size:	4096

Details

Name:	00000004.00000002.464136669.00000000065BA000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	65BA000
Size:	1355776

Details

Name:	00000007.00000003.454167565.00000000003E0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E0000
Size:	16384

Details

Name:	0000000F.00000002.475929564.0000000000830000.00000002.00020000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	830000
Size:	24576

Details

Name:	00000007.00000003.454322337.00000000003E0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E0000
Size:	24576

Details

Name:	00000007.00000003.607779044.0000000003890000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3890000
Size:	40960

Details

Name:	00000005.00000002.449453962.0000000000870000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	870000
Size:	3133440

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000004.00000002.465457818.0000000006BCE000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6BCE000
Size:	815104

Details

Name:	00000011.00000002.486413833.0000000000CAF000.00000004.00000010.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	CAF000
Size:	4096

Details

Name:	00000004.00000002.453697983.00000000001A0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1A0000
Size:	8192

Details

Name:	00000004.00000002.466680694.000000007EFB2000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000005.00000002.450059947.000000007EFDF000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7EFDF000
Size:	4096

Details

Name:	00000007.00000003.689457194.0000000003950000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3950000
Size:	40960

Details

Name:	00000005.00000000.447440046.000000007EFC0000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	0000000A.00000002.704565965.00000000003D6000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3D6000
Size:	8192

Details

Name:	00000007.00000000.453050643.000000007EFB0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000004.00000002.456220025.0000000004830000.00000004.00000040.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	4830000
Size:	40960

Details

Name:	00000007.00000003.470408410.0000000000530000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	530000
Size:	20480

Details

Name:	00000008.00000000.458565616.000000007EFB0000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000004.00000003.443373414.0000000002110000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2110000
Size:	32768

Details

Name:	00000004.00000003.437415700.00000000049CC000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	49CC000
Size:	4096

Details

Name:	00000011.00000002.486555600.000000007EFB0000.00000002.00020000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000004.00000002.466702718.000000007EFC0000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000007.00000000.452712873.000000007EFB0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000004.00000000.436078250.000000007EFB2000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	0000000F.00000002.475714218.00000000003E0000.00000002.00020000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	3E0000
Size:	4096

Details

Name:	00000008.00000000.458634351.000000007EFD0000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000007.00000000.451122800.000000007EFB0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000007.00000003.661768055.0000000003870000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3870000
Size:	40960

Details

Name:	00000007.00000000.452739267.000000007EFC2000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000007.00000003.543438203.0000000003787000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3787000
Size:	45056

Details

Name:	00000004.00000002.462285033.00000000063A0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	63A0000
Size:	4096

Details

Name:	00000007.00000000.452729801.000000007EFC0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000007.00000002.704808958.000000000048E000.00000004.00000010.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	48E000
Size:	8192

Details

Name:	00000004.00000003.443261668.0000000004460000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4460000
Size:	20480

Details

Name:	00000007.00000003.473269880.00000000006C0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	6C0000
Size:	24576

Details

Name:	0000000B.00000002.468908860.00000000001E0000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	1E0000
Size:	913408

Details

Name:	00000011.00000002.486028879.0000000000372000.00000040.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	372000
Size:	12288

Details

Name:	00000007.00000003.674019236.00000000038D0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	38D0000
Size:	40960

Details

Name:	00000011.00000002.486171827.00000000004E0000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4E0000
Size:	65536

Details

Name:	00000007.00000002.704483961.0000000000306000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	306000
Size:	40960

Details

Name:	00000004.00000002.453758670.00000000001DA000.00000040.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	1DA000
Size:	4096

Details

Name:	00000004.00000002.456373440.0000000004A56000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4A56000
Size:	40960

Details

Name:	00000007.00000002.704112499.0000000000020000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	20000
Size:	4096

Details

Name:	00000007.00000002.707306893.0000000005EFE000.00000004.00000010.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	5EFE000
Size:	8192

Details

Name:	00000005.00000000.447451858.000000007EFD0000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	0000000F.00000002.476069247.000000000478E000.00000004.00000010.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	478E000
Size:	8192

Details

Name:	00000004.00000000.436065716.00000000009BC000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	9BC000
Size:	4096

Details

Name:	00000007.00000000.451135906.000000007EFB2000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000004.00000002.456122118.0000000004720000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4720000
Size:	897024

Details

Name:	00000004.00000002.462294562.00000000063A3000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	63A3000
Size:	8192

Details

Name:	00000007.00000003.453989792.00000000003F0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3F0000
Size:	28672

Details

Name:	00000004.00000002.461974095.000000000631E000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	631E000
Size:	8192

Details

Name:	00000007.00000003.527872696.0000000003947000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3947000
Size:	45056

Details

Name:	0000000F.00000001.474038790.0000000000A40000.00000002.00020000.sdmp
TargetID:	15
Dumpstage:	image loaded
Regiontype:	unkown image
Protect:	page readonly
Base address:	A40000
Size:	4096

Details

Name:	00000007.00000003.689171015.0000000003750000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3750000
Size:	40960

Details

Name:	0000000A.00000002.704256391.00000000002A7000.00000004.00000020.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	2A7000
Size:	8192

Details

Name:	00000004.00000002.464753754.0000000006805000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6805000
Size:	131072

Details

Name:	00000007.00000003.689431232.0000000003910000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3910000
Size:	40960

Details

Name:	00000007.00000003.471141021.0000000000710000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	710000
Size:	61440

Details

Name:	00000004.00000002.463277869.00000000063B7000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	63B7000
Size:	126976

Details

Name:	00000004.00000002.456062300.0000000004670000.00000004.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	4670000
Size:	344064

Details

Name:	00000004.00000002.459699849.0000000005E4E000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5E4E000
Size:	12288

Details

Name:	00000007.00000002.706331908.00000000047E0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	47E0000
Size:	4096

Details

Name:	00000013.00000002.704383704.0000000000396000.00000004.00000001.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	396000
Size:	8192

Details

Name:	00000004.00000002.460105745.0000000005F6E000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5F6E000
Size:	4096

Details

Name:	00000008.00000002.459815082.00000000000F0000.00000004.00020000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	F0000
Size:	8192

Details

Name:	00000004.00000002.456593542.000000000502D000.00000004.00000010.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	502D000
Size:	12288

Details

Name:	0000000C.00000002.468675199.000000007EFB2000.00000002.00020000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000007.00000003.592581311.0000000003930000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3930000
Size:	45056

Details

Name:	00000004.00000002.463384620.0000000006419000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6419000
Size:	4096

Details

Name:	00000004.00000002.463316241.00000000063DD000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	63DD000
Size:	8192

Details

Name:	00000007.00000000.452298295.000000007EFC0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000013.00000002.704368300.0000000000360000.00000004.00000001.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	360000
Size:	4096

Details

Name:	0000000C.00000002.468417940.00000000004B0000.00000004.00000040.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	4B0000
Size:	12288

Details

Name:	0000000C.00000002.468670674.000000007EFB0000.00000002.00020000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000004.00000002.459969110.0000000005F2A000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5F2A000
Size:	4096

Details

Name:	00000007.00000003.454311934.00000000003E5000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E5000
Size:	16384

Details

Name:	00000004.00000002.466130197.0000000006E91000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6E91000
Size:	24576

Details

Name:	00000004.00000002.453850641.0000000000340000.00000040.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	340000
Size:	53248

Details

Name:	00000011.00000002.486229346.0000000000500000.00000002.00020000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	500000
Size:	4096

Details

Name:	0000000B.00000000.467663559.000000007EFD0000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000007.00000003.454203286.00000000003E7000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E7000
Size:	12288

Details

Name:	0000000F.00000002.475651469.00000000001CA000.00000040.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	1CA000
Size:	4096

Details

Name:	00000004.00000002.458113864.00000000059F0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	59F0000
Size:	106496

Details

Name:	0000000F.00000002.475644004.00000000001C2000.00000040.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	1C2000
Size:	4096

Details

Name:	00000004.00000002.458488153.0000000005B90000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5B90000
Size:	4096

Details

Name:	00000007.00000003.543473328.00000000037C7000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	37C7000
Size:	45056

Details

Name:	00000004.00000002.458698902.0000000005BFB000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5BFB000
Size:	8192

Details

Name:	00000007.00000003.661759872.0000000003850000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3850000
Size:	40960

Details

Name:	00000004.00000002.453949897.00000000004B0000.00000004.00000020.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	4B0000
Size:	69632

Details

Name:	00000013.00000002.704294440.0000000000350000.00000004.00000040.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	350000
Size:	4096

Details

Name:	0000000A.00000002.704620036.0000000000620000.00000002.00020000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	620000
Size:	12288

Details

Name:	00000004.00000002.453726134.00000000001B2000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1B2000
Size:	4096

Details

Name:	0000000B.00000002.469060627.0000000000644000.00000004.00000020.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	644000
Size:	102400

Details

Name:	00000005.00000002.449381225.0000000000457000.00000004.00000020.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	457000
Size:	4096

Details

Name:	00000004.00000002.466656481.000000007EF50000.00000040.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	7EF50000
Size:	4096

Details

Name:	00000007.00000000.451484585.0000000000090000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	90000
Size:	16384

Details

Name:	00000007.00000002.704535976.000000000031B000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	31B000
Size:	4096

Details

Name:	00000004.00000002.466668563.000000007EFB0000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000004.00000002.456247961.0000000004960000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4960000
Size:	8192

Details

Name:	00000005.00000000.448005088.000000007EFD0000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000005.00000002.449375236.0000000000450000.00000004.00000020.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	450000
Size:	16384

Details

Name:	00000011.00000002.486255492.0000000000510000.00000004.00000040.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	510000
Size:	12288

Details

Name:	00000004.00000000.436025869.0000000000962000.00000020.00020000.sdmp
TargetID:	4
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute read
Base address:	962000
Size:	368640

Details

Name:	00000013.00000002.704397552.00000000004DF000.00000004.00000010.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4DF000
Size:	4096

Details

Name:	0000000C.00000002.468700445.000000007EFE0000.00000002.00020000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFE0000
Size:	20480

Details

Name:	0000000A.00000002.704581181.00000000004A0000.00000002.00020000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	4A0000
Size:	24576

Details

Name:	00000004.00000002.462141184.0000000006360000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6360000
Size:	8192

Details

Name:	00000007.00000002.704582167.0000000000350000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	350000
Size:	4096

Details

Name:	00000004.00000002.461628278.00000000061B2000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	61B2000
Size:	163840

Details

Name:	00000007.00000003.454412373.00000000003E6000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E6000
Size:	28672

Details

Name:	00000007.00000003.689398072.00000000038F0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	38F0000
Size:	40960

Details

Name:	00000004.00000002.459867309.0000000005EE3000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5EE3000
Size:	4096

Details

Name:	0000000F.00000002.476045706.0000000003611000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3611000
Size:	8192

Details

Name:	00000004.00000002.463393803.000000000641B000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	641B000
Size:	4096

Details

Name:	00000008.00000000.457505795.0000000000060000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	60000
Size:	4096

Details

Name:	00000007.00000000.453055059.000000007EFB2000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000007.00000002.705091932.0000000000760000.00000004.00000020.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	760000
Size:	16384

Details

Name:	0000000F.00000003.475260502.00000000004A0000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4A0000
Size:	4096

Details

Name:	00000007.00000003.470109417.0000000000490000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	490000
Size:	16384

Details

Name:	0000000F.00000003.475203144.0000000000480000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	480000
Size:	4096

Details

Name:	00000004.00000002.456113324.000000000471C000.00000004.00000010.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	471C000
Size:	16384

Details

Name:	00000007.00000003.607645170.0000000003730000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3730000
Size:	40960

Details

Name:	00000013.00000002.704197023.0000000000137000.00000004.00000020.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	137000
Size:	4096

Details

Name:	00000007.00000000.453022551.0000000000400000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	400000
Size:	4096

Details

Name:	00000008.00000002.459839390.00000000001A0000.00000004.00000020.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	1A0000
Size:	16384

Details

Name:	00000007.00000000.449389667.0000000000090000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	90000
Size:	16384

Details

Name:	0000000F.00000002.476166388.000000007EFC2000.00000002.00020000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000007.00000002.704454489.0000000000202000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	202000
Size:	4096

Details

Name:	0000000B.00000000.467439946.0000000000050000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	50000
Size:	16384

Details

Name:	00000011.00000002.486569234.000000007EFC0000.00000002.00020000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000011.00000002.486543756.000000000466E000.00000004.00000010.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	466E000
Size:	8192

Details

Name:	00000007.00000003.592335072.0000000003730000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3730000
Size:	45056

Details

Name:	00000005.00000002.450039013.000000007EFB2000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000004.00000002.454310866.00000000008F0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	8F0000
Size:	4096

Details

Name:	0000000F.00000002.475554684.0000000000020000.00000004.00020000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	20000
Size:	4096

Details

Name:	00000007.00000002.706575183.0000000005480000.00000004.00000040.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	5480000
Size:	12288

Details

Name:	00000007.00000003.592565275.0000000003910000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3910000
Size:	45056

Details

Name:	00000007.00000002.705448475.0000000000C9F000.00000004.00000010.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	C9F000
Size:	4096

Details

Name:	00000004.00000002.453965986.00000000006B0000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	6B0000
Size:	12288

Details

Name:	00000004.00000002.456258154.000000000497D000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	497D000
Size:	299008

Details

Name:	00000007.00000003.454022563.00000000003E0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E0000
Size:	16384

Details

Name:	0000000F.00000002.476107118.000000007EFB2000.00000002.00020000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000004.00000003.445805575.0000000005390000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5390000
Size:	4096

Details

Name:	0000000F.00000002.476175609.000000007EFD0000.00000002.00020000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000007.00000003.454280979.00000000003E0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E0000
Size:	45056

Details

Name:	00000004.00000002.459604438.0000000005E06000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5E06000
Size:	16384

Details

Name:	00000008.00000002.463379027.00000000023E2000.00000004.00000040.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	23E2000
Size:	8192

Details

Name:	00000007.00000003.454001077.0000000000440000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	440000
Size:	45056

Details

Name:	00000007.00000000.452330604.000000007EFC2000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000004.00000002.463893256.0000000006519000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6519000
Size:	135168

Details

Name:	00000007.00000002.707444513.0000000006780000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6780000
Size:	4096

Details

Name:	0000000F.00000002.475572399.00000000000DB000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	DB000
Size:	20480

Details

Name:	00000007.00000002.706199185.00000000037B0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	37B0000
Size:	40960

Details

Name:	00000004.00000002.456886235.000000000541E000.00000004.00000010.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	541E000
Size:	8192

Details

Name:	00000007.00000002.705807913.000000000271E000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	271E000
Size:	593920

Details

Name:	00000007.00000003.453669467.0000000000370000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	370000
Size:	4096

Details

Name:	00000007.00000002.706385035.0000000004D3E000.00000004.00000010.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4D3E000
Size:	8192

Details

Name:	00000007.00000000.449910448.0000000000090000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	90000
Size:	16384

Details

Name:	00000007.00000002.704519510.0000000000317000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	317000
Size:	4096

Details

Name:	00000007.00000000.449398648.00000000000A0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	A0000
Size:	4096

Details

Name:	0000000F.00000002.475853506.0000000000737000.00000004.00000020.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	737000
Size:	4096

Details

Name:	0000000A.00000002.704214462.000000000021C000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	21C000
Size:	16384

Details

Name:	00000004.00000002.458958758.0000000005CBA000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5CBA000
Size:	126976

Details

Name:	00000007.00000002.707699976.000000007EFC2000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000007.00000002.705880278.00000000027B0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	27B0000
Size:	4096

Details

Name:	00000013.00000002.704347880.0000000000354000.00000004.00000040.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	354000
Size:	16384

Details

Name:	0000000A.00000002.706043215.000007FFFFFB0000.00000002.00020000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFB0000
Size:	4096

Details

Name:	0000000B.00000000.465939056.0000000000050000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	50000
Size:	16384

Details

Name:	00000007.00000002.704831581.00000000004A0000.00000040.00000040.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page execute and read and write
Base address:	4A0000
Size:	8192

Details

Name:	00000004.00000002.459856987.0000000005EDE000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5EDE000
Size:	16384

Details

Name:	00000004.00000002.459458305.0000000005DA0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5DA0000
Size:	8192

Details

Name:	00000007.00000003.543427382.0000000003767000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3767000
Size:	45056

Details

Name:	00000007.00000002.706630824.000000000581F000.00000004.00000010.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	581F000
Size:	4096

Details

Name:	0000000B.00000002.469985330.000000007EFDF000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7EFDF000
Size:	4096

Details

Name:	0000000B.00000000.466514549.0000000000050000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	50000
Size:	16384

Details

Name:	0000000A.00000000.464753337.000007FFFFFB0000.00000002.00020000.sdmp
TargetID:	10
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFB0000
Size:	4096

Details

Name:	00000007.00000002.705892687.00000000027B4000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	27B4000
Size:	827392

Details

Name:	00000007.00000000.451501387.0000000000400000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	400000
Size:	4096

Details

Name:	00000007.00000003.655962921.0000000000836000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	836000
Size:	49152

Details

Name:	00000007.00000003.661825849.0000000003930000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3930000
Size:	40960

Details

Name:	00000004.00000000.436087342.000000007EFC2000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000007.00000002.704617447.0000000000360000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	360000
Size:	65536

Details

Name:	00000011.00000002.486434799.0000000001080000.00000002.00020000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	1080000
Size:	4096

Details

Name:	00000004.00000002.453903303.0000000000420000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	420000
Size:	65536

Details

Name:	0000000F.00000002.475676407.00000000002E6000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2E6000
Size:	8192

Details

Name:	00000004.00000000.436017299.0000000000960000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	960000
Size:	4096

Details

Name:	0000000C.00000002.468257351.00000000002BA000.00000040.00000001.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2BA000
Size:	12288

Details

Name:	00000004.00000002.459614074.0000000005E0C000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5E0C000
Size:	139264

Details

Name:	00000007.00000003.661843889.0000000003970000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3970000
Size:	40960

Details

Name:	00000007.00000002.706164951.0000000003750000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3750000
Size:	36864

Details

Name:	00000007.00000003.689199855.0000000003770000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3770000
Size:	40960

Details

Name:	00000008.00000000.457907785.0000000000050000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	50000
Size:	16384

Details

Name:	00000004.00000002.458296834.0000000005AC1000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5AC1000
Size:	114688

Details

Name:	00000007.00000002.705028008.0000000000618000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	618000
Size:	4096

Details

Name:	0000000A.00000002.704638735.0000000000630000.00000002.00020000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	630000
Size:	77824

Details

Name:	0000000F.00000002.476088831.000000007EFB0000.00000002.00020000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000004.00000002.454001642.0000000000739000.00000004.00000020.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	739000
Size:	180224

Details

Name:	0000000C.00000002.468349286.0000000000457000.00000040.00000001.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	457000
Size:	4096

Details

Name:	00000004.00000003.443441590.0000000005031000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5031000
Size:	131072

Details

Name:	00000004.00000002.456551535.0000000004EED000.00000004.00000010.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4EED000
Size:	12288

Details

Name:	00000004.00000002.461472143.0000000006158000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6158000
Size:	4096

Details

Name:	0000000F.00000002.475687286.00000000002EA000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2EA000
Size:	24576

Details

Name:	0000000F.00000002.475618416.00000000001A0000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1A0000
Size:	8192

Details

Name:	0000000B.00000000.465955587.0000000000060000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	60000
Size:	4096

Details

Name:	0000000C.00000002.468472191.0000000000600000.00000002.00020000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	600000
Size:	24576

Details

Name:	00000004.00000002.459994693.0000000005F2D000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5F2D000
Size:	8192

Details

Name:	00000004.00000000.436092238.000000007EFD0000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000007.00000002.705657856.0000000000F60000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	F60000
Size:	372736

Signature Hits	Behavior Group	Mitre Attack
May try to detect the Windows Explorer process (often used for injection)	HIPS / PFW / Operating System Protection Evasion	Process Injection Process Discovery

Details

Name:	00000007.00000002.707319026.0000000005F00000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5F00000
Size:	4096

Details

Name:	00000007.00000003.470578212.0000000000570000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	570000
Size:	28672

Details

Name:	00000008.00000000.457937090.000000007EFB0000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	0000000A.00000002.706052495.000007FFFFFB2000.00000002.00020000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFB2000
Size:	4096

Details

Name:	0000000B.00000000.467086124.000000007EFC2000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	0000000F.00000002.476013529.0000000002330000.00000004.00000040.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2330000
Size:	12288

Details

Name:	00000007.00000002.706188162.0000000003790000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3790000
Size:	40960

Details

Name:	00000007.00000002.706153206.0000000003730000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3730000
Size:	36864

Details

Name:	00000008.00000000.458230499.0000000000050000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	50000
Size:	16384

Details

Name:	00000007.00000002.705476737.0000000000D54000.00000004.00000040.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	D54000
Size:	4096

Details

Name:	00000004.00000002.462020291.0000000006332000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6332000
Size:	4096

Details

Name:	00000007.00000002.704565425.0000000000338000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	338000
Size:	32768

Details

Name:	00000004.00000002.454329905.0000000000932000.00000004.00000040.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	932000
Size:	8192

Details

Name:	00000004.00000002.461498549.000000000616C000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	616C000
Size:	151552

Details

Name:	00000005.00000002.450064169.000000007EFE0000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFE0000
Size:	20480

Details

Name:	00000004.00000002.456525268.0000000004E4F000.00000004.00000010.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4E4F000
Size:	4096

Details

Name:	00000011.00000002.485932782.0000000000220000.00000004.00000040.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	220000
Size:	12288

Details

Name:	0000000F.00000002.475565602.0000000000060000.00000002.00020000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	60000
Size:	4096

Details

Name:	0000000C.00000003.467858261.0000000000990000.00000004.00000001.sdmp
TargetID:	12
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	990000
Size:	4096

Details

Name:	00000007.00000000.450517364.0000000000090000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	90000
Size:	16384

Details

Name:	0000000F.00000002.475844495.0000000000730000.00000004.00000020.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	730000
Size:	16384

Details

Name:	00000004.00000002.461875455.00000000062E4000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	62E4000
Size:	176128

Details

Name:	00000008.00000002.459809682.0000000000060000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	60000
Size:	4096

Details

Name:	00000007.00000000.451869359.000000007EFB0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000007.00000003.453622560.00000000003A0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3A0000
Size:	16384

Details

Name:	00000007.00000003.470464797.0000000000530000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	530000
Size:	4096

Details

Name:	00000004.00000002.453635662.0000000000029000.00000004.00000040.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	29000
Size:	28672

Details

Name:	0000000F.00000000.473925481.0000000000A40000.00000002.00020000.sdmp
TargetID:	15
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	A40000
Size:	4096

Details

Name:	00000004.00000002.460869363.000000000601A000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	601A000
Size:	8192

Details

Name:	00000008.00000002.459961917.0000000000600000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	600000
Size:	913408

Details

Name:	00000007.00000000.451518459.000000007EFB2000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000008.00000000.458551677.0000000000060000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	60000
Size:	4096

Details

Name:	00000007.00000003.454380472.00000000003E0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E0000
Size:	16384

Details

Name:	00000013.00000002.704148849.00000000000DD000.00000004.00000001.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	DD000
Size:	12288

Details

Name:	00000004.00000002.461381161.0000000006128000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6128000
Size:	143360

Details

Name:	00000007.00000003.543416753.0000000003747000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3747000
Size:	45056

Details

Name:	0000000B.00000002.469941162.0000000002524000.00000004.00000040.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2524000
Size:	4096

Details

Name:	00000007.00000003.543502332.0000000003807000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3807000
Size:	45056

Details

Name:	0000000C.00000002.468337017.0000000000442000.00000040.00000001.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	442000
Size:	4096

Details

Name:	00000007.00000003.592365547.0000000003770000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3770000
Size:	45056

Details

Name:	0000000F.00000002.475911473.000000000079F000.00000004.00000020.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	79F000
Size:	20480

Details

Name:	0000000F.00000002.475701934.00000000003DE000.00000004.00000010.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3DE000
Size:	8192

Details

Name:	00000007.00000003.454191648.00000000003E0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E0000
Size:	24576

Details

Name:	0000000A.00000002.705980361.00000000022F0000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	22F0000
Size:	4096

Details

Name:	00000011.00000002.486166097.00000000004D0000.00000002.00020000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	4D0000
Size:	4096

Details

Name:	00000007.00000003.474099200.00000000006C0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	6C0000
Size:	24576

Details

Name:	00000007.00000003.592503376.00000000038B0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	38B0000
Size:	45056

Details

Name:	0000000C.00000002.468219910.0000000000210000.00000004.00000001.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	210000
Size:	8192

Details

Name:	0000000A.00000002.706025799.0000000002A6F000.00000004.00000010.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2A6F000
Size:	4096

Details

Name:	0000000C.00000002.468616796.0000000002631000.00000004.00000001.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2631000
Size:	114688

Details

Name:	00000004.00000002.456295601.00000000049C8000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	49C8000
Size:	4096

Details

Name:	0000000B.00000000.466655488.000000007EFC0000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000007.00000000.450814434.000000007EFB2000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000004.00000002.456342169.0000000004A12000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4A12000
Size:	12288

Details

Name:	00000011.00000002.486574517.000000007EFC2000.00000002.00020000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	0000000C.00000002.468404994.00000000004A0000.00000040.00000001.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	4A0000
Size:	8192

Details

Name:	00000007.00000003.543449454.00000000037A7000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	37A7000
Size:	45056

Details

Name:	00000004.00000002.461254253.00000000060D8000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	60D8000
Size:	8192

Details

Name:	0000000B.00000002.468885744.0000000000140000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	140000
Size:	4096

Details

Name:	00000004.00000002.456367664.0000000004A42000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4A42000
Size:	8192

Details

Name:	00000004.00000002.456503797.0000000004E4E000.00000104.00000010.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write \| page guard
Base address:	4E4E000
Size:	4096

Details

Name:	00000007.00000000.452183084.00000000000A0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	A0000
Size:	4096

Details

Name:	00000007.00000002.705999337.000000000287F000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	287F000
Size:	4096

Details

Name:	0000000F.00000002.475634785.00000000001AA000.00000040.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	1AA000
Size:	12288

Details

Name:	00000007.00000002.706047270.0000000002899000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2899000
Size:	86016

Details

Name:	00000007.00000002.707751264.000000007EFE0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFE0000
Size:	20480

Details

Name:	00000007.00000003.454437289.00000000003E0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E0000
Size:	24576

Details

Name:	00000007.00000000.449652508.00000000000A0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	A0000
Size:	4096

Details

Name:	00000004.00000002.461949649.000000000631B000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	631B000
Size:	4096

Details

Name:	00000007.00000003.673948336.0000000003810000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3810000
Size:	40960

Details

Name:	00000004.00000002.456313811.00000000049E7000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	49E7000
Size:	86016

Details

Name:	00000004.00000002.453687202.0000000000192000.00000040.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	192000
Size:	8192

Details

Name:	0000000F.00000000.473973468.000000007EFC0000.00000002.00020000.sdmp
TargetID:	15
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000011.00000002.486042590.0000000000392000.00000040.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	392000
Size:	4096

Details

Name:	00000007.00000003.453609083.0000000000370000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	370000
Size:	24576

Details

Name:	00000004.00000002.454358178.0000000000962000.00000020.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute read
Base address:	962000
Size:	368640

Details

Name:	00000007.00000003.689275180.0000000003830000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3830000
Size:	40960

Details

Name:	00000005.00000000.447144465.000000007EFD0000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000007.00000002.706377819.0000000004CED000.00000004.00000010.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4CED000
Size:	12288

Details

Name:	00000007.00000003.453812820.0000000000440000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	440000
Size:	65536

Details

Name:	00000004.00000002.453693236.000000000019A000.00000040.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	19A000
Size:	8192

Details

Name:	0000000B.00000002.469078241.0000000000720000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	720000
Size:	77824

Details

Name:	00000007.00000002.705384605.00000000009F0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	9F0000
Size:	77824

Details

Name:	00000004.00000002.461098741.000000000609C000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	609C000
Size:	4096

Details

Name:	0000000A.00000000.464777702.000007FFFFFC0000.00000002.00020000.sdmp
TargetID:	10
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFC0000
Size:	4096

Details

Name:	00000007.00000002.705564330.0000000000DDE000.00000004.00000010.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	DDE000
Size:	8192

Details

Name:	00000004.00000002.453730643.00000000001B7000.00000040.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	1B7000
Size:	4096

Details

Name:	00000007.00000002.707490088.000000000697C000.00000004.00000010.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	697C000
Size:	16384

Details

Name:	00000007.00000002.704205978.0000000000170000.00000040.00000040.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page execute and read and write
Base address:	170000
Size:	4096

Details

Name:	0000000C.00000002.468167445.0000000000050000.00000002.00020000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	50000
Size:	16384

Details

Name:	00000007.00000003.470150274.0000000000530000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	530000
Size:	12288

Details

Name:	00000011.00000002.486403956.0000000000CAE000.00000104.00000010.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write \| page guard
Base address:	CAE000
Size:	4096

Details

Name:	00000007.00000000.449662157.000000007EFB2000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000008.00000000.458241359.0000000000060000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	60000
Size:	4096

Details

Name:	00000004.00000002.454317214.0000000000910000.00000004.00000040.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	910000
Size:	4096

Details

Name:	00000004.00000003.443285201.0000000002130000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2130000
Size:	53248

Details

Name:	00000004.00000003.437329738.00000000049CD000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	49CD000
Size:	81920

Details

Name:	00000007.00000003.470971203.0000000000530000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	530000
Size:	20480

Details

Name:	0000000A.00000002.704678226.00000000007C0000.00000002.00020000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7C0000
Size:	372736

Signature Hits	Behavior Group	Mitre Attack
May try to detect the Windows Explorer process (often used for injection)	HIPS / PFW / Operating System Protection Evasion	Process Injection Process Discovery

Details

Name:	00000004.00000002.455871339.0000000004480000.00000004.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	4480000
Size:	8192

Details

Name:	0000000F.00000002.476131507.000000007EFC0000.00000002.00020000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000008.00000002.463366577.00000000023C0000.00000004.00000040.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	23C0000
Size:	4096

Details

Name:	00000008.00000002.463439628.000000007EFC2000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000007.00000003.455149495.00000000003E0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E0000
Size:	12288

Details

Name:	00000004.00000002.456574901.0000000004F2E000.00000004.00000010.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4F2E000
Size:	8192

Details

Name:	00000007.00000000.451153719.000000007EFC2000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	0000000B.00000002.468867619.000000000012B000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	12B000
Size:	20480

Details

Name:	0000000C.00000002.468432847.00000000005E0000.00000002.00020000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	5E0000
Size:	4096

Details

Name:	0000000C.00000002.468363730.0000000000480000.00000002.00020000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	480000
Size:	4096

Details

Name:	00000007.00000002.706322723.00000000047C4000.00000040.00000040.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page execute and read and write
Base address:	47C4000
Size:	69632

Details

Name:	00000004.00000002.459739026.0000000005E67000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5E67000
Size:	466944

Details

Name:	0000000A.00000002.706014702.000000000296B000.00000004.00000040.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	296B000
Size:	12288

Details

Name:	00000008.00000002.459788584.0000000000020000.00000004.00020000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	20000
Size:	4096

Details

Name:	00000004.00000002.459596177.0000000005DFF000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5DFF000
Size:	8192

Details

Name:	0000000A.00000002.705985968.000000000246E000.00000004.00000010.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	246E000
Size:	8192

Details

Name:	00000007.00000002.706219338.00000000037F0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	37F0000
Size:	40960

Details

Name:	0000000F.00000002.475588179.0000000000150000.00000002.00020000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	150000
Size:	4096

Details

Name:	00000011.00000002.486320856.00000000006A0000.00000002.00020000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	6A0000
Size:	24576

Details

Name:	00000004.00000003.437362668.0000000004A26000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4A26000
Size:	106496

Details

Name:	00000007.00000002.704650890.0000000000370000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	370000
Size:	8192

Details

Name:	00000004.00000002.464582595.00000000067DA000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	67DA000
Size:	90112

Details

Name:	0000000C.00000002.468645149.0000000003631000.00000004.00000001.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3631000
Size:	8192

Details

Name:	00000007.00000002.704792084.0000000000422000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	422000
Size:	90112

Details

Name:	00000004.00000002.454600266.0000000002100000.00000040.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2100000
Size:	20480

Details

Name:	00000004.00000002.459045082.0000000005CE2000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5CE2000
Size:	8192

Details

Name:	00000007.00000000.453018716.00000000000A0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	A0000
Size:	4096

Details

Name:	00000007.00000002.704850394.00000000004C2000.00000040.00000040.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page execute and read and write
Base address:	4C2000
Size:	8192

Details

Name:	0000000C.00000002.468329744.0000000000341000.00000004.00000020.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	341000
Size:	16384

Details

Name:	00000007.00000002.706209090.00000000037D0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	37D0000
Size:	40960

Details

Name:	00000007.00000003.454066930.00000000003E7000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E7000
Size:	12288

Details

Name:	00000007.00000002.705641928.0000000000F3D000.00000004.00000010.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	F3D000
Size:	12288

Details

Name:	00000007.00000002.705620680.0000000000EFF000.00000004.00000010.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	EFF000
Size:	4096

Details

Name:	00000004.00000002.460201483.0000000005FB2000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5FB2000
Size:	16384

Details

Name:	00000007.00000002.704126294.000000000008A000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	8A000
Size:	24576

Details

Name:	00000004.00000002.458399992.0000000005B3E000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5B3E000
Size:	4096

Details

Name:	00000008.00000000.458626641.000000007EFC2000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000005.00000002.450026705.0000000002482000.00000004.00000040.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2482000
Size:	8192

Details

Name:	00000007.00000000.450833454.000000007EFC2000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000007.00000003.592477848.0000000003890000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3890000
Size:	45056

Details

Name:	00000007.00000000.450533584.000000007EFC0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000008.00000002.460372221.0000000000760000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	760000
Size:	77824

Details

Name:	00000007.00000003.689158660.0000000003730000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3730000
Size:	40960

Details

Name:	00000008.00000000.458607672.000000007EFC0000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000008.00000000.458268256.000000007EFC0000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000007.00000002.707402686.000000000651D000.00000004.00000010.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	651D000
Size:	12288

Details

Name:	00000004.00000002.459723569.0000000005E62000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5E62000
Size:	12288

Details

Name:	00000007.00000003.543404636.0000000003727000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3727000
Size:	45056

Details

Name:	0000000F.00000002.476187322.000000007EFDF000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7EFDF000
Size:	4096

Details

Name:	00000007.00000002.705058394.0000000000710000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	710000
Size:	8192

Details

Name:	00000004.00000002.453644000.0000000000050000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	50000
Size:	16384

Details

Name:	00000007.00000003.486449918.00000000006C0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	6C0000
Size:	65536

Details

Name:	00000004.00000002.466556171.0000000007F5E000.00000004.00000010.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7F5E000
Size:	8192

Details

Name:	00000011.00000002.486562070.000000007EFB2000.00000002.00020000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000004.00000002.466726360.000000007EFD0000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000004.00000002.453620074.0000000000010000.00000004.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	10000
Size:	4096

Details

Name:	00000007.00000003.674037502.0000000003910000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3910000
Size:	40960

Details

Name:	00000007.00000002.704841943.00000000004A5000.00000040.00000040.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page execute and read and write
Base address:	4A5000
Size:	4096

Details

Name:	00000004.00000002.453894709.00000000003BE000.00000004.00000010.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3BE000
Size:	8192

Details

Name:	00000007.00000003.470880670.0000000000530000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	530000
Size:	28672

Details

Name:	0000000F.00000002.475721506.00000000003F0000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3F0000
Size:	65536

Details

Name:	00000008.00000000.457624309.000000007EFC2000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000005.00000000.447719691.000000007EFC0000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000007.00000002.704427029.00000000001FA000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	1FA000
Size:	8192

Details

Name:	00000004.00000002.460040577.0000000005F40000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5F40000
Size:	8192

Details

Name:	00000005.00000002.450015010.0000000002460000.00000004.00000040.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2460000
Size:	4096

Details

Name:	00000007.00000003.543704426.0000000003987000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3987000
Size:	45056

Details

Name:	00000004.00000002.462122038.000000000635E000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	635E000
Size:	4096

Details

Name:	00000007.00000003.543677918.0000000003947000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3947000
Size:	45056

Details

Name:	00000004.00000002.453705759.00000000001A2000.00000040.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	1A2000
Size:	36864

Details

Name:	00000007.00000003.607689438.0000000003790000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3790000
Size:	40960

Details

Name:	0000000F.00000002.475965669.0000000000A48000.00000002.00020000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	A48000
Size:	4096

Details

Name:	00000011.00000003.485589617.0000000000570000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	570000
Size:	4096

Details

Name:	00000004.00000002.453959719.0000000000530000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	530000
Size:	24576

Details

Name:	00000005.00000002.449210421.0000000000020000.00000004.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	20000
Size:	4096

Details

Name:	00000007.00000003.470893308.0000000000538000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	538000
Size:	24576

Details

Name:	00000007.00000002.706673086.00000000059A0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	59A0000
Size:	4112384

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000007.00000002.705701351.0000000002631000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2631000
Size:	335872

Signature Hits	Behavior Group	Mitre Attack
Detected Nanocore Rat	Remote Access Functionality	Remote Access Software

Details

Name:	00000007.00000003.543616678.00000000038C7000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	38C7000
Size:	45056

Details

Name:	00000007.00000003.592545637.00000000038F0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	38F0000
Size:	45056

Details

Name:	00000008.00000002.459880341.00000000002E7000.00000004.00000020.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	2E7000
Size:	4096

Details

Name:	00000004.00000000.436082656.000000007EFC0000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000011.00000002.485952339.000000000026C000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	26C000
Size:	16384

Details

Name:	00000007.00000003.689330646.0000000003890000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3890000
Size:	40960

Details

Name:	00000007.00000003.592425198.0000000003810000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3810000
Size:	45056

Details

Name:	00000007.00000003.454373431.00000000003E5000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E5000
Size:	12288

Details

Name:	00000007.00000002.704879612.0000000000540000.00000004.00000040.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	540000
Size:	20480

Details

Name:	0000000C.00000003.467847730.00000000009A0000.00000004.00000001.sdmp
TargetID:	12
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	9A0000
Size:	16384

Details

Name:	00000007.00000003.689113314.00000000036F1000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	36F1000
Size:	36864

Details

Name:	00000007.00000003.607794959.00000000038B0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	38B0000
Size:	40960

Details

Name:	00000007.00000002.705246427.00000000007E8000.00000004.00000020.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	7E8000
Size:	380928

Signature Hits	Behavior Group	Mitre Attack
May try to detect the Windows Explorer process (often used for injection)	HIPS / PFW / Operating System Protection Evasion	Process Injection Process Discovery

Details

Name:	0000000F.00000002.476192955.000000007EFE0000.00000002.00020000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFE0000
Size:	20480

Details

Name:	00000007.00000003.454074739.00000000003E0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E0000
Size:	16384

Details

Name:	00000004.00000003.443309249.0000000002110000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2110000
Size:	65536

Details

Name:	00000007.00000003.689225812.00000000037B0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	37B0000
Size:	40960

Details

Name:	00000007.00000000.450246084.000000007EFB2000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000007.00000003.470826175.0000000000530000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	530000
Size:	20480

Details

Name:	00000005.00000000.447743850.000000007EFD0000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	0000000B.00000000.465973904.000000007EFB0000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000005.00000000.447114403.0000000000060000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	60000
Size:	4096

Details

Name:	00000007.00000000.449048667.000000007EFB2000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000007.00000003.454463433.00000000003E0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E0000
Size:	32768

Details

Name:	00000011.00000000.483449898.0000000001088000.00000002.00020000.sdmp
TargetID:	17
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	1088000
Size:	4096

Details

Name:	00000004.00000002.463758777.00000000064CC000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	64CC000
Size:	303104

Details

Name:	00000007.00000003.454426066.00000000003E0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E0000
Size:	28672

Details

Name:	00000004.00000002.466735572.000000007EFDF000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7EFDF000
Size:	4096

Details

Name:	00000004.00000002.466096124.0000000006E86000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6E86000
Size:	8192

Details

Name:	00000011.00000003.485638403.00000000005D2000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5D2000
Size:	57344

Details

Name:	00000007.00000003.473432537.00000000006C0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	6C0000
Size:	32768

Details

Name:	00000007.00000000.450803085.000000007EFB0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000005.00000002.449261335.0000000000270000.00000004.00000040.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	270000
Size:	16384

Details

Name:	00000007.00000003.454454589.00000000003E0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E0000
Size:	32768

Details

Name:	00000007.00000003.543515619.0000000003827000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3827000
Size:	45056

Details

Name:	00000011.00000003.485630978.00000000005D0000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5D0000
Size:	4096

Details

Name:	0000000A.00000002.704274583.00000000002DE000.00000004.00000020.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	2DE000
Size:	245760

Details

Name:	00000004.00000002.453673223.0000000000160000.00000004.00000040.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	160000
Size:	16384

Details

Name:	00000007.00000000.452691287.0000000000422000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	422000
Size:	90112

Details

Name:	00000004.00000002.453737079.00000000001BA000.00000040.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	1BA000
Size:	4096

Details

Name:	00000004.00000002.454293028.00000000007F8000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7F8000
Size:	4096

Details

Name:	00000004.00000002.459013142.0000000005CDA000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5CDA000
Size:	4096

Details

Name:	00000007.00000003.607839712.0000000003910000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3910000
Size:	40960

Details

Name:	00000007.00000002.706352039.0000000004AEF000.00000004.00000010.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4AEF000
Size:	4096

Details

Name:	00000004.00000002.459142027.0000000005D0A000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5D0A000
Size:	8192

Details

Name:	0000000A.00000002.704524400.000000000032F000.00000004.00000020.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	32F000
Size:	4096

Details

Name:	00000007.00000002.706358301.0000000004B4E000.00000004.00000010.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4B4E000
Size:	8192

Details

Name:	0000000F.00000002.475549189.0000000000010000.00000004.00020000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	10000
Size:	4096

Details

Name:	00000004.00000002.460397312.0000000005FD2000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5FD2000
Size:	122880

Details

Name:	00000008.00000002.463432575.000000007EFC0000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	0000000F.00000003.475195016.0000000000490000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	490000
Size:	4096

Details

Name:	00000008.00000002.459848604.000000000027B000.00000004.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	27B000
Size:	20480

Details

Name:	00000007.00000003.454418738.00000000003E0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E0000
Size:	20480

Details

Name:	00000004.00000002.453785269.00000000002E6000.00000104.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write \| page guard
Base address:	2E6000
Size:	8192

Details

Name:	00000007.00000002.705604826.0000000000EFE000.00000104.00000010.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write \| page guard
Base address:	EFE000
Size:	4096

Details

Name:	00000004.00000002.458903469.0000000005C99000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5C99000
Size:	98304

Details

Name:	00000004.00000002.459693932.0000000005E4C000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5E4C000
Size:	4096

Details

Name:	00000011.00000002.486294528.00000000005F0000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5F0000
Size:	4096

Details

Name:	00000007.00000000.450823282.000000007EFC0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000004.00000002.466642507.000000007EF40000.00000040.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	7EF40000
Size:	4096

Details

Name:	00000007.00000000.449404837.000000007EFB0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000004.00000003.437380474.0000000004A42000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4A42000
Size:	8192

Details

Name:	00000007.00000003.457173636.00000000007F6000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	7F6000
Size:	73728

Details

Name:	00000004.00000002.454506514.0000000002060000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2060000
Size:	348160

Details

Name:	00000007.00000000.452284728.000000007EFB2000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000004.00000002.453975608.00000000006F0000.00000004.00000020.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	6F0000
Size:	16384

Details

Name:	00000007.00000000.452644669.0000000000090000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	90000
Size:	16384

Details

Name:	00000005.00000002.449215360.0000000000030000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	30000
Size:	28672

Details

Name:	0000000C.00000002.468584371.0000000000B80000.00000004.00000040.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	B80000
Size:	12288

Details

Name:	00000004.00000002.460150111.0000000005F80000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5F80000
Size:	4096

Details

Name:	00000008.00000002.459927406.000000000045E000.00000004.00000010.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	45E000
Size:	8192

Details

Name:	00000004.00000002.463457271.0000000006436000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6436000
Size:	524288

Details

Name:	00000007.00000000.449646866.0000000000090000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	90000
Size:	16384

Details

Name:	00000007.00000003.453636255.0000000000375000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	375000
Size:	8192

Details

Name:	0000000A.00000002.706065700.000007FFFFFC2000.00000002.00020000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFC2000
Size:	4096

Details

Name:	00000007.00000000.451529657.000000007EFC2000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000007.00000003.551348940.0000000000832000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	832000
Size:	28672

Details

Name:	00000007.00000002.704389606.00000000001ED000.00000004.00000040.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	1ED000
Size:	8192

Signature Hits	Behavior Group	Mitre Attack
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000007.00000002.705359950.0000000000860000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	860000
Size:	24576

Details

Name:	00000011.00000002.486071288.000000000039A000.00000040.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	39A000
Size:	4096

Details

Name:	0000000C.00000002.468269621.00000000002D7000.00000004.00000020.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	2D7000
Size:	4096

Details

Name:	00000004.00000002.459668183.0000000005E2F000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5E2F000
Size:	110592

Details

Name:	00000004.00000002.463957586.0000000006555000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6555000
Size:	151552

Details

Name:	0000000A.00000002.704555636.00000000003A0000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3A0000
Size:	4096

Details

Name:	00000005.00000002.449228198.0000000000060000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	60000
Size:	4096

Details

Name:	00000007.00000002.705375590.00000000009E0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	9E0000
Size:	12288

Details

Name:	0000000C.00000002.468577993.0000000000B0E000.00000004.00000010.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	B0E000
Size:	8192

Details

Name:	00000011.00000002.485904722.00000000001A9000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1A9000
Size:	28672

Details

Name:	0000000A.00000000.464765007.000007FFFFFB2000.00000002.00020000.sdmp
TargetID:	10
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFB2000
Size:	4096

Details

Name:	0000000B.00000000.467499917.0000000000060000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	60000
Size:	4096

Details

Name:	00000004.00000002.456457036.0000000004CAE000.00000004.00000010.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4CAE000
Size:	8192

Details

Name:	00000008.00000000.458532528.0000000000050000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	50000
Size:	16384

Details

Name:	00000004.00000002.458208281.0000000005A5F000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5A5F000
Size:	12288

Details

Name:	0000000B.00000000.466591297.000000007EFB0000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000007.00000003.454298809.00000000003E0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E0000
Size:	16384

Details

Name:	0000000C.00000000.465970959.000000007EFB0000.00000002.00020000.sdmp
TargetID:	12
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000007.00000002.705462043.0000000000D50000.00000004.00000040.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	D50000
Size:	4096

Details

Name:	0000000A.00000002.704777808.0000000001BC0000.00000002.00020000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	1BC0000
Size:	4112384

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	0000000F.00000002.475598788.0000000000180000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	180000
Size:	8192

Details

Name:	00000007.00000003.673958668.0000000003830000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3830000
Size:	40960

Details

Name:	00000004.00000002.464745667.00000000067F7000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	67F7000
Size:	4096

Details

Name:	00000004.00000002.456406886.0000000004AFD000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4AFD000
Size:	110592

Details

Name:	00000007.00000002.704411836.00000000001F6000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	1F6000
Size:	8192

Details

Name:	00000005.00000002.450044371.000000007EFC0000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000004.00000002.461716678.0000000006231000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6231000
Size:	188416

Details

Name:	0000000A.00000002.706031456.000000007EFE0000.00000002.00020000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFE0000
Size:	20480

Details

Name:	00000007.00000000.450229409.00000000000A0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	A0000
Size:	4096

Details

Name:	00000004.00000002.456350210.0000000004A26000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4A26000
Size:	106496

Details

Name:	00000005.00000002.449272243.0000000000350000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	350000
Size:	913408

Details

Name:	00000007.00000003.457223966.00000000007FF000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	7FF000
Size:	36864

Details

Name:	00000013.00000002.704118163.0000000000030000.00000002.00020000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	30000
Size:	12288

Details

Name:	00000007.00000002.706346179.000000000494E000.00000004.00000010.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	494E000
Size:	8192

Details

Name:	00000004.00000002.458441881.0000000005B52000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5B52000
Size:	172032

Details

Name:	00000004.00000003.437275498.00000000049E9000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	49E9000
Size:	77824

Details

Name:	0000000C.00000002.468227133.0000000000222000.00000040.00000001.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	222000
Size:	4096

Details

Name:	00000007.00000000.453039360.0000000000422000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	422000
Size:	90112

Details

Name:	00000007.00000003.607661550.0000000003750000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3750000
Size:	40960

Details

Name:	00000004.00000002.455813211.000000000372F000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	372F000
Size:	45056

Details

Name:	0000000B.00000002.469045262.0000000000620000.00000004.00000020.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	620000
Size:	16384

Details

Name:	00000007.00000000.451838441.0000000000400000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	400000
Size:	4096

Details

Name:	00000007.00000003.470423176.0000000000537000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	537000
Size:	8192

Details

Name:	00000007.00000003.453856384.00000000003E0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E0000
Size:	12288

Details

Name:	00000004.00000002.464387297.0000000006706000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6706000
Size:	610304

Details

Name:	00000013.00000002.704444255.000000007EFE0000.00000002.00020000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFE0000
Size:	20480

Details

Name:	00000008.00000002.459820401.000000000013B000.00000004.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	13B000
Size:	12288

Details

Name:	00000011.00000002.486306163.000000000064E000.00000004.00000010.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	64E000
Size:	8192

Details

Name:	00000007.00000003.453643173.0000000000371000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	371000
Size:	12288

Details

Name:	00000004.00000002.453748600.00000000001D0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1D0000
Size:	4096

Details

Name:	00000004.00000003.444080488.0000000002110000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2110000
Size:	4096

Details

Name:	00000004.00000002.458505371.0000000005BA2000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5BA2000
Size:	167936

Details

Name:	00000011.00000003.485596666.0000000000572000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	572000
Size:	57344

Details

Name:	0000000C.00000002.468533002.000000000098E000.00000004.00000010.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	98E000
Size:	8192

Details

Name:	00000004.00000002.461780875.000000000628B000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	628B000
Size:	184320

Details

Name:	00000004.00000002.456479768.0000000004CFE000.00000004.00000010.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4CFE000
Size:	8192

Details

Name:	00000007.00000002.706370849.0000000004CAE000.00000004.00000010.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4CAE000
Size:	8192

Details

Name:	00000004.00000002.463322510.00000000063E2000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	63E2000
Size:	4096

Details

Name:	00000004.00000002.459905884.0000000005EFB000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5EFB000
Size:	4096

Details

Name:	00000004.00000002.460990801.000000000606E000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	606E000
Size:	135168

Details

Name:	00000007.00000002.707645830.000000007EFB2000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000011.00000002.485879482.00000000000A0000.00000002.00020000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	A0000
Size:	4096

Details

Name:	00000005.00000000.447122930.000000007EFB0000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000007.00000003.454009833.00000000003E0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E0000
Size:	28672

Details

Name:	00000007.00000002.706454886.0000000004F2E000.00000004.00000010.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4F2E000
Size:	8192

Details

Name:	00000007.00000003.527831279.0000000003928000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3928000
Size:	40960

Details

Name:	00000005.00000000.447407346.0000000000050000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	50000
Size:	16384

Details

Name:	0000000A.00000002.704117983.0000000000020000.00000002.00020000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	20000
Size:	28672

Details

Name:	00000007.00000003.453918220.00000000003E0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E0000
Size:	16384

Details

Name:	00000007.00000002.704375005.00000000001E6000.00000004.00000040.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	1E6000
Size:	20480

Signature Hits	Behavior Group	Mitre Attack
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000004.00000002.454432731.00000000009BC000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	9BC000
Size:	4096

Details

Name:	00000004.00000002.459056785.0000000005CE5000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5CE5000
Size:	4096

Details

Name:	00000007.00000002.705107648.0000000000767000.00000004.00000020.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	767000
Size:	8192

Details

Name:	0000000F.00000003.475268155.00000000004A2000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4A2000
Size:	57344

Details

Name:	00000007.00000002.706660942.000000000599D000.00000004.00000010.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	599D000
Size:	12288

Details

Name:	00000004.00000002.460087749.0000000005F68000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5F68000
Size:	8192

Details

Name:	00000004.00000002.455431808.00000000034DB000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	34DB000
Size:	45056

Details

Name:	00000004.00000002.454345148.0000000000960000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	960000
Size:	4096

Details

Name:	00000007.00000003.607826008.00000000038F0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	38F0000
Size:	40960

Details

Name:	0000000B.00000000.467009062.0000000000060000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	60000
Size:	4096

Details

Name:	00000007.00000003.674006112.00000000038B0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	38B0000
Size:	40960

Details

Name:	00000008.00000000.457958086.000000007EFC0000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000007.00000000.451524556.000000007EFC0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000007.00000002.706502699.000000000514C000.00000004.00000010.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	514C000
Size:	16384

Details

Name:	0000000A.00000002.704127898.0000000000030000.00000002.00020000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	30000
Size:	12288

Details

Name:	00000007.00000002.704543526.0000000000330000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	330000
Size:	28672

Details

Name:	00000007.00000000.453067891.000000007EFD0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000007.00000002.706131853.00000000036F0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	36F0000
Size:	36864

Details

Name:	00000007.00000003.674050744.0000000003930000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3930000
Size:	40960

Details

Name:	00000007.00000000.452154820.0000000000090000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	90000
Size:	16384

Details

Name:	0000000F.00000002.475792805.00000000004B0000.00000002.00020000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	4B0000
Size:	28672

Details

Name:	00000013.00000000.520403832.000007FFFFFC0000.00000002.00020000.sdmp
TargetID:	19
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFC0000
Size:	4096

Details

Name:	00000007.00000000.450526170.000000007EFB0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	0000000C.00000002.468173633.0000000000060000.00000002.00020000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	60000
Size:	4096

Details

Name:	00000007.00000003.454088514.00000000003E6000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E6000
Size:	4096

Details

Name:	00000004.00000002.455904390.0000000004590000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	4590000
Size:	913408

Details

Name:	00000007.00000000.449415420.000000007EFC0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000004.00000002.456396630.0000000004AE0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4AE0000
Size:	4096

Details

Name:	00000004.00000002.458217618.0000000005A6E000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5A6E000
Size:	4096

Details

Name:	00000008.00000000.457523533.000000007EFB0000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	0000000C.00000000.466059702.000000007EFD0000.00000002.00020000.sdmp
TargetID:	12
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	0000000C.00000002.468276085.00000000002F4000.00000004.00000020.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	2F4000
Size:	122880

Details

Name:	0000000F.00000002.475973232.0000000000A50000.00000002.00020000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	A50000
Size:	77824

Details

Name:	00000007.00000003.486435766.0000000000CA0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	CA0000
Size:	4096

Details

Name:	00000004.00000002.459175436.0000000005D14000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5D14000
Size:	4096

Details

Name:	00000007.00000003.689350500.00000000038B0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	38B0000
Size:	40960

Details

Name:	00000004.00000002.454680242.000000000248E000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	248E000
Size:	94208

Details

Name:	00000011.00000002.486586214.000000007EFDF000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7EFDF000
Size:	4096

Details

Name:	00000007.00000000.452745955.000000007EFD0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000004.00000002.460082543.0000000005F66000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5F66000
Size:	4096

Details

Name:	00000007.00000003.454356904.00000000003E6000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E6000
Size:	16384

Details

Name:	00000004.00000002.464977713.00000000068AF000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	68AF000
Size:	3211264

Details

Name:	00000004.00000002.460111451.0000000005F71000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5F71000
Size:	4096

Details

Name:	0000000C.00000002.468611005.0000000000DFF000.00000004.00000010.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	DFF000
Size:	4096

Details

Name:	00000007.00000003.592394335.00000000037B0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	37B0000
Size:	45056

Details

Name:	00000004.00000003.437317848.0000000004A42000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4A42000
Size:	8192

Details

Name:	00000007.00000000.450780131.0000000000090000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	90000
Size:	16384

Details

Name:	00000007.00000000.450274964.000000007EFD0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000004.00000002.466187979.0000000006EA7000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6EA7000
Size:	28672

Details

Name:	00000007.00000003.592350934.0000000003750000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3750000
Size:	45056

Details

Name:	00000005.00000002.450050069.000000007EFC2000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000007.00000002.704749255.00000000003F0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	3F0000
Size:	4096

Details

Name:	00000007.00000002.706567563.00000000053FF000.00000004.00000010.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	53FF000
Size:	4096

Details

Name:	00000008.00000002.459946166.0000000000470000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	470000
Size:	24576

Details

Name:	00000007.00000000.450222802.0000000000090000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	90000
Size:	16384

Details

Name:	0000000B.00000002.468857226.0000000000060000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	60000
Size:	4096

Details

Name:	00000004.00000003.443268302.0000000004469000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4469000
Size:	28672

Details

Name:	00000004.00000003.437286978.0000000004A03000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4A03000
Size:	20480

Details

Name:	00000007.00000003.453803465.0000000000490000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	490000
Size:	28672

Details

Name:	00000007.00000002.705079480.000000000075C000.00000004.00000010.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	75C000
Size:	16384

Details

Name:	00000007.00000003.454234940.00000000003E0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E0000
Size:	40960

Details

Name:	00000011.00000002.485890889.00000000001A6000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1A6000
Size:	4096

Details

Name:	00000007.00000003.607853981.0000000003930000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3930000
Size:	40960

Details

Name:	0000000B.00000002.469973599.000000007EFC2000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	0000000F.00000002.475773464.0000000000430000.00000002.00020000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	430000
Size:	4096

Details

Name:	00000008.00000000.457925452.0000000000060000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	60000
Size:	4096

Details

Name:	00000007.00000000.451493641.00000000000A0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	A0000
Size:	4096

Details

Name:	00000007.00000003.661740677.0000000003810000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3810000
Size:	40960

Details

Name:	00000007.00000000.451111071.00000000000A0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	A0000
Size:	4096

Details

Name:	0000000B.00000002.469113286.0000000001E00000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	1E00000
Size:	3133440

Details

Name:	00000004.00000002.453925918.0000000000480000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	480000
Size:	106496

Details

Name:	00000007.00000002.704262326.00000000001D0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1D0000
Size:	8192

Details

Name:	00000005.00000002.449266410.00000000002D0000.00000004.00000020.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	2D0000
Size:	16384

Details

Name:	00000007.00000002.707357002.00000000061ED000.00000004.00000010.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	61ED000
Size:	12288

Details

Name:	00000004.00000002.456808525.000000000538D000.00000004.00000010.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	538D000
Size:	12288

Details

Name:	0000000B.00000002.469956230.000000007EFB0000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000007.00000002.706412076.0000000004E6E000.00000004.00000010.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4E6E000
Size:	8192

Details

Name:	00000007.00000003.543596487.0000000003897000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3897000
Size:	4096

Details

Name:	00000007.00000003.453630801.0000000000370000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	370000
Size:	16384

Details

Name:	00000004.00000002.460002361.0000000005F37000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5F37000
Size:	12288

Details

Name:	00000011.00000002.486313738.0000000000690000.00000004.00000040.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	690000
Size:	12288

Details

Name:	00000004.00000003.437301642.0000000004A26000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4A26000
Size:	106496

Details

Name:	00000007.00000003.592320367.0000000003710000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3710000
Size:	45056

Details

Name:	00000007.00000003.470776772.0000000000530000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	530000
Size:	28672

Details

Name:	0000000F.00000002.475817122.00000000005BE000.00000004.00000010.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	5BE000
Size:	8192

Details

Name:	00000004.00000002.453772429.00000000001EB000.00000040.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	1EB000
Size:	4096

Details

Name:	00000004.00000002.462167845.0000000006376000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6376000
Size:	122880

Details

Name:	00000011.00000002.485985000.0000000000280000.00000040.00000040.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page execute and read and write
Base address:	280000
Size:	4096

Details

Name:	00000008.00000002.459861337.00000000002BF000.00000004.00000010.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2BF000
Size:	4096

Details

Name:	00000007.00000003.607627323.0000000003710000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3710000
Size:	40960

Details

Name:	00000007.00000003.454386379.00000000003E6000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E6000
Size:	12288

Details

Name:	0000000B.00000002.469947852.0000000002542000.00000004.00000040.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2542000
Size:	8192

Details

Name:	0000000F.00000000.473948571.0000000000A48000.00000002.00020000.sdmp
TargetID:	15
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	A48000
Size:	4096

Details

Name:	00000008.00000000.457944435.000000007EFB2000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000007.00000003.673825424.0000000003710000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3710000
Size:	40960

Details

Name:	00000007.00000002.707548844.000000007EF50000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	7EF50000
Size:	4096

Details

Name:	00000007.00000002.706143561.0000000003710000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3710000
Size:	36864

Details

Name:	0000000C.00000000.466046321.000000007EFC2000.00000002.00020000.sdmp
TargetID:	12
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	0000000B.00000000.466668355.000000007EFC2000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000005.00000000.447414619.0000000000060000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	60000
Size:	4096

Details

Name:	00000007.00000003.474978581.00000000006C0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	6C0000
Size:	16384

Details

Name:	00000004.00000002.456922100.000000000549E000.00000004.00000010.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	549E000
Size:	8192

Details

Name:	00000004.00000002.453742666.00000000001C0000.00000004.00000040.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	1C0000
Size:	16384

Details

Name:	00000007.00000002.707330109.0000000006030000.00000004.00000040.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	6030000
Size:	4096

Details

Name:	0000000C.00000002.468232134.000000000022A000.00000040.00000001.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	22A000
Size:	4096

Details

Name:	0000000B.00000000.467545655.000000007EFB0000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000007.00000002.704664028.0000000000380000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	380000
Size:	65536

Details

Name:	00000007.00000003.543529671.0000000003847000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3847000
Size:	45056

Details

Name:	0000000C.00000002.468343528.000000000044A000.00000040.00000001.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	44A000
Size:	4096

Details

Name:	0000000C.00000002.468238713.0000000000230000.00000004.00000020.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	230000
Size:	16384

Details

Name:	00000007.00000003.454343983.00000000003E0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E0000
Size:	16384

Details

Name:	00000007.00000003.474985937.00000000006C5000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	6C5000
Size:	8192

Details

Name:	0000000B.00000000.467122752.000000007EFD0000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000007.00000002.705736708.0000000002684000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2684000
Size:	217088

Details

Name:	00000007.00000003.661732535.00000000037F0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	37F0000
Size:	40960

Details

Name:	00000007.00000003.673981590.0000000003870000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3870000
Size:	40960

Details

Name:	00000007.00000002.706594669.000000000560D000.00000004.00000010.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	560D000
Size:	12288

Details

Name:	00000004.00000002.460033055.0000000005F3E000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5F3E000
Size:	4096

Details

Name:	00000007.00000003.470562695.0000000000530000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	530000
Size:	24576

Details

Name:	00000007.00000003.543689864.0000000003967000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3967000
Size:	45056

Details

Name:	0000000A.00000002.704192767.0000000000164000.00000004.00000040.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	164000
Size:	20480

Details

Name:	00000004.00000003.443251911.0000000004470000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4470000
Size:	65536

Details

Name:	00000005.00000000.447129019.000000007EFB2000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000004.00000003.437098201.0000000000360000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	360000
Size:	65536

Details

Name:	00000004.00000002.453626154.0000000000020000.00000004.00000040.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	20000
Size:	24576

Details

Name:	00000007.00000003.453941091.00000000003E6000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E6000
Size:	8192

Details

Name:	00000007.00000003.673842409.0000000003730000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3730000
Size:	40960

Details

Name:	00000005.00000002.449232051.00000000000F0000.00000004.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	F0000
Size:	8192

Details

Name:	00000004.00000002.460196218.0000000005FAF000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5FAF000
Size:	4096

Details

Name:	0000000C.00000003.467868959.0000000000992000.00000004.00000001.sdmp
TargetID:	12
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	992000
Size:	57344

Details

Name:	0000000F.00000002.475880730.0000000000779000.00000004.00000020.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	779000
Size:	143360

Details

Name:	00000004.00000002.458812956.0000000005C5E000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5C5E000
Size:	225280

Details

Name:	00000011.00000002.486021766.0000000000370000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	370000
Size:	8192

Details

Name:	0000000C.00000002.468304984.000000000031A000.00000004.00000020.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	31A000
Size:	155648

Details

Name:	00000004.00000002.459089307.0000000005CF1000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5CF1000
Size:	98304

Details

Name:	00000005.00000000.447988780.000000007EFB2000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000005.00000000.447977922.0000000000060000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	60000
Size:	4096

Details

Name:	0000000F.00000002.475860053.0000000000754000.00000004.00000020.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	754000
Size:	122880

Details

Name:	00000004.00000002.456301063.00000000049CC000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	49CC000
Size:	86016

Details

Name:	00000011.00000000.483497042.000000007EFD0000.00000002.00020000.sdmp
TargetID:	17
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000007.00000000.451875536.000000007EFB2000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000004.00000002.458613138.0000000005BD2000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5BD2000
Size:	122880

Details

Name:	00000005.00000002.449257705.000000000022E000.00000004.00000010.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	22E000
Size:	8192

Details

Name:	00000004.00000003.443216373.0000000004800000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4800000
Size:	65536

Details

Name:	0000000C.00000002.468694734.000000007EFDF000.00000004.00000001.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7EFDF000
Size:	4096

Details

Name:	00000004.00000002.455857999.0000000004470000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	4470000
Size:	28672

Details

Name:	00000007.00000003.470206281.0000000000490000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	490000
Size:	57344

Details

Name:	00000007.00000002.705004446.00000000005A1000.00000004.00000020.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	5A1000
Size:	32768

Details

Name:	00000007.00000003.689128385.0000000003710000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3710000
Size:	40960

Details

Name:	0000000A.00000002.705992368.0000000002930000.00000004.00000040.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2930000
Size:	8192

Details

Name:	0000000F.00000002.475786753.0000000000470000.00000040.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	470000
Size:	8192

Details

Name:	00000011.00000002.485995823.00000000002D0000.00000004.00000020.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	2D0000
Size:	16384

Details

Name:	00000007.00000000.450530033.000000007EFB2000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000011.00000001.483536888.0000000001080000.00000002.00020000.sdmp
TargetID:	17
Dumpstage:	image loaded
Regiontype:	unkown image
Protect:	page readonly
Base address:	1080000
Size:	4096

Details

Name:	00000007.00000003.473415850.00000000006C9000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	6C9000
Size:	24576

Details

Name:	00000004.00000002.461623839.000000000619E000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	619E000
Size:	4096

Details

Name:	0000000C.00000002.468492869.0000000000780000.00000002.00020000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	780000
Size:	12288

Details

Name:	00000004.00000003.443191264.0000000004820000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4820000
Size:	65536

Details

Name:	00000008.00000000.458281623.000000007EFD0000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000008.00000002.459782981.0000000000010000.00000004.00020000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	10000
Size:	4096

Details

Name:	00000008.00000002.459937804.0000000000460000.00000004.00000040.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	460000
Size:	16384

Details

Name:	00000004.00000002.459416938.0000000005D7D000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5D7D000
Size:	139264

Details

Name:	00000005.00000000.447696146.0000000000050000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	50000
Size:	16384

Details

Name:	0000000F.00000003.475220329.0000000000482000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	482000
Size:	57344

Details

Name:	00000007.00000003.471003018.0000000000535000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	535000
Size:	8192

Details

Name:	00000004.00000002.459961120.0000000005F26000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5F26000
Size:	8192

Details

Name:	00000013.00000002.704166936.0000000000130000.00000004.00000020.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	130000
Size:	16384

Details

Name:	00000004.00000002.453807815.0000000000320000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	320000
Size:	65536

Details

Name:	0000000B.00000002.469012496.000000000030E000.00000004.00000010.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	30E000
Size:	8192

Details

Name:	0000000C.00000000.465991450.000000007EFB2000.00000002.00020000.sdmp
TargetID:	12
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000007.00000003.689291297.0000000003850000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3850000
Size:	40960

Details

Name:	00000007.00000002.704720448.00000000003A0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	3A0000
Size:	28672

Details

Name:	0000000C.00000002.468374844.0000000000490000.00000004.00000001.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	490000
Size:	65536

Details

Name:	00000004.00000002.461984233.0000000006325000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6325000
Size:	16384

Details

Name:	00000007.00000002.705886426.00000000027B2000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	27B2000
Size:	4096

Details

Name:	00000007.00000003.673804573.00000000036F1000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	36F1000
Size:	36864

Details

Name:	0000000B.00000000.465991474.000000007EFB2000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000007.00000003.673921906.00000000037D0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	37D0000
Size:	40960

Details

Name:	00000011.00000002.486103940.00000000003AB000.00000040.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	3AB000
Size:	4096

Details

Name:	00000008.00000002.463464027.000000007EFDF000.00000004.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7EFDF000
Size:	4096

Details

Name:	00000007.00000002.704709959.0000000000398000.00000004.00000040.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	398000
Size:	16384

Details

Name:	00000007.00000002.704234104.00000000001C2000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	1C2000
Size:	8192

Details

Name:	00000011.00000000.483420106.0000000001080000.00000002.00020000.sdmp
TargetID:	17
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	1080000
Size:	4096

Details

Name:	0000000B.00000000.466547400.0000000000060000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	60000
Size:	4096

Details

Name:	0000000C.00000002.468159566.0000000000020000.00000004.00020000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	20000
Size:	4096

Details

Name:	00000007.00000002.704154387.00000000000A0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	A0000
Size:	4096

Details

Name:	00000004.00000002.460143323.0000000005F7E000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5F7E000
Size:	4096

Details

Name:	00000004.00000002.453718825.00000000001AC000.00000040.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	1AC000
Size:	8192

Details

Name:	00000007.00000003.673969815.0000000003850000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3850000
Size:	40960

Details

Name:	00000004.00000002.458408713.0000000005B40000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5B40000
Size:	4096

Details

Name:	00000007.00000002.704821244.0000000000490000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	490000
Size:	36864

Details

Name:	00000007.00000002.704740609.00000000003D0000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	3D0000
Size:	16384

Details

Name:	00000004.00000002.453981420.00000000006F7000.00000004.00000020.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	6F7000
Size:	4096

Details

Name:	00000004.00000002.458713199.0000000005C0F000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5C0F000
Size:	167936

Details

Name:	0000000F.00000002.475939315.00000000009B0000.00000002.00020000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	9B0000
Size:	12288

Details

Name:	00000004.00000003.437411604.00000000049C8000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	49C8000
Size:	4096

Details

Name:	00000007.00000003.689263457.0000000003810000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3810000
Size:	40960

Details

Name:	00000007.00000000.449935488.000000007EFB2000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000004.00000002.458342503.0000000005AE3000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5AE3000
Size:	323584

Details

Name:	0000000B.00000002.469031307.0000000000440000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	440000
Size:	24576

Details

Name:	00000008.00000002.459866781.00000000002E0000.00000004.00000020.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	2E0000
Size:	16384

Details

Name:	00000004.00000003.437322825.0000000004A56000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4A56000
Size:	40960

Details

Name:	00000013.00000000.520408364.000007FFFFFC2000.00000002.00020000.sdmp
TargetID:	19
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFC2000
Size:	4096

Details

Name:	0000000F.00000000.473936721.0000000000A42000.00000020.00020000.sdmp
TargetID:	15
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute read
Base address:	A42000
Size:	20480

Details

Name:	00000004.00000002.463339202.00000000063F8000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	63F8000
Size:	114688

Details

Name:	00000007.00000003.543635892.00000000038E7000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	38E7000
Size:	12288

Details

Name:	00000005.00000002.449237270.0000000000100000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	100000
Size:	4096

Details

Name:	0000000B.00000002.468816455.0000000000010000.00000004.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	10000
Size:	4096

Details

Name:	00000007.00000000.451167961.000000007EFD0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000004.00000002.460156765.0000000005F85000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5F85000
Size:	4096

Details

Name:	00000004.00000003.443206500.0000000004810000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4810000
Size:	65536

Details

Name:	00000004.00000003.443180044.0000000004840000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4840000
Size:	65536

Details

Name:	00000007.00000002.707573370.000000007EFB0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000007.00000003.454397991.00000000003E6000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E6000
Size:	16384

Details

Name:	00000004.00000002.456444970.0000000004B32000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4B32000
Size:	12288

Details

Name:	00000007.00000000.449426880.000000007EFD0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000007.00000002.704139996.0000000000090000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	90000
Size:	16384

Details

Name:	00000004.00000002.466165874.0000000006EA3000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6EA3000
Size:	8192

Details

Name:	00000007.00000003.470157457.0000000000535000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	535000
Size:	4096

Details

Name:	00000007.00000003.454038399.00000000003E0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E0000
Size:	24576

Details

Name:	00000005.00000000.447710198.000000007EFB0000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000004.00000002.460222249.0000000005FBA000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5FBA000
Size:	12288

Details

Name:	0000000B.00000002.469025119.00000000003C0000.00000004.00000020.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	3C0000
Size:	16384

Details

Name:	0000000B.00000002.468893881.00000000001DB000.00000004.00000001.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1DB000
Size:	12288

Details

Name:	00000004.00000003.443226414.00000000046D0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	46D0000
Size:	32768

Details

Name:	00000007.00000003.673994330.0000000003890000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3890000
Size:	40960

Details

Name:	0000000C.00000000.466008001.000000007EFC0000.00000002.00020000.sdmp
TargetID:	12
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000013.00000000.520398696.000007FFFFFB2000.00000002.00020000.sdmp
TargetID:	19
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFB2000
Size:	4096

Details

Name:	00000007.00000003.471012216.0000000000530000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	530000
Size:	16384

Details

Name:	00000004.00000002.459848506.0000000005EDA000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5EDA000
Size:	8192

Details

Name:	0000000C.00000003.467771451.0000000000940000.00000004.00000001.sdmp
TargetID:	12
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	940000
Size:	4096

Details

Name:	00000007.00000002.706078473.0000000003631000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3631000
Size:	61440

Details

Name:	00000004.00000002.456230584.000000000483C000.00000004.00000040.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	483C000
Size:	16384

Details

Name:	00000007.00000002.707739780.000000007EFDF000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7EFDF000
Size:	4096

Details

Name:	00000005.00000002.449410631.0000000000550000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	550000
Size:	24576

Details

Name:	00000007.00000002.706469468.0000000004FCD000.00000004.00000010.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4FCD000
Size:	12288

Details

Name:	00000007.00000003.470178688.0000000000490000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	490000
Size:	16384

Details

Name:	0000000B.00000002.469937134.0000000002520000.00000004.00000040.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2520000
Size:	4096

Details

Name:	00000007.00000003.470720852.0000000000580000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	580000
Size:	45056

Details

Name:	00000011.00000002.486146787.00000000003FA000.00000004.00000020.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	3FA000
Size:	122880

Details

Name:	00000004.00000002.463440075.000000000642B000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	642B000
Size:	12288

Details

Name:	00000004.00000002.458148922.0000000005A0B000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5A0B000
Size:	229376

Details

Name:	00000011.00000002.486423093.0000000000FFE000.00000004.00000010.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	FFE000
Size:	8192

Details

Name:	00000007.00000003.689303492.0000000003870000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3870000
Size:	40960

Details

Name:	00000004.00000003.448043945.0000000004C10000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4C10000
Size:	65536

Details

Name:	00000013.00000002.704101462.0000000000010000.00000004.00020000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	10000
Size:	4096

Details

Name:	0000000F.00000002.475948697.0000000000A40000.00000002.00020000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	A40000
Size:	4096

Details

Name:	00000007.00000003.607810072.00000000038D0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	38D0000
Size:	40960

Details

Name:	00000007.00000003.607737676.0000000003830000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3830000
Size:	40960

Details

Name:	00000007.00000003.543654172.0000000003907000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3907000
Size:	45056

Details

Name:	00000007.00000000.449674841.000000007EFD0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000007.00000000.449060451.000000007EFD0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	0000000B.00000002.469052002.0000000000627000.00000004.00000020.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	627000
Size:	4096

Details

Name:	0000000C.00000003.467989171.00000000004C0000.00000040.00000040.sdmp
TargetID:	12
Dumpstage:	free memory
Regiontype:	heap private
Protect:	page execute and read and write
Base address:	4C0000
Size:	4096

Details

Name:	00000008.00000002.463469285.000000007EFE0000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFE0000
Size:	20480

Details

Name:	00000004.00000003.443476139.00000000007D0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	7D0000
Size:	12288

Details

Name:	00000007.00000000.452348909.000000007EFD0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	0000000F.00000000.473987367.000000007EFD0000.00000002.00020000.sdmp
TargetID:	15
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000007.00000000.450239577.000000007EFB0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000007.00000000.452252053.000000007EFB0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000008.00000000.458586946.000000007EFB2000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000004.00000002.458195953.0000000005A47000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5A47000
Size:	32768

Details

Name:	00000005.00000000.447971473.0000000000050000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	50000
Size:	16384

Details

Name:	00000004.00000003.437344686.0000000004A04000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4A04000
Size:	16384

Details

Name:	00000007.00000002.704975225.0000000000590000.00000004.00000020.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	590000
Size:	61440

Details

Name:	00000004.00000002.458333027.0000000005ADE000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5ADE000
Size:	16384

Details

Name:	00000007.00000003.607711671.00000000037F0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	37F0000
Size:	40960

Details

Name:	00000007.00000000.449037762.000000007EFB0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000011.00000000.483488867.000000007EFC2000.00000002.00020000.sdmp
TargetID:	17
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000007.00000003.470142932.0000000000495000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	495000
Size:	4096

Details

Name:	0000000C.00000002.468263177.00000000002D0000.00000004.00000020.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	2D0000
Size:	16384

Details

Name:	0000000C.00000003.467817984.0000000000932000.00000004.00000001.sdmp
TargetID:	12
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	932000
Size:	57344

Details

Name:	00000005.00000000.447715050.000000007EFB2000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000008.00000002.463402693.000000007EFB0000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	0000000F.00000000.473980184.000000007EFC2000.00000002.00020000.sdmp
TargetID:	15
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000011.00000000.483467416.000000007EFB2000.00000002.00020000.sdmp
TargetID:	17
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000007.00000002.704962803.0000000000580000.00000004.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	580000
Size:	12288

Details

Name:	00000007.00000003.607765099.0000000003870000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3870000
Size:	40960

Details

Name:	00000007.00000002.704160055.0000000000140000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	140000
Size:	4096

Details

Name:	00000007.00000003.470444541.0000000000535000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	535000
Size:	8192

Details

Name:	00000008.00000002.463351678.00000000022FE000.00000004.00000010.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	22FE000
Size:	8192

Details

Name:	00000007.00000003.661811867.00000000038F0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	38F0000
Size:	40960

Details

Name:	00000011.00000002.486015924.000000000036A000.00000040.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	36A000
Size:	4096

Details

Name:	00000013.00000002.704134786.0000000000040000.00000002.00020000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	40000
Size:	4096

Details

Name:	00000004.00000003.437092063.0000000000370000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	370000
Size:	12288

Details

Name:	00000007.00000003.453655710.0000000000370000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	370000
Size:	32768

Details

Name:	00000004.00000002.459027174.0000000005CDC000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5CDC000
Size:	8192

Details

Name:	00000004.00000003.437385303.0000000004A56000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4A56000
Size:	40960

Details

Name:	00000004.00000003.437339536.00000000049E7000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	49E7000
Size:	8192

Details

Name:	00000004.00000002.459078092.0000000005CE8000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5CE8000
Size:	8192

Details

Name:	00000007.00000003.607609584.00000000036F1000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	36F1000
Size:	36864

Details

Name:	0000000A.00000002.704477475.000000000031F000.00000004.00000020.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	31F000
Size:	49152

Details

Name:	00000007.00000003.453978205.00000000003E0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E0000
Size:	65536

Details

Name:	00000007.00000002.704865229.0000000000530000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	530000
Size:	65536

Details

Name:	00000007.00000002.704168172.0000000000150000.00000004.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	150000
Size:	4096

Details

Name:	0000000C.00000002.468245835.00000000002B0000.00000004.00000001.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2B0000
Size:	8192

Details

Name:	0000000A.00000002.705974442.00000000022EF000.00000004.00000010.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	22EF000
Size:	4096

Details

Name:	00000011.00000002.485857184.0000000000020000.00000004.00020000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	20000
Size:	4096

Details

Name:	00000007.00000000.452719966.000000007EFB2000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000007.00000000.450540400.000000007EFD0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	0000000A.00000002.705960594.00000000021AF000.00000004.00000010.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	21AF000
Size:	4096

Details

Name:	00000007.00000002.705039111.00000000006B1000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6B1000
Size:	24576

Details

Name:	00000007.00000003.470434754.0000000000530000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	530000
Size:	16384

Details

Name:	00000004.00000002.458226299.0000000005A73000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5A73000
Size:	167936

Details

Name:	00000008.00000002.463408800.000000007EFB2000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	0000000C.00000002.468524327.0000000000920000.00000040.00000001.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	920000
Size:	8192

Details

Name:	00000007.00000002.706241076.0000000004630000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	4630000
Size:	913408

Details

Name:	0000000B.00000002.469931992.000000000242F000.00000004.00000010.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	242F000
Size:	4096

Details

Name:	0000000F.00000002.475663107.00000000001DB000.00000040.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	1DB000
Size:	4096

Details

Name:	0000000C.00000002.468187629.00000000000E0000.00000002.00020000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	E0000
Size:	4096

Details

Name:	0000000C.00000002.468557791.0000000000A10000.00000040.00000040.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page execute and read and write
Base address:	A10000
Size:	4096

Details

Name:	00000004.00000002.462069748.0000000006355000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6355000
Size:	8192

Details

Name:	0000000F.00000002.475956814.0000000000A42000.00000020.00020000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute read
Base address:	A42000
Size:	20480

Details

Name:	00000005.00000000.447139213.000000007EFC2000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	0000000C.00000002.468688725.000000007EFD0000.00000002.00020000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000007.00000003.607700326.00000000037B0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	37B0000
Size:	40960

Details

Name:	00000004.00000002.453921089.0000000000430000.00000040.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	430000
Size:	8192

Details

Name:	00000007.00000003.470851807.0000000000580000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	580000
Size:	16384

Details

Name:	00000004.00000002.466116846.0000000006E8B000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6E8B000
Size:	16384

Details

Name:	0000000B.00000000.466008935.000000007EFC0000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000005.00000002.449241936.000000000017B000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	17B000
Size:	20480

Details

Name:	00000005.00000000.447999588.000000007EFC2000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	0000000A.00000002.704185794.0000000000160000.00000004.00000040.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	160000
Size:	4096

Details

Name:	0000000C.00000002.468355774.000000000045B000.00000040.00000001.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	45B000
Size:	4096

Details

Name:	00000008.00000002.459833724.0000000000140000.00000004.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	140000
Size:	4096

Details

Name:	00000007.00000002.705423048.0000000000B80000.00000004.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	B80000
Size:	4096

Details

Name:	00000008.00000000.457980058.000000007EFD0000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000007.00000003.457202150.00000000007E7000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	7E7000
Size:	61440

Details

Name:	00000004.00000002.464810485.0000000006830000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6830000
Size:	4096

Details

Name:	00000007.00000000.453013583.0000000000090000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	90000
Size:	16384

Details

Name:	0000000B.00000002.468879046.0000000000130000.00000004.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	130000
Size:	8192

Details

Name:	0000000F.00000002.475559541.0000000000050000.00000002.00020000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	50000
Size:	16384

Details

Name:	0000000A.00000002.704159529.00000000000E0000.00000004.00000001.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	E0000
Size:	4096

Details

Name:	00000004.00000002.457062751.00000000055D0000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	55D0000
Size:	4112384

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000007.00000003.470982261.0000000000537000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	537000
Size:	8192

Details

Name:	00000007.00000003.471201542.00000000036D0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	36D0000
Size:	81920

Details

Name:	0000000B.00000002.470059565.000000007EFE0000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFE0000
Size:	20480

Details

Name:	00000007.00000003.592595392.0000000003950000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3950000
Size:	40960

Details

Name:	00000004.00000002.459465874.0000000005DA4000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5DA4000
Size:	319488

Details

Name:	00000007.00000000.450522248.00000000000A0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	A0000
Size:	4096

Details

Name:	00000007.00000000.449056411.000000007EFC2000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	0000000C.00000002.468179043.00000000000AC000.00000004.00000001.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	AC000
Size:	16384

Details

Name:	0000000A.00000002.705847388.0000000001FD4000.00000004.00000040.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	1FD4000
Size:	4096

Details

Name:	00000004.00000002.453838171.0000000000330000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	330000
Size:	65536

Details

Name:	00000004.00000002.459884414.0000000005EF1000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5EF1000
Size:	8192

Details

Name:	00000007.00000003.470789660.0000000000538000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	538000
Size:	32768

Details

Name:	00000004.00000002.459914093.0000000005EFE000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5EFE000
Size:	139264

Details

Name:	00000004.00000002.462223977.0000000006398000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6398000
Size:	4096

Details

Name:	0000000A.00000002.704139040.0000000000040000.00000002.00020000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	40000
Size:	4096

Details

Name:	00000011.00000002.486345414.0000000000830000.00000002.00020000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	830000
Size:	77824

Details

Name:	0000000B.00000000.467071290.000000007EFC0000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000007.00000003.470663544.0000000000560000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	560000
Size:	65536

Details

Name:	00000004.00000003.443292510.000000000213F000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	213F000
Size:	4096

Details

Name:	00000004.00000002.453658802.00000000000BB000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	BB000
Size:	20480

Details

Name:	00000004.00000002.465891548.0000000006DFC000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6DFC000
Size:	540672

Details

Name:	00000004.00000002.453875432.0000000000350000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	350000
Size:	8192

Details

Name:	0000000F.00000002.475837618.00000000006D0000.00000004.00000040.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	6D0000
Size:	12288

Details

Name:	00000004.00000002.459707320.0000000005E59000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5E59000
Size:	12288

Details

Name:	00000007.00000000.451145371.000000007EFC0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000004.00000001.436170696.0000000000960000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	image loaded
Regiontype:	unkown image
Protect:	page readonly
Base address:	960000
Size:	4096

Details

Name:	00000004.00000003.443276909.0000000004450000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4450000
Size:	65536

Details

Name:	00000005.00000002.450020714.0000000002464000.00000004.00000040.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2464000
Size:	4096

Details

Name:	0000000B.00000002.468824439.0000000000020000.00000004.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	20000
Size:	4096

Details

Name:	00000013.00000002.704467669.000007FFFFFB0000.00000002.00020000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFB0000
Size:	4096

Details

Name:	00000005.00000000.447704062.0000000000060000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	60000
Size:	4096

Details

Name:	0000000C.00000002.468199273.0000000000206000.00000004.00000001.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	206000
Size:	4096

Details

Name:	0000000A.00000002.704100887.0000000000010000.00000004.00020000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	10000
Size:	4096

Details

Name:	00000007.00000003.453935769.00000000003E0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E0000
Size:	20480

Details

Name:	00000004.00000002.463333341.00000000063ED000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	63ED000
Size:	8192

Details

Name:	00000008.00000002.463453135.000000007EFD0000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	0000000A.00000002.706059448.000007FFFFFC0000.00000002.00020000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFC0000
Size:	4096

Details

Name:	00000007.00000002.705522109.0000000000D72000.00000004.00000040.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	D72000
Size:	16384

Details

Name:	00000008.00000002.463385162.000000000253F000.00000004.00000010.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	253F000
Size:	4096

Details

Name:	00000007.00000003.453995289.00000000003F8000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3F8000
Size:	32768

Details

Name:	0000000B.00000002.469967849.000000007EFC0000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000004.00000002.460213157.0000000005FB7000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5FB7000
Size:	4096

Details

Name:	0000000F.00000002.475605846.0000000000192000.00000040.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	192000
Size:	4096

Details

Name:	0000000B.00000002.468832945.0000000000030000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	30000
Size:	28672

Details

Name:	00000007.00000003.592521770.00000000038D0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	38D0000
Size:	45056

Details

Name:	00000004.00000003.437394704.00000000049A4000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	49A4000
Size:	139264

Details

Name:	00000004.00000002.454485054.000000000205F000.00000004.00000010.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	205F000
Size:	4096

Details

Name:	00000004.00000002.459256966.0000000005D3F000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5D3F000
Size:	12288

Details

Name:	00000007.00000003.543488824.00000000037E7000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	37E7000
Size:	45056

Details

Name:	00000004.00000002.460255096.0000000005FC5000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5FC5000
Size:	8192

Details

Name:	0000000B.00000002.468842815.0000000000050000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	50000
Size:	16384

Details

Name:	00000008.00000002.459826247.000000000013F000.00000004.00000001.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	13F000
Size:	4096

Details

Name:	0000000F.00000002.475625440.00000000001A2000.00000040.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	1A2000
Size:	12288

Details

Name:	00000004.00000002.453653169.0000000000060000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	60000
Size:	4096

Details

Name:	00000007.00000003.470189462.0000000000496000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	496000
Size:	8192

Details

Name:	00000011.00000002.486002237.0000000000350000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	350000
Size:	8192

Details

Name:	00000004.00000002.461913498.0000000006313000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6313000
Size:	4096

Details

Name:	00000007.00000003.470615353.0000000000580000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	580000
Size:	4096

Details

Name:	00000004.00000002.462159054.0000000006374000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6374000
Size:	4096

Details

Name:	0000000F.00000000.473959876.000000007EFB0000.00000002.00020000.sdmp
TargetID:	15
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000008.00000000.458275282.000000007EFC2000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000007.00000003.661724887.00000000037D1000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	37D1000
Size:	36864

Details

Name:	00000005.00000002.449222286.0000000000050000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	50000
Size:	16384

Details

Name:	00000007.00000002.706230924.0000000003810000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3810000
Size:	40960

Details

Name:	00000008.00000002.459889483.0000000000304000.00000004.00000020.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	304000
Size:	102400

Details

Name:	00000004.00000002.460100035.0000000005F6C000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5F6C000
Size:	4096

Details

Name:	00000007.00000003.471020500.0000000000536000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	536000
Size:	8192

Details

Name:	00000004.00000002.459303272.0000000005D46000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5D46000
Size:	139264

Details

Name:	00000013.00000002.704257399.0000000000198000.00000004.00000020.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	198000
Size:	20480

Details

Name:	0000000C.00000002.468684222.000000007EFC2000.00000002.00020000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000007.00000002.706036680.0000000002897000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2897000
Size:	4096

Details

Name:	00000007.00000002.706309661.00000000047A0000.00000040.00000040.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page execute and read and write
Base address:	47A0000
Size:	16384

Details

Name:	00000008.00000000.457582533.000000007EFC0000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000005.00000000.447983761.000000007EFB0000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000007.00000002.706364411.0000000004BCE000.00000004.00000010.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4BCE000
Size:	8192

Details

Name:	00000007.00000000.451831184.00000000000A0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	A0000
Size:	4096

Details

Name:	00000004.00000002.456612980.0000000005030000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5030000
Size:	61440

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000011.00000003.485709863.0000000000590000.00000040.00000040.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	heap private
Protect:	page execute and read and write
Base address:	590000
Size:	4096

Details

Name:	00000007.00000003.551339627.0000000000839000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	839000
Size:	12288

Details

Name:	0000000A.00000002.705840939.0000000001FD0000.00000004.00000040.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	1FD0000
Size:	4096

Details

Name:	00000005.00000002.449429124.00000000006E0000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	6E0000
Size:	77824

Details

Name:	0000000F.00000002.475805382.00000000004D0000.00000004.00000020.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	4D0000
Size:	16384

Details

Name:	0000000C.00000003.467892396.0000000000990000.00000004.00000001.sdmp
TargetID:	12
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	990000
Size:	16384

Details

Name:	0000000A.00000002.705859607.0000000002050000.00000002.00020000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	2050000
Size:	913408

Details

Name:	0000000B.00000000.467027418.000000007EFB0000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000007.00000003.543604810.00000000038A7000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	38A7000
Size:	45056

Details

Name:	00000007.00000002.706338974.00000000047FD000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	47FD000
Size:	8192

Signature Hits	Behavior Group	Mitre Attack
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000007.00000003.661778049.0000000003890000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3890000
Size:	40960

Details

Name:	00000004.00000002.453945727.00000000004A2000.00000040.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	4A2000
Size:	4096

Details

Name:	00000007.00000003.453843686.00000000003F0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3F0000
Size:	65536

Details

Name:	0000000B.00000002.469018299.0000000000320000.00000004.00000040.sdmp
TargetID:	11
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	320000
Size:	16384

Details

Name:	00000007.00000002.706619255.000000000581E000.00000104.00000010.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write \| page guard
Base address:	581E000
Size:	4096

Details

Name:	0000000C.00000002.468571597.0000000000AB0000.00000004.00020000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	AB0000
Size:	8192

Details

Name:	00000007.00000002.704921985.0000000000550000.00000004.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	550000
Size:	20480

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara signature match	System Summary

Details

Name:	0000000F.00000002.475737883.0000000000400000.00000040.00000001.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	400000
Size:	8192

Details

Name:	0000000C.00000002.468252441.00000000002B2000.00000040.00000001.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2B2000
Size:	12288

Details

Name:	0000000F.00000003.475287764.00000000004A0000.00000004.00000001.sdmp
TargetID:	15
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4A0000
Size:	16384

Details

Name:	00000007.00000003.607750645.0000000003850000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3850000
Size:	40960

Details

Name:	00000007.00000003.454335059.00000000003E0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3E0000
Size:	20480

Details

Name:	00000004.00000002.460136383.0000000005F74000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5F74000
Size:	8192

Details

Name:	00000007.00000003.607868233.0000000003950000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3950000
Size:	40960

Details

Name:	00000004.00000002.453767641.00000000001E7000.00000040.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	1E7000
Size:	4096

Details

Name:	0000000B.00000000.466047466.000000007EFC2000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000007.00000003.661834714.0000000003950000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3950000
Size:	40960

Details

Name:	00000011.00000002.486010126.0000000000362000.00000040.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	362000
Size:	4096

Details

Name:	00000008.00000002.459802487.0000000000050000.00000002.00020000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	50000
Size:	16384

Details

Name:	00000013.00000002.704242485.0000000000176000.00000004.00000020.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	176000
Size:	12288

Details

Name:	00000011.00000002.485864610.0000000000050000.00000002.00020000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	50000
Size:	16384

Details

Name:	00000007.00000003.689245963.00000000037D0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	37D0000
Size:	40960

Details

Name:	00000007.00000003.454269949.00000000003F0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3F0000
Size:	20480

Details

Name:	00000004.00000003.443125081.0000000002110000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2110000
Size:	45056

Details

Name:	00000007.00000003.673863730.0000000003750000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	3750000
Size:	40960

Details

Name:	00000007.00000002.706483435.00000000050BD000.00000004.00000010.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	50BD000
Size:	12288

Details

Name:	00000004.00000003.443237585.0000000004480000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4480000
Size:	65536

Details

Name:	00000004.00000002.466443308.0000000007C0F000.00000004.00000010.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7C0F000
Size:	4096

Details

Name:	00000004.00000003.445813186.0000000005390000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5390000
Size:	4096

Details

Name:	00000007.00000002.707421749.00000000066AE000.00000004.00000010.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	66AE000
Size:	8192

Details

Name:	0000000B.00000000.466636387.000000007EFB2000.00000002.00020000.sdmp
TargetID:	11
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000007.00000000.449666700.000000007EFC0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000004.00000002.453888250.0000000000360000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	360000
Size:	4096

Details

Name:	00000007.00000000.449945568.000000007EFC0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000007.00000002.705763945.00000000026BA000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	26BA000
Size:	323584

Details

Name:	00000004.00000002.460803063.0000000005FF0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5FF0000
Size:	118784

Details

Name:	00000007.00000002.704755968.0000000000400000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	400000
Size:	4096

Details

Name:	00000011.00000002.486530582.0000000003491000.00000004.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3491000
Size:	8192

Details

Name:	00000007.00000000.452210940.0000000000400000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	400000
Size:	4096

Details

Name:	00000007.00000002.705118653.0000000000784000.00000004.00000020.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	784000
Size:	122880

Details

Name:	00000011.00000002.485898155.00000000001A7000.00000104.00000001.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write \| page guard
Base address:	1A7000
Size:	4096

Details

Name:	00000007.00000002.704247066.00000000001CA000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	1CA000
Size:	8192

Details

Name:	0000000C.00000002.468550999.00000000009B0000.00000004.00000001.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	9B0000
Size:	4096

Details

Name:	0000000C.00000002.468540785.00000000009A0000.00000002.00020000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	9A0000
Size:	28672

Details

Name:	00000007.00000003.661787386.00000000038B0000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	38B0000
Size:	40960

Details

Name:	00000005.00000000.447422806.000000007EFB0000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000013.00000002.704507707.000007FFFFFC2000.00000002.00020000.sdmp
TargetID:	19
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFC2000
Size:	4096

Details

Name:	00000004.00000002.464848525.0000000006841000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6841000
Size:	413696

Details

Name:	00000004.00000002.460973138.0000000006060000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6060000
Size:	4096

Details

Name:	00000007.00000003.473350354.0000000000710000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	710000
Size:	53248

Details

Name:	00000004.00000002.459380786.0000000005D70000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5D70000
Size:	8192

Details

Name:	00000004.00000002.459185937.0000000005D17000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5D17000
Size:	151552

Details

Name:	0000000C.00000003.467963851.0000000000AC0000.00000004.00000001.sdmp
TargetID:	12
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AC0000
Size:	12288

Details

Name:	0000000F.00000002.475811660.0000000000550000.00000004.00020000.sdmp
TargetID:	15
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	550000
Size:	8192

Details

Name:	00000007.00000002.704305275.00000000001DC000.00000040.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	1DC000
Size:	12288

Details

Name:	00000007.00000002.706441211.0000000004E90000.00000004.00000040.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	4E90000
Size:	20480

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report

Files

Processes

URLs

Domains

IPs

Registry

Memdumps