Automated Malware Analysis IOC Report for

Details

Name:	00000007.00000002.749792224.0000000000210000.00000004.00000020.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	210000
Size:	16384

Details

Name:	00000000.00000003.403677243.0000000007425000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	7425000
Size:	135168

Details

Name:	00000006.00000000.584159947.000000007EFD0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000004.00000000.488732093.000007FFFFFB2000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFB2000
Size:	4096

Details

Name:	00000000.00000003.534979137.0000000000143000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	143000
Size:	94208

Details

Name:	00000000.00000002.750169437.0000000001DA0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1DA0000
Size:	24576

Details

Name:	00000003.00000002.586043295.00000000000CC000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	CC000
Size:	16384

Details

Name:	00000006.00000000.585766151.000000007EFD0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000006.00000000.585004758.000000007EFC2000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000006.00000000.584131131.0000000000050000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	50000
Size:	16384

Details

Name:	00000000.00000003.537564945.000000000598A000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	598A000
Size:	12288

Details

Name:	00000000.00000002.760031647.0000000005372000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5372000
Size:	16384

Details

Name:	00000000.00000002.751693731.00000000041C0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	41C0000
Size:	8192

Details

Name:	00000000.00000003.403231806.00000000072B0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	72B0000
Size:	4096

Details

Name:	00000000.00000002.750005171.0000000000460000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	460000
Size:	12288

Details

Name:	00000000.00000002.760156083.0000000005500000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5500000
Size:	45056

Details

Name:	00000000.00000003.536758071.00000000059D9000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	59D9000
Size:	561152

Details

Name:	00000000.00000003.535172877.0000000007720000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	7720000
Size:	4096

Details

Name:	00000007.00000002.750458205.000000007EFC2000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000000.00000002.749928773.00000000003B0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3B0000
Size:	65536

Details

Name:	00000000.00000003.403063675.0000000007290000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	7290000
Size:	4096

Details

Name:	00000000.00000002.759373114.0000000004F90000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	4F90000
Size:	1986560

Signature Hits	Behavior Group	Mitre Attack
Binary contains paths to development resources	System Summary
Found strings which match to known social media urls	Networking
URLs found in memory or binary data	Networking

Details

Name:	00000000.00000003.535034300.0000000007B78000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	stack
Protect:	page read and write
Base address:	7B78000
Size:	114688

Details

Name:	00000000.00000003.555370676.000000000342B000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	342B000
Size:	8192

Details

Name:	00000003.00000002.587383707.000000007EFDF000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7EFDF000
Size:	4096

Details

Name:	00000006.00000000.585742642.000000007EFB0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000006.00000000.584143216.000000007EFB0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000006.00000000.585748628.000000007EFB2000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000000.00000002.761699674.000000000598F000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	598F000
Size:	81920

Signature Hits	Behavior Group	Mitre Attack
Found strings which match to known social media urls	Networking

Details

Name:	00000000.00000002.751759288.00000000041FA000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	41FA000
Size:	12288

Details

Name:	00000000.00000002.750209941.000000000204D000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	204D000
Size:	4096

Details

Name:	00000000.00000003.540160097.0000000007B30000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	stack
Protect:	page read and write
Base address:	7B30000
Size:	4096

Details

Name:	00000000.00000002.762484061.0000000006C22000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6C22000
Size:	16384

Details

Name:	00000006.00000000.583599072.000000007EFB0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000000.00000003.402799291.00000000054F0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	54F0000
Size:	4096

Details

Name:	00000000.00000003.537576143.00000000059B6000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	59B6000
Size:	8192

Details

Name:	00000006.00000000.584729954.000000007EFC2000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000006.00000000.584451414.000000007EFD0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000000.00000002.759320611.0000000004E78000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4E78000
Size:	57344

Details

Name:	00000007.00000002.749778849.0000000000200000.00000004.00000040.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	200000
Size:	16384

Details

Name:	00000004.00000002.746272287.000000000051E000.00000004.00000010.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	51E000
Size:	8192

Details

Name:	00000000.00000003.403142608.0000000007290000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	7290000
Size:	4096

Details

Name:	00000000.00000002.762142719.0000000005AC0000.00000004.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	5AC0000
Size:	16384

Details

Name:	00000003.00000002.587307038.000000006E441000.00000020.00020000.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute read
Base address:	6E441000
Size:	229376

Details

Name:	00000000.00000002.763251781.0000000007570000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7570000
Size:	4096

Details

Name:	00000000.00000003.545458883.00000000076D0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	76D0000
Size:	4096

Details

Name:	00000000.00000002.763091037.00000000072F0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	72F0000
Size:	16384

Details

Name:	00000000.00000002.763303155.0000000007710000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7710000
Size:	4096

Details

Name:	00000007.00000000.748574144.000000007EFC0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000000.00000002.750350669.0000000003020000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	3020000
Size:	4096

Details

Name:	00000000.00000002.764201542.000007FFFFFB0000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFB0000
Size:	4096

Details

Name:	00000000.00000002.749728429.0000000000020000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	20000
Size:	12288

Details

Name:	00000000.00000003.555355467.0000000004EDF000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4EDF000
Size:	73728

Details

Name:	00000000.00000002.763036214.00000000072A0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	72A0000
Size:	40960

Details

Name:	00000006.00000000.584427178.000000007EFB0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000000.00000002.750502873.00000000033F0000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	33F0000
Size:	28672

Details

Name:	00000006.00000000.583900469.000000007EFC2000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000003.00000002.587343268.000000006E48E000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	6E48E000
Size:	155648

Details

Name:	00000000.00000003.402756603.00000000054F0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	54F0000
Size:	4096

Details

Name:	00000006.00000000.584723971.000000007EFC0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000000.00000003.540086244.0000000007B30000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	stack
Protect:	page read and write
Base address:	7B30000
Size:	4096

Details

Name:	00000000.00000002.749955529.0000000000410000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	410000
Size:	4096

Details

Name:	00000000.00000003.538094447.0000000007B78000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	stack
Protect:	page read and write
Base address:	7B78000
Size:	114688

Details

Name:	00000000.00000000.401229263.000007FFFFFB2000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFB2000
Size:	4096

Details

Name:	00000003.00000003.585797028.0000000002600000.00000004.00000040.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	heap private
Protect:	page read and write
Base address:	2600000
Size:	4096

Details

Name:	00000000.00000002.761067720.000000000590F000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	590F000
Size:	12288

Details

Name:	00000000.00000003.484533282.00000000073F3000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	73F3000
Size:	4096

Details

Name:	00000000.00000002.751352282.0000000003F70000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3F70000
Size:	4096

Details

Name:	00000007.00000002.750417857.000000006E48E000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	6E48E000
Size:	155648

Details

Name:	00000003.00000002.586476171.00000000006AD000.00000004.00000020.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	6AD000
Size:	229376

Details

Name:	00000000.00000003.403033793.0000000007290000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	7290000
Size:	4096

Details

Name:	00000000.00000003.543457775.0000000000144000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	144000
Size:	20480

Details

Name:	00000003.00000003.585776160.00000000002D0000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2D0000
Size:	4096

Details

Name:	00000000.00000003.539928104.0000000004EDD000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4EDD000
Size:	8192

Details

Name:	00000000.00000002.749909198.0000000000360000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	360000
Size:	4096

Details

Name:	00000000.00000003.543405539.0000000007B95000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	stack
Protect:	page read and write
Base address:	7B95000
Size:	4096

Details

Name:	00000007.00000002.749891849.0000000000A50000.00000004.00000040.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	A50000
Size:	8192

Details

Name:	00000006.00000000.583624652.000000007EFD0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000006.00000000.584715791.000000007EFB2000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000000.00000002.750458596.00000000033D0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	33D0000
Size:	65536

Details

Name:	00000000.00000002.762233466.0000000006AF7000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6AF7000
Size:	12288

Details

Name:	00000000.00000003.538214954.000000000797D000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	797D000
Size:	49152

Details

Name:	00000007.00000000.748552927.0000000000060000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	60000
Size:	4096

Details

Name:	00000000.00000002.759230010.0000000004C8E000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4C8E000
Size:	8192

Details

Name:	00000000.00000002.750315342.00000000024E0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	24E0000
Size:	65536

Details

Name:	00000004.00000002.746265327.0000000000316000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	316000
Size:	8192

Details

Name:	00000000.00000002.750674091.0000000003427000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	3427000
Size:	16384

Details

Name:	00000000.00000002.751001550.0000000003F00000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3F00000
Size:	65536

Details

Name:	00000000.00000003.541905153.0000000007860000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	7860000
Size:	4096

Details

Name:	00000000.00000002.749749714.00000000000D0000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	D0000
Size:	12288

Details

Name:	00000000.00000003.613725008.0000000004B20000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4B20000
Size:	20480

Details

Name:	00000003.00000002.586545977.0000000000900000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	900000
Size:	77824

Details

Name:	00000007.00000002.749855981.0000000000670000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	670000
Size:	77824

Details

Name:	00000004.00000002.746291040.000007FFFFFC0000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFC0000
Size:	4096

Details

Name:	00000004.00000002.746268942.000000000048F000.00000004.00000010.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	48F000
Size:	4096

Details

Name:	00000000.00000002.763213492.0000000007410000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7410000
Size:	4096

Details

Name:	00000003.00000002.587363409.000000007EFB0000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000000.00000002.750253829.0000000002120000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	2120000
Size:	913408

Details

Name:	00000000.00000003.538078189.0000000007B50000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	stack
Protect:	page read and write
Base address:	7B50000
Size:	110592

Details

Name:	00000000.00000003.402720261.00000000054F0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	54F0000
Size:	4096

Details

Name:	00000000.00000002.763344601.0000000007860000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7860000
Size:	4096

Details

Name:	00000000.00000002.750165954.0000000001CD6000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD6000
Size:	8192

Details

Name:	00000000.00000003.543392408.0000000007B78000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	stack
Protect:	page read and write
Base address:	7B78000
Size:	114688

Details

Name:	00000000.00000003.403050456.00000000072A0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	72A0000
Size:	12288

Details

Name:	00000004.00000002.746293807.000007FFFFFC2000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFC2000
Size:	4096

Details

Name:	00000000.00000003.403441259.00000000072A0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	72A0000
Size:	20480

Details

Name:	00000000.00000002.751392867.0000000003FA0000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	3FA0000
Size:	4096

Details

Name:	00000007.00000000.748129339.000000007EFB0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000000.00000003.402786320.00000000054F0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	54F0000
Size:	4096

Details

Name:	00000000.00000002.763452627.0000000007B9F000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7B9F000
Size:	4096

Details

Name:	00000007.00000002.749751832.0000000000050000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	50000
Size:	16384

Details

Name:	00000000.00000002.751498769.00000000040E0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	40E0000
Size:	65536

Details

Name:	00000000.00000002.751399707.0000000003FA4000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	3FA4000
Size:	16384

Details

Name:	00000000.00000002.751784934.00000000041FE000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	41FE000
Size:	8192

Details

Name:	00000000.00000002.751712691.00000000041E0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	41E0000
Size:	4096

Details

Name:	00000003.00000002.587375283.000000007EFC2000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000000.00000003.541909049.0000000007830000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	7830000
Size:	4096

Details

Name:	00000000.00000002.761099212.0000000005918000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5918000
Size:	278528

Details

Name:	00000000.00000003.540019016.0000000007B30000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	stack
Protect:	page read and write
Base address:	7B30000
Size:	4096

Details

Name:	00000000.00000002.763074611.00000000072E0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	72E0000
Size:	32768

Details

Name:	00000000.00000003.539956269.0000000007B30000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	stack
Protect:	page read and write
Base address:	7B30000
Size:	4096

Details

Name:	00000000.00000003.538188987.0000000007890000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	7890000
Size:	131072

Details

Name:	00000003.00000002.585949869.0000000000020000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	20000
Size:	28672

Details

Name:	00000004.00000002.746279554.000000007EFE0000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFE0000
Size:	20480

Details

Name:	00000006.00000000.584156202.000000007EFC2000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000003.00000002.585990126.0000000000030000.00000004.00020000.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	30000
Size:	8192

Details

Name:	00000000.00000002.751161861.0000000003F10000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3F10000
Size:	65536

Details

Name:	00000000.00000002.763110067.0000000007304000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7304000
Size:	12288

Details

Name:	00000000.00000003.541276762.0000000007860000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	7860000
Size:	106496

Details

Name:	00000000.00000003.540663724.0000000008280000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	8280000
Size:	868352

Details

Name:	00000000.00000002.750092258.0000000000700000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	700000
Size:	12288

Details

Name:	00000000.00000002.759176434.0000000004847000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4847000
Size:	12288

Details

Name:	00000000.00000002.763521979.000000006E550000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	6E550000
Size:	4096

Details

Name:	00000000.00000002.749754470.00000000000E0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	E0000
Size:	4096

Details

Name:	00000000.00000003.534972697.0000000000166000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	166000
Size:	28672

Details

Name:	00000006.00000000.585272703.000000007EFC0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000000.00000002.750224125.0000000002064000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2064000
Size:	16384

Details

Name:	00000003.00000002.586400771.00000000002A0000.00000004.00000040.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2A0000
Size:	8192

Details

Name:	00000000.00000002.763219512.0000000007446000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7446000
Size:	8192

Details

Name:	00000003.00000002.587329717.000000006E479000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	6E479000
Size:	73728

Details

Name:	00000000.00000002.750411281.00000000032A0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	32A0000
Size:	65536

Details

Name:	00000003.00000002.586318947.00000000001A3000.00000040.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	1A3000
Size:	8192

Details

Name:	00000006.00000000.584969987.0000000000050000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	50000
Size:	16384

Details

Name:	00000000.00000002.750235759.0000000002069000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2069000
Size:	24576

Details

Name:	00000000.00000003.541320908.00000000076D0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	76D0000
Size:	40960

Details

Name:	00000000.00000002.750013199.0000000000480000.00000004.00000020.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	480000
Size:	20480

Details

Name:	00000000.00000002.761751158.00000000059A5000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	59A5000
Size:	24576

Details

Name:	00000007.00000000.748585972.000000007EFC2000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000003.00000000.419046066.000000007EFB2000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000000.00000002.762743904.0000000006CC6000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6CC6000
Size:	4096

Details

Name:	00000004.00000002.746234057.00000000001E0000.00000004.00000020.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	1E0000
Size:	16384

Details

Name:	00000000.00000003.541892000.0000000007B30000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	stack
Protect:	page read and write
Base address:	7B30000
Size:	4096

Details

Name:	00000000.00000002.749981999.0000000000433000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	433000
Size:	49152

Details

Name:	00000003.00000002.586528018.0000000000770000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	770000
Size:	24576

Details

Name:	00000000.00000002.763241158.0000000007554000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7554000
Size:	40960

Details

Name:	00000000.00000003.537414429.00000000059A5000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	59A5000
Size:	24576

Details

Name:	00000000.00000002.749975271.000000000042E000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	42E000
Size:	8192

Details

Name:	00000003.00000002.587299543.00000000023E0000.00000004.00000040.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	23E0000
Size:	4096

Details

Name:	00000000.00000003.535167518.0000000007830000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	7830000
Size:	4096

Details

Name:	00000006.00000000.585255189.0000000000060000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	60000
Size:	4096

Details

Name:	00000000.00000003.555345196.0000000004EDA000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4EDA000
Size:	4096

Details

Name:	00000003.00000002.587379224.000000007EFD0000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000000.00000002.750860238.0000000003DD5000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3DD5000
Size:	45056

Details

Name:	00000000.00000003.539952300.0000000004EF0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4EF0000
Size:	4096

Details

Name:	00000000.00000002.751429452.0000000003FC0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3FC0000
Size:	65536

Details

Name:	00000000.00000002.763323891.0000000007840000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7840000
Size:	4096

Details

Name:	00000000.00000003.555285280.0000000004EF1000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4EF1000
Size:	8192

Details

Name:	00000000.00000002.750344217.0000000002FB0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2FB0000
Size:	4096

Details

Name:	00000003.00000002.586081970.0000000000170000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	170000
Size:	4096

Details

Name:	00000000.00000002.751526118.00000000040F0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	40F0000
Size:	65536

Details

Name:	00000000.00000002.750220393.0000000002060000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2060000
Size:	12288

Details

Name:	00000000.00000002.763162828.0000000007360000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7360000
Size:	65536

Details

Name:	00000003.00000002.586411439.0000000000400000.00000004.00000020.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	400000
Size:	20480

Details

Name:	00000000.00000002.749797976.0000000000154000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	154000
Size:	24576

Details

Name:	00000000.00000003.403711373.00000000074B0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	74B0000
Size:	868352

Details

Name:	00000003.00000002.585941143.0000000000010000.00000004.00020000.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	10000
Size:	4096

Details

Name:	00000000.00000002.762779939.0000000006CC8000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6CC8000
Size:	4096

Details

Name:	00000007.00000002.750470991.000000007EFE0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFE0000
Size:	20480

Details

Name:	00000000.00000002.751325202.0000000003F60000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3F60000
Size:	65536

Details

Name:	00000007.00000002.750463720.000000007EFD0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000007.00000002.749848881.0000000000660000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	660000
Size:	12288

Details

Name:	00000000.00000003.541100184.0000000007B30000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	stack
Protect:	page read and write
Base address:	7B30000
Size:	4096

Details

Name:	00000000.00000002.749760697.0000000000116000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	116000
Size:	28672

Details

Name:	00000006.00000000.584993643.000000007EFB2000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000000.00000002.763425349.00000000078C0000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	78C0000
Size:	12288

Details

Name:	00000000.00000002.763230667.000000000751D000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	751D000
Size:	12288

Details

Name:	00000000.00000002.764134248.000000006E87F000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	6E87F000
Size:	352256

Details

Name:	00000007.00000002.749763203.0000000000090000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	90000
Size:	4096

Details

Name:	00000000.00000002.764212672.000007FFFFFC0000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFC0000
Size:	4096

Details

Name:	00000003.00000002.586009171.0000000000050000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	50000
Size:	16384

Details

Name:	00000000.00000003.543488825.00000000079E0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	79E0000
Size:	131072

Details

Name:	00000000.00000003.543504853.000000000797C000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	797C000
Size:	53248

Details

Name:	00000000.00000002.760038493.0000000005380000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5380000
Size:	4096

Details

Name:	00000000.00000002.761253624.000000000595D000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	595D000
Size:	135168

Details

Name:	00000000.00000003.613705065.0000000004B10000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4B10000
Size:	4096

Details

Name:	00000000.00000002.750022792.00000000004BE000.00000004.00000020.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	4BE000
Size:	212992

Details

Name:	00000000.00000002.760128336.000000000548E000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	548E000
Size:	8192

Details

Name:	00000000.00000003.613752499.00000000073C4000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	73C4000
Size:	176128

Details

Name:	00000000.00000002.751877597.000000000420F000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	420F000
Size:	4096

Details

Name:	00000000.00000002.750322770.0000000002500000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2500000
Size:	8192

Details

Name:	00000006.00000000.584735726.000000007EFD0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000000.00000002.750347568.0000000003010000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3010000
Size:	4096

Details

Name:	00000000.00000003.541915941.0000000007720000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	7720000
Size:	4096

Details

Name:	00000003.00000002.586705764.0000000001EA0000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	1EA0000
Size:	1986560

Signature Hits	Behavior Group	Mitre Attack
Binary contains paths to development resources	System Summary
Found strings which match to known social media urls	Networking
URLs found in memory or binary data	Networking

Details

Name:	00000000.00000002.763173136.0000000007370000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7370000
Size:	57344

Details

Name:	00000000.00000002.751603241.000000000419E000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	419E000
Size:	8192

Details

Name:	00000000.00000002.750160907.0000000001CA0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1CA0000
Size:	4096

Details

Name:	00000000.00000002.751271233.0000000003F40000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3F40000
Size:	65536

Details

Name:	00000000.00000002.750197030.0000000002030000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2030000
Size:	36864

Details

Name:	00000000.00000003.402726395.00000000054F0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	54F0000
Size:	4096

Details

Name:	00000000.00000002.763337559.0000000007850000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7850000
Size:	8192

Details

Name:	00000000.00000003.403239461.00000000072B0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	72B0000
Size:	4096

Details

Name:	00000006.00000000.584988071.000000007EFB0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000006.00000000.585246727.0000000000050000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	50000
Size:	16384

Details

Name:	00000000.00000002.760181451.00000000055B5000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	55B5000
Size:	32768

Details

Name:	00000006.00000000.584707407.000000007EFB0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000000.00000002.763255644.0000000007590000.00000004.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	7590000
Size:	65536

Details

Name:	00000000.00000002.760044144.0000000005388000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5388000
Size:	24576

Details

Name:	00000000.00000002.751722287.00000000041F2000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	41F2000
Size:	8192

Details

Name:	00000000.00000002.760173636.0000000005510000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	5510000
Size:	4096

Details

Name:	00000004.00000002.746245141.000000000021D000.00000004.00000020.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	21D000
Size:	32768

Details

Name:	00000000.00000003.538221531.0000000007991000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	7991000
Size:	245760

Details

Name:	00000000.00000002.749978499.0000000000430000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	430000
Size:	4096

Details

Name:	00000004.00000002.746229119.00000000001CD000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD000
Size:	12288

Details

Name:	00000000.00000002.763120895.0000000007310000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7310000
Size:	53248

Details

Name:	00000000.00000002.751452654.00000000040C4000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	40C4000
Size:	49152

Details

Name:	00000000.00000003.535179098.0000000007700000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	7700000
Size:	4096

Details

Name:	00000006.00000000.583606176.000000007EFB2000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000000.00000002.750244600.00000000020A5000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	20A5000
Size:	4096

Details

Name:	00000000.00000002.759335589.0000000004E90000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4E90000
Size:	73728

Details

Name:	00000000.00000002.764124650.000000006E878000.00000008.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page write copy
Base address:	6E878000
Size:	16384

Details

Name:	00000000.00000002.750184710.0000000002010000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	2010000
Size:	8192

Details

Name:	00000007.00000002.749756841.0000000000060000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	60000
Size:	4096

Details

Name:	00000004.00000002.746212036.0000000000030000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	30000
Size:	12288

Details

Name:	00000000.00000002.750353664.0000000003030000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	3030000
Size:	4096

Details

Name:	00000000.00000002.750017836.0000000000487000.00000004.00000020.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	487000
Size:	12288

Details

Name:	00000000.00000002.762419734.0000000006C1B000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6C1B000
Size:	20480

Details

Name:	00000000.00000002.763437261.0000000007945000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7945000
Size:	4096

Details

Name:	00000000.00000002.763224102.0000000007510000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7510000
Size:	36864

Details

Name:	00000000.00000003.537552603.000000000595D000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	595D000
Size:	135168

Details

Name:	00000000.00000003.535161470.0000000007860000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	7860000
Size:	4096

Details

Name:	00000000.00000002.763332521.0000000007846000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7846000
Size:	4096

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000000.00000003.535153325.0000000007890000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	7890000
Size:	4096

Details

Name:	00000000.00000003.613718613.0000000004B70000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4B70000
Size:	4096

Details

Name:	00000000.00000002.760143374.00000000054B0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	54B0000
Size:	65536

Details

Name:	00000007.00000000.748157639.000000007EFC0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000000.00000002.751549342.0000000004100000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4100000
Size:	65536

Details

Name:	00000004.00000002.746257446.000000000022B000.00000004.00000020.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	22B000
Size:	16384

Details

Name:	00000000.00000002.760996146.0000000005904000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5904000
Size:	40960

Details

Name:	00000000.00000002.762902287.0000000006E10000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	6E10000
Size:	4096

Details

Name:	00000007.00000000.748151708.000000007EFB2000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000003.00000002.587371414.000000007EFC0000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000000.00000002.750174472.0000000001DA8000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1DA8000
Size:	4096

Details

Name:	00000000.00000003.536715225.00000000059CF000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	59CF000
Size:	20480

Details

Name:	00000000.00000003.540011768.0000000007B30000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	stack
Protect:	page read and write
Base address:	7B30000
Size:	4096

Details

Name:	00000000.00000003.402780877.00000000054F0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	54F0000
Size:	4096

Details

Name:	00000000.00000002.749805371.00000000001E0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1E0000
Size:	4096

Details

Name:	00000000.00000003.537570017.000000000598F000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	598F000
Size:	45056

Signature Hits	Behavior Group	Mitre Attack
Found strings which match to known social media urls	Networking

Details

Name:	00000000.00000002.750191372.0000000002023000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2023000
Size:	24576

Details

Name:	00000007.00000002.749896992.0000000000AA0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	AA0000
Size:	389120

Signature Hits	Behavior Group	Mitre Attack
May try to detect the Windows Explorer process (often used for injection)	HIPS / PFW / Operating System Protection Evasion	Process Injection Process Discovery

Details

Name:	00000000.00000002.749968934.0000000000423000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	423000
Size:	40960

Details

Name:	00000000.00000002.750432866.00000000032B8000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	32B8000
Size:	24576

Details

Name:	00000000.00000002.762273527.0000000006AFC000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6AFC000
Size:	16384

Details

Name:	00000000.00000003.403695339.0000000007462000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	7462000
Size:	135168

Details

Name:	00000000.00000002.762964472.0000000007290000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7290000
Size:	8192

Details

Name:	00000004.00000002.746206164.0000000000024000.00000004.00000040.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	24000
Size:	16384

Details

Name:	00000000.00000003.539971012.0000000007B30000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	stack
Protect:	page read and write
Base address:	7B30000
Size:	4096

Details

Name:	00000000.00000003.613738582.00000000073A8000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	73A8000
Size:	40960

Details

Name:	00000003.00000002.586461532.0000000000694000.00000004.00000020.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	694000
Size:	12288

Details

Name:	00000003.00000002.587303670.000000006E440000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	6E440000
Size:	4096

Details

Name:	00000000.00000002.749919565.0000000000390000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	390000
Size:	40960

Details

Name:	00000003.00000002.586095327.0000000000180000.00000040.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	180000
Size:	139264

Details

Name:	00000000.00000003.541271313.0000000007B30000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	stack
Protect:	page read and write
Base address:	7B30000
Size:	4096

Details

Name:	00000007.00000002.749823249.0000000000404000.00000004.00000020.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	404000
Size:	12288

Details

Name:	00000000.00000002.750473589.00000000033E0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	33E0000
Size:	57344

Details

Name:	00000004.00000002.746253455.0000000000226000.00000004.00000020.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	226000
Size:	16384

Details

Name:	00000000.00000003.541828791.0000000007F15000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	7F15000
Size:	4096

Details

Name:	00000000.00000003.540070572.0000000007B30000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	stack
Protect:	page read and write
Base address:	7B30000
Size:	4096

Details

Name:	00000000.00000002.751733364.00000000041F5000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	41F5000
Size:	4096

Details

Name:	00000006.00000000.584439513.000000007EFC0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000000.00000003.538109406.0000000007B95000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	stack
Protect:	page read and write
Base address:	7B95000
Size:	4096

Details

Name:	00000000.00000002.750876513.0000000003EED000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3EED000
Size:	12288

Details

Name:	00000000.00000003.403111539.00000000072A0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	72A0000
Size:	12288

Details

Name:	00000000.00000002.759147446.0000000004800000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4800000
Size:	286720

Details

Name:	00000003.00000001.419238672.000000006E440000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	image loaded
Regiontype:	unkown image
Protect:	page readonly
Base address:	6E440000
Size:	4096

Details

Name:	00000000.00000002.762623011.0000000006CB0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6CB0000
Size:	32768

Details

Name:	00000000.00000002.763190299.0000000007384000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7384000
Size:	49152

Details

Name:	00000000.00000002.763487314.0000000008090000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	8090000
Size:	4096

Details

Name:	00000000.00000002.762394123.0000000006C10000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6C10000
Size:	36864

Details

Name:	00000000.00000003.403207933.0000000007290000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	7290000
Size:	4096

Details

Name:	00000000.00000002.760187437.00000000055BE000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	55BE000
Size:	45056

Details

Name:	00000000.00000002.750202777.0000000002040000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2040000
Size:	12288

Details

Name:	00000000.00000003.555319261.0000000004EF5000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4EF5000
Size:	8192

Details

Name:	00000000.00000002.763328219.0000000007842000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7842000
Size:	4096

Details

Name:	00000000.00000003.403022853.0000000007290000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	7290000
Size:	8192

Details

Name:	00000006.00000000.583888619.000000007EFB0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000003.00000002.586353585.000000000020C000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	20C000
Size:	16384

Details

Name:	00000000.00000002.764079005.000000006E821000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	6E821000
Size:	303104

Details

Name:	00000000.00000003.537544659.000000000594F000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	594F000
Size:	53248

Details

Name:	00000000.00000002.750330534.0000000002509000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2509000
Size:	77824

Details

Name:	00000006.00000000.584137496.0000000000060000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	60000
Size:	4096

Details

Name:	00000000.00000002.750248997.00000000020DB000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	20DB000
Size:	32768

Details

Name:	00000000.00000002.750326592.0000000002505000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2505000
Size:	4096

Details

Name:	00000000.00000003.402714323.00000000054F0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	54F0000
Size:	4096

Details

Name:	00000006.00000000.583896804.000000007EFC0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000000.00000002.759328902.0000000004E87000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4E87000
Size:	36864

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000007.00000002.749828731.0000000000417000.00000004.00000020.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	417000
Size:	4096

Details

Name:	00000000.00000002.760168853.000000000550F000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	550F000
Size:	4096

Details

Name:	00000000.00000003.539938980.0000000004EE0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4EE0000
Size:	36864

Details

Name:	00000000.00000002.750039745.00000000004F4000.00000004.00000020.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	4F4000
Size:	159744

Details

Name:	00000007.00000000.748592073.000000007EFD0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000000.00000002.750454061.00000000033CF000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	33CF000
Size:	4096

Details

Name:	00000006.00000001.585899466.000000006E440000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	image loaded
Regiontype:	unkown image
Protect:	page readonly
Base address:	6E440000
Size:	4096

Details

Name:	00000000.00000003.614168012.0000000006AC0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	6AC0000
Size:	4096

Details

Name:	00000004.00000002.746275760.000000000095F000.00000004.00000010.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	95F000
Size:	4096

Details

Name:	00000007.00000002.749770745.00000000000C0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	C0000
Size:	4096

Details

Name:	00000007.00000002.750450286.000000007EFB2000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000000.00000002.763527296.000000006E551000.00000020.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute read
Base address:	6E551000
Size:	2949120

Details

Name:	00000006.00000000.584410010.0000000000050000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	50000
Size:	16384

Details

Name:	00000000.00000002.763133952.0000000007330000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7330000
Size:	65536

Details

Name:	00000000.00000002.749987761.0000000000440000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	440000
Size:	65536

Details

Name:	00000000.00000002.759237363.0000000004D90000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4D90000
Size:	946176

Details

Name:	00000000.00000002.750800030.0000000003540000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3540000
Size:	4096

Details

Name:	00000006.00000000.585276969.000000007EFC2000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000000.00000002.751703728.00000000041D0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	41D0000
Size:	4096

Details

Name:	00000000.00000002.751289123.0000000003F50000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3F50000
Size:	28672

Details

Name:	00000000.00000002.750377223.000000000316F000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	316F000
Size:	4096

Details

Name:	00000003.00000002.587109515.0000000002087000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	2087000
Size:	2043904

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000000.00000003.543462538.0000000000153000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	153000
Size:	28672

Details

Name:	00000003.00000000.419050554.000000007EFC0000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000000.00000002.759181958.000000000484B000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	484B000
Size:	438272

Details

Name:	00000006.00000000.585261315.000000007EFB0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000000.00000002.764111607.000000006E86B000.00000004.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	6E86B000
Size:	28672

Details

Name:	00000004.00000000.488744789.000007FFFFFD0000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFD0000
Size:	12288

Details

Name:	00000000.00000003.403199860.0000000007290000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	7290000
Size:	4096

Details

Name:	00000000.00000002.761836785.00000000059B9000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	59B9000
Size:	299008

Details

Name:	00000000.00000003.541835951.0000000007F2C000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	7F2C000
Size:	581632

Details

Name:	00000000.00000002.751675829.00000000041BB000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	41BB000
Size:	4096

Details

Name:	00000003.00000002.586073816.0000000000160000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	160000
Size:	4096

Details

Name:	00000007.00000002.749938496.0000000001EA0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	1EA0000
Size:	1986560

Signature Hits	Behavior Group	Mitre Attack
Binary contains paths to development resources	System Summary
Found strings which match to known social media urls	Networking
URLs found in memory or binary data	Networking

Details

Name:	00000000.00000002.751580005.0000000004190000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4190000
Size:	53248

Details

Name:	00000000.00000002.749995596.0000000000450000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	450000
Size:	16384

Details

Name:	00000000.00000003.541923563.0000000007B30000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	stack
Protect:	page read and write
Base address:	7B30000
Size:	4096

Details

Name:	00000000.00000000.401240881.000007FFFFFC2000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFC2000
Size:	4096

Details

Name:	00000000.00000003.541621242.0000000007EF8000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	7EF8000
Size:	114688

Details

Name:	00000000.00000002.749935253.00000000003C0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3C0000
Size:	65536

Details

Name:	00000000.00000002.763475173.0000000007EAA000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7EAA000
Size:	24576

Details

Name:	00000000.00000002.749773568.0000000000134000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	134000
Size:	69632

Details

Name:	00000007.00000000.748174739.000000007EFD0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000000.00000002.759346552.0000000004ED7000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4ED7000
Size:	8192

Details

Name:	00000003.00000002.586433516.0000000000670000.00000004.00000020.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	670000
Size:	16384

Details

Name:	00000000.00000002.749809597.00000000002B4000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2B4000
Size:	4096

Details

Name:	00000007.00000002.750467798.000000007EFDF000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7EFDF000
Size:	4096

Details

Name:	00000000.00000002.750881948.0000000003EF0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3EF0000
Size:	65536

Details

Name:	00000006.00000000.584977610.0000000000060000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	60000
Size:	4096

Details

Name:	00000000.00000003.535185018.00000000076D0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	76D0000
Size:	4096

Details

Name:	00000003.00000002.587339442.000000006E48B000.00000004.00020000.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	6E48B000
Size:	12288

Details

Name:	00000000.00000003.535049574.0000000007B95000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	stack
Protect:	page read and write
Base address:	7B95000
Size:	4096

Details

Name:	00000000.00000002.750188035.0000000002020000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2020000
Size:	8192

Details

Name:	00000000.00000003.403183201.0000000007290000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	7290000
Size:	4096

Details

Name:	00000000.00000003.541927053.00000000076D0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	76D0000
Size:	4096

Details

Name:	00000000.00000003.555327218.0000000004EF8000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4EF8000
Size:	65536

Details

Name:	00000000.00000003.537579304.00000000059B9000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	59B9000
Size:	90112

Details

Name:	00000000.00000002.762314799.0000000006B80000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6B80000
Size:	65536

Details

Name:	00000000.00000002.750387569.0000000003180000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3180000
Size:	65536

Details

Name:	00000007.00000002.749832252.000000000041D000.00000004.00000020.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	41D000
Size:	77824

Details

Name:	00000006.00000000.585010642.000000007EFD0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000000.00000003.402941570.0000000007290000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	7290000
Size:	8192

Details

Name:	00000000.00000002.749885541.0000000000320000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	320000
Size:	196608

Details

Name:	00000000.00000002.750772641.0000000003466000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3466000
Size:	8192

Details

Name:	00000000.00000002.751357644.0000000003F88000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3F88000
Size:	28672

Details

Name:	00000000.00000003.541407653.0000000007B30000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	stack
Protect:	page read and write
Base address:	7B30000
Size:	4096

Details

Name:	00000000.00000003.540025981.0000000007B30000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	stack
Protect:	page read and write
Base address:	7B30000
Size:	4096

Details

Name:	00000000.00000002.750052025.000000000051C000.00000004.00000020.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	51C000
Size:	196608

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000000.00000002.751914763.0000000004310000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	4310000
Size:	4112384

Details

Name:	00000000.00000002.763097769.00000000072F9000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	72F9000
Size:	24576

Details

Name:	00000000.00000002.760177895.00000000055B0000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	55B0000
Size:	4096

Details

Name:	00000000.00000002.750372238.0000000003060000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3060000
Size:	24576

Details

Name:	00000000.00000002.749816960.00000000002B6000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2B6000
Size:	237568

Details

Name:	00000000.00000002.763104741.0000000007300000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7300000
Size:	4096

Details

Name:	00000000.00000002.763282675.00000000075D0000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	75D0000
Size:	8192

Details

Name:	00000000.00000002.750213054.0000000002050000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2050000
Size:	61440

Details

Name:	00000006.00000000.585760334.000000007EFC2000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000000.00000003.540115622.0000000000144000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	144000
Size:	16384

Details

Name:	00000006.00000000.583871780.0000000000050000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	50000
Size:	16384

Details

Name:	00000000.00000002.750741199.0000000003430000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3430000
Size:	4096

Details

Name:	00000000.00000002.750395186.000000000328E000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	328E000
Size:	8192

Details

Name:	00000000.00000002.751303744.0000000003F58000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3F58000
Size:	32768

Details

Name:	00000000.00000002.760198779.00000000058BA000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	58BA000
Size:	24576

Details

Name:	00000000.00000002.763264559.00000000075A0000.00000004.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	75A0000
Size:	65536

Details

Name:	00000000.00000003.543528045.00000000079A1000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	79A1000
Size:	245760

Details

Name:	00000000.00000003.540061438.0000000007B30000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	stack
Protect:	page read and write
Base address:	7B30000
Size:	4096

Details

Name:	00000000.00000002.763358196.00000000078B0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	78B0000
Size:	4096

Details

Name:	00000000.00000002.763185629.0000000007380000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7380000
Size:	12288

Details

Name:	00000000.00000003.540228064.00000000081F5000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	81F5000
Size:	135168

Details

Name:	00000000.00000002.763050410.00000000072AB000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	72AB000
Size:	20480

Details

Name:	00000000.00000003.543513343.000000000798D000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	798D000
Size:	49152

Details

Name:	00000000.00000002.762710887.0000000006CC0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6CC0000
Size:	12288

Details

Name:	00000000.00000002.764222922.000007FFFFFD0000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFD0000
Size:	12288

Details

Name:	00000007.00000002.749883111.0000000000800000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	800000
Size:	4096

Details

Name:	00000000.00000002.749721988.0000000000010000.00000004.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	10000
Size:	4096

Details

Name:	00000000.00000002.763291136.00000000076E0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	76E0000
Size:	106496

Details

Name:	00000003.00000000.419040935.000000007EFB0000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000000.00000002.751231650.0000000003F20000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3F20000
Size:	40960

Details

Name:	00000000.00000002.763060804.00000000072C4000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	72C4000
Size:	49152

Details

Name:	00000000.00000002.751738851.00000000041F7000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	41F7000
Size:	4096

Details

Name:	00000000.00000002.763247792.000000000755F000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	755F000
Size:	4096

Details

Name:	00000003.00000002.586471067.00000000006A7000.00000004.00000020.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	6A7000
Size:	4096

Details

Name:	00000006.00000000.585281485.000000007EFD0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000006.00000000.583881461.0000000000060000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	60000
Size:	4096

Details

Name:	00000000.00000003.538207541.000000000796C000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	796C000
Size:	53248

Details

Name:	00000000.00000002.750099020.0000000000710000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	710000
Size:	77824

Details

Name:	00000000.00000002.762863968.0000000006CD0000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	6CD0000
Size:	4096

Details

Name:	00000000.00000002.763181544.000000000737F000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	737F000
Size:	4096

Details

Name:	00000000.00000002.763198456.0000000007390000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7390000
Size:	8192

Details

Name:	00000000.00000002.763349341.0000000007880000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7880000
Size:	4096

Details

Name:	00000000.00000003.403215965.00000000072A0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	72A0000
Size:	4096

Details

Name:	00000003.00000002.586539206.00000000008F0000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	8F0000
Size:	12288

Details

Name:	00000000.00000003.614160184.0000000005590000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5590000
Size:	20480

Details

Name:	00000000.00000002.762451919.0000000006C20000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6C20000
Size:	4096

Details

Name:	00000004.00000002.746297025.000007FFFFFD0000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFD0000
Size:	12288

Details

Name:	00000004.00000000.488740012.000007FFFFFC2000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFC2000
Size:	4096

Details

Name:	00000000.00000002.751412197.0000000003FB0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3FB0000
Size:	65536

Details

Name:	00000000.00000002.751250781.0000000003F30000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3F30000
Size:	65536

Details

Name:	00000000.00000002.750341179.0000000002FAF000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2FAF000
Size:	4096

Details

Name:	00000007.00000002.750410162.000000006E48B000.00000004.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	6E48B000
Size:	12288

Details

Name:	00000003.00000002.586065515.0000000000140000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	140000
Size:	4096

Details

Name:	00000007.00000002.749808871.00000000003E0000.00000004.00000020.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	3E0000
Size:	16384

Details

Name:	00000000.00000002.750400289.0000000003290000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3290000
Size:	65536

Details

Name:	00000000.00000003.541919618.0000000007700000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	7700000
Size:	4096

Details

Name:	00000004.00000002.746288053.000007FFFFFB2000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFB2000
Size:	4096

Details

Name:	00000000.00000003.539615264.00000000076D0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	76D0000
Size:	4096

Details

Name:	00000000.00000002.764190778.000007FEFF1A0000.00000020.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute read
Base address:	7FEFF1A0000
Size:	65536

Details

Name:	00000000.00000002.750438510.00000000032C0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	32C0000
Size:	65536

Details

Name:	00000000.00000002.751613171.00000000041A0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	41A0000
Size:	24576

Details

Name:	00000007.00000002.749746620.0000000000030000.00000004.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	30000
Size:	8192

Details

Name:	00000000.00000002.750585418.0000000003410000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3410000
Size:	4096

Details

Name:	00000007.00000002.749737185.0000000000020000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	20000
Size:	28672

Details

Name:	00000000.00000000.401246644.000007FFFFFD0000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFD0000
Size:	12288

Details

Name:	00000000.00000002.763311944.000000000771A000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	771A000
Size:	20480

Details

Name:	00000000.00000003.613712507.0000000004AC0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4AC0000
Size:	20480

Details

Name:	00000006.00000000.583892958.000000007EFB2000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000006.00000000.583613024.000000007EFC0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000004.00000002.746223110.0000000000040000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	40000
Size:	4096

Details

Name:	00000000.00000003.541095251.0000000007940000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	7940000
Size:	4096

Details

Name:	00000000.00000002.763203564.0000000007400000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	7400000
Size:	4096

Details

Name:	00000000.00000002.763362323.00000000078B6000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	78B6000
Size:	4096

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000000.00000002.750086214.0000000000580000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	580000
Size:	24576

Details

Name:	00000000.00000003.539876848.0000000007B30000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	stack
Protect:	page read and write
Base address:	7B30000
Size:	4096

Details

Name:	00000007.00000002.749804782.0000000000330000.00000004.00000040.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	330000
Size:	4096

Details

Name:	00000000.00000002.749958879.0000000000414000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	414000
Size:	49152

Details

Name:	00000000.00000002.751683957.00000000041BD000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	41BD000
Size:	12288

Details

Name:	00000000.00000002.763286956.00000000076D0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	76D0000
Size:	8192

Details

Name:	00000000.00000002.763084379.00000000072ED000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	72ED000
Size:	12288

Details

Name:	00000000.00000002.763459808.0000000007CC0000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	7CC0000
Size:	16384

Details

Name:	00000000.00000002.763143151.0000000007340000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7340000
Size:	65536

Details

Name:	00000007.00000002.750370280.000000006E441000.00000020.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute read
Base address:	6E441000
Size:	229376

Details

Name:	00000000.00000002.760194740.000000000577E000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	577E000
Size:	8192

Details

Name:	00000000.00000003.541900796.0000000007B30000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	stack
Protect:	page read and write
Base address:	7B30000
Size:	4096

Details

Name:	00000000.00000003.403121441.0000000007290000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	7290000
Size:	4096

Details

Name:	00000000.00000003.539624512.00000000076D2000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	76D2000
Size:	36864

Details

Name:	00000000.00000003.534994230.00000000076D0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	76D0000
Size:	40960

Details

Name:	00000000.00000003.541912463.0000000007B30000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	stack
Protect:	page read and write
Base address:	7B30000
Size:	4096

Details

Name:	00000000.00000002.751571679.0000000004110000.00000040.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page execute and read and write
Base address:	4110000
Size:	4096

Details

Name:	00000000.00000003.614176340.0000000005670000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5670000
Size:	20480

Details

Name:	00000007.00000002.750362776.0000000002420000.00000004.00000040.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2420000
Size:	4096

Details

Name:	00000000.00000002.750241192.00000000020A0000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	20A0000
Size:	8192

Details

Name:	00000000.00000003.539962992.000000000342B000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	342B000
Size:	8192

Details

Name:	00000000.00000002.751371374.0000000003F90000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3F90000
Size:	65536

Details

Name:	00000000.00000003.534943732.00000000076D0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	76D0000
Size:	4096

Details

Name:	00000007.00000002.749728963.0000000000010000.00000004.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	10000
Size:	4096

Details

Name:	00000000.00000003.539895274.0000000004EF8000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4EF8000
Size:	65536

Details

Name:	00000000.00000002.750116281.00000000008A0000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	8A0000
Size:	389120

Signature Hits	Behavior Group	Mitre Attack
May try to detect the Windows Explorer process (often used for injection)	HIPS / PFW / Operating System Protection Evasion	Process Injection Process Discovery

Details

Name:	00000004.00000002.746261490.00000000002E0000.00000004.00000001.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2E0000
Size:	4096

Details

Name:	00000007.00000000.748564278.000000007EFB0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000000.00000002.762810356.0000000006CCA000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6CCA000
Size:	16384

Details

Name:	00000006.00000000.585733779.0000000000060000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	60000
Size:	4096

Details

Name:	00000000.00000003.402791771.00000000054F0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	54F0000
Size:	4096

Details

Name:	00000000.00000002.762180023.0000000006AF0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6AF0000
Size:	16384

Details

Name:	00000003.00000002.586024801.0000000000060000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	60000
Size:	4096

Details

Name:	00000000.00000003.537465929.00000000059B1000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	59B1000
Size:	28672

Details

Name:	00000003.00000000.419054854.000000007EFC2000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000006.00000000.584433251.000000007EFB2000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000000.00000002.749768565.0000000000130000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	130000
Size:	8192

Details

Name:	00000000.00000002.763274107.00000000075B0000.00000004.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	75B0000
Size:	65536

Details

Name:	00000000.00000002.751643276.00000000041B0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	41B0000
Size:	4096

Details

Name:	00000000.00000002.760958181.00000000058DF000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	58DF000
Size:	12288

Details

Name:	00000000.00000003.539888649.0000000004EF5000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4EF5000
Size:	8192

Details

Name:	00000000.00000002.764207080.000007FFFFFB2000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFB2000
Size:	4096

Details

Name:	00000000.00000002.763353530.0000000007886000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7886000
Size:	4096

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000007.00000002.749841069.00000000004E0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	4E0000
Size:	24576

Details

Name:	00000000.00000002.749925202.00000000003A0000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	3A0000
Size:	8192

Details

Name:	00000007.00000002.749775586.000000000011D000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	11D000
Size:	12288

Details

Name:	00000000.00000002.751906400.000000000430F000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	430F000
Size:	4096

Details

Name:	00000004.00000000.488727143.000007FFFFFB0000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFB0000
Size:	4096

Details

Name:	00000007.00000000.748519261.0000000000050000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	50000
Size:	16384

Details

Name:	00000000.00000002.764118737.000000006E874000.00000004.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	6E874000
Size:	16384

Details

Name:	00000000.00000002.763129114.0000000007320000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7320000
Size:	4096

Details

Name:	00000000.00000002.750827342.0000000003550000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	3550000
Size:	28672

Details

Name:	00000000.00000003.543408965.0000000007BAC000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	stack
Protect:	page read and write
Base address:	7BAC000
Size:	581632

Details

Name:	00000000.00000003.537297659.000000000599A000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	599A000
Size:	36864

Details

Name:	00000000.00000003.543376476.0000000007B50000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	stack
Protect:	page read and write
Base address:	7B50000
Size:	110592

Details

Name:	00000000.00000002.749912463.0000000000370000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	370000
Size:	4096

Details

Name:	00000000.00000003.402708433.00000000054F0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	54F0000
Size:	4096

Details

Name:	00000000.00000002.750177761.0000000001DAE000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1DAE000
Size:	8192

Details

Name:	00000000.00000002.760163814.000000000550C000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	550C000
Size:	8192

Details

Name:	00000007.00000002.749766111.00000000000B0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	B0000
Size:	4096

Details

Name:	00000000.00000003.539985494.00000000075C0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	75C0000
Size:	49152

Details

Name:	00000000.00000003.535054230.0000000007BAC000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	stack
Protect:	page read and write
Base address:	7BAC000
Size:	581632

Details

Name:	00000000.00000002.750000319.0000000000455000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	455000
Size:	32768

Details

Name:	00000000.00000002.759141202.0000000004700000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4700000
Size:	4096

Details

Name:	00000007.00000002.749888434.0000000000940000.00000004.00000040.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	940000
Size:	4096

Details

Name:	00000000.00000003.403601485.0000000007320000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	7320000
Size:	49152

Details

Name:	00000000.00000002.762930114.0000000006E90000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6E90000
Size:	20480

Details

Name:	00000000.00000003.545464783.00000000076D2000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	76D2000
Size:	36864

Details

Name:	00000000.00000002.763115156.000000000730B000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	730B000
Size:	20480

Details

Name:	00000007.00000002.749819541.00000000003E7000.00000004.00000020.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	3E7000
Size:	4096

Details

Name:	00000000.00000002.750850948.0000000003DD3000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3DD3000
Size:	4096

Details

Name:	00000000.00000002.762025366.0000000005A03000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	5A03000
Size:	393216

Details

Name:	00000000.00000002.764169691.000000007EFE0000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFE0000
Size:	20480

Details

Name:	00000006.00000000.584697817.0000000000060000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	60000
Size:	4096

Details

Name:	00000000.00000003.540547966.0000000008232000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	8232000
Size:	135168

Details

Name:	00000000.00000002.750009108.0000000000477000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	477000
Size:	20480

Details

Name:	00000004.00000000.488736207.000007FFFFFC0000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFC0000
Size:	4096

Details

Name:	00000000.00000002.749952173.00000000003E0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3E0000
Size:	4096

Details

Name:	00000000.00000003.534967962.0000000000161000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	161000
Size:	16384

Details

Name:	00000003.00000002.587388109.000000007EFE0000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFE0000
Size:	20480

Details

Name:	00000000.00000002.749740053.0000000000030000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	30000
Size:	12288

Details

Name:	00000000.00000003.538112923.0000000007BAC000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	stack
Protect:	page read and write
Base address:	7BAC000
Size:	581632

Details

Name:	00000000.00000002.749965581.0000000000420000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	420000
Size:	8192

Details

Name:	00000000.00000002.762999332.0000000007295000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7295000
Size:	28672

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000000.00000000.401235415.000007FFFFFC0000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFC0000
Size:	4096

Details

Name:	00000000.00000002.750356915.0000000003050000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3050000
Size:	65536

Details

Name:	00000000.00000002.749744694.0000000000040000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	40000
Size:	4096

Details

Name:	00000000.00000002.763307650.0000000007716000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7716000
Size:	4096

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000000.00000002.760902089.00000000058C8000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	58C8000
Size:	53248

Details

Name:	00000000.00000002.762368372.0000000006B90000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	6B90000
Size:	4096

Details

Name:	00000000.00000003.614150659.0000000005660000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	5660000
Size:	4096

Details

Name:	00000003.00000000.419058762.000000007EFD0000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000003.00000002.586422465.0000000000600000.00000004.00000040.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	600000
Size:	16384

Details

Name:	00000003.00000002.586394016.0000000000210000.00000004.00000001.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	210000
Size:	4096

Details

Name:	00000000.00000002.762554792.0000000006C2A000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6C2A000
Size:	24576

Details

Name:	00000006.00000000.584445619.000000007EFC2000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000000.00000002.750206361.0000000002044000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2044000
Size:	12288

Details

Name:	00000000.00000003.403173461.00000000072A0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	72A0000
Size:	8192

Details

Name:	00000006.00000000.585725266.0000000000050000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	50000
Size:	16384

Details

Name:	00000000.00000002.759571623.0000000005177000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	5177000
Size:	2043904

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000006.00000000.583619454.000000007EFC2000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000007.00000002.750453529.000000007EFC0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000000.00000003.541416345.0000000007ED0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	7ED0000
Size:	110592

Details

Name:	00000000.00000002.764130019.000000006E87C000.00000004.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	6E87C000
Size:	4096

Details

Name:	00000006.00000000.583904774.000000007EFD0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFD0000
Size:	12288

Details

Name:	00000000.00000002.759220932.0000000004A2F000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4A2F000
Size:	4096

Details

Name:	00000004.00000002.746199925.0000000000020000.00000004.00000040.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	20000
Size:	4096

Details

Name:	00000004.00000002.746193895.0000000000010000.00000004.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	10000
Size:	4096

Details

Name:	00000000.00000002.762290053.0000000006B00000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	6B00000
Size:	4096

Details

Name:	00000000.00000002.751471075.00000000040D0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	40D0000
Size:	65536

Details

Name:	00000000.00000002.763153980.0000000007350000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	7350000
Size:	65536

Details

Name:	00000000.00000003.594577701.00000000073F3000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	73F3000
Size:	4096

Details

Name:	00000000.00000002.751627307.00000000041A8000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	41A8000
Size:	32768

Details

Name:	00000000.00000003.541123749.0000000000143000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	143000
Size:	94208

Details

Name:	00000003.00000002.587367356.000000007EFB2000.00000002.00020000.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000007.00000002.749800889.00000000002ED000.00000004.00000001.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2ED000
Size:	12288

Details

Name:	00000000.00000002.749865508.0000000000300000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	300000
Size:	12288

Details

Name:	00000006.00000000.584152617.000000007EFC0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000000.00000003.613745658.00000000073B4000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	73B4000
Size:	45056

Details

Name:	00000000.00000002.760136333.00000000054A0000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	54A0000
Size:	8192

Details

Name:	00000000.00000002.764217447.000007FFFFFC2000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFC2000
Size:	4096

Details

Name:	00000000.00000002.763236474.0000000007550000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7550000
Size:	12288

Details

Name:	00000000.00000002.751667754.00000000041B9000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	41B9000
Size:	4096

Details

Name:	00000006.00000000.584418374.0000000000060000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	60000
Size:	4096

Details

Name:	00000003.00000002.586455631.0000000000677000.00000004.00000020.sdmp
TargetID:	3
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	677000
Size:	4096

Details

Name:	00000000.00000002.751804069.0000000004200000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4200000
Size:	40960

Details

Name:	00000000.00000002.749861625.00000000002F0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2F0000
Size:	4096

Details

Name:	00000000.00000003.403149172.0000000007290000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	7290000
Size:	4096

Details

Name:	00000000.00000003.403015672.00000000072D0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	72D0000
Size:	12288

Details

Name:	00000007.00000000.748569414.000000007EFB2000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000000.00000002.750380298.0000000003170000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3170000
Size:	65536

Details

Name:	00000007.00000002.750147799.0000000002087000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	2087000
Size:	2043904

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000000.00000002.749870143.0000000000310000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	310000
Size:	20480

Details

Name:	00000000.00000002.762668392.0000000006CBE000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6CBE000
Size:	8192

Details

Name:	00000000.00000003.541897220.0000000007890000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	7890000
Size:	4096

Details

Name:	00000000.00000002.750181210.0000000001DBE000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1DBE000
Size:	4096

Details

Name:	00000000.00000002.763317624.0000000007730000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	7730000
Size:	32768

Details

Name:	00000000.00000002.749915493.0000000000375000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	375000
Size:	20480

Details

Name:	00000000.00000003.403133552.00000000072A0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	72A0000
Size:	12288

Details

Name:	00000006.00000000.584147787.000000007EFB2000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000000.00000003.537531973.00000000059B9000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	59B9000
Size:	90112

Details

Name:	00000000.00000003.540108158.0000000007B30000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	stack
Protect:	page read and write
Base address:	7B30000
Size:	4096

Details

Name:	00000000.00000002.751648716.00000000041B2000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	41B2000
Size:	8192

Details

Name:	00000000.00000003.534805716.0000000007EE5000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	7EE5000
Size:	135168

Details

Name:	00000004.00000002.746240880.00000000001E7000.00000004.00000020.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	1E7000
Size:	4096

Details

Name:	00000000.00000002.762522737.0000000006C27000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	6C27000
Size:	8192

Details

Name:	00000004.00000002.746285051.000007FFFFFB0000.00000002.00020000.sdmp
TargetID:	4
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFB0000
Size:	4096

Details

Name:	00000007.00000002.750446977.000000007EFB0000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB0000
Size:	4096

Details

Name:	00000000.00000003.539882295.0000000004EF1000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	4EF1000
Size:	4096

Details

Name:	00000000.00000002.761340145.000000000598A000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	598A000
Size:	12288

Details

Name:	00000007.00000000.748162108.000000007EFC2000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC2000
Size:	4096

Details

Name:	00000006.00000000.585266795.000000007EFB2000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFB2000
Size:	4096

Details

Name:	00000000.00000002.750068478.000000000054D000.00000004.00000020.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	54D000
Size:	208896

Details

Name:	00000000.00000003.534850170.0000000007F70000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	7F70000
Size:	868352

Details

Name:	00000000.00000002.763494844.0000000065300000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	65300000
Size:	155648

Details

Name:	00000000.00000002.751658224.00000000041B5000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	41B5000
Size:	8192

Details

Name:	00000007.00000002.750397967.000000006E479000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	6E479000
Size:	73728

Details

Name:	00000006.00000000.585754971.000000007EFC0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000000.00000002.749945236.00000000003D0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3D0000
Size:	65536

Details

Name:	00000000.00000003.403191564.0000000007290000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	7290000
Size:	4096

Details

Name:	00000000.00000003.534822647.0000000007F22000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	7F22000
Size:	135168

Details

Name:	00000000.00000003.535014406.0000000007B50000.00000004.00000010.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	stack
Protect:	page read and write
Base address:	7B50000
Size:	110592

Details

Name:	00000000.00000002.763208539.0000000007404000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	7404000
Size:	8192

Details

Name:	00000000.00000002.750726256.000000000342C000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	342C000
Size:	4096

Details

Name:	00000000.00000000.401222489.000007FFFFFB0000.00000002.00020000.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFFFFB0000
Size:	4096

Details

Name:	00000000.00000003.403224130.00000000072B0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	72B0000
Size:	4096

Details

Name:	00000000.00000003.540144949.0000000000153000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	153000
Size:	28672

Details

Name:	00000006.00000000.584689512.0000000000050000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	50000
Size:	16384

Details

Name:	00000000.00000002.759352975.0000000004EDF000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4EDF000
Size:	73728

Details

Name:	00000000.00000002.750552587.0000000003400000.00000004.00020000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	3400000
Size:	8192

Details

Name:	00000000.00000002.759365952.0000000004F07000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	4F07000
Size:	4096

Details

Name:	00000000.00000002.760628414.00000000058C0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	58C0000
Size:	16384

Details

Name:	00000000.00000002.761785627.00000000059B1000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	59B1000
Size:	28672

Details

Name:	00000007.00000002.750367288.000000006E440000.00000002.00020000.sdmp
TargetID:	7
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	6E440000
Size:	4096

Details

Name:	00000000.00000002.750425707.00000000032B0000.00000004.00000001.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	32B0000
Size:	28672

Details

Name:	00000006.00000000.584999821.000000007EFC0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7EFC0000
Size:	4096

Details

Name:	00000000.00000002.762586840.0000000006C30000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	6C30000
Size:	4096

Details

Name:	00000000.00000002.750593515.0000000003420000.00000004.00000040.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	3420000
Size:	20480

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report

Files

Processes

URLs

Domains

IPs

Registry

Memdumps