Automated Malware Analysis IOC Report for

Details

Name:	00000006.00000002.22646307055.000000001DF31000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF31000
Size:	638976

Signature Hits	Behavior Group	Mitre Attack
Yara detected AgentTesla	Stealing of Sensitive Information, Remote Access Functionality
AV process strings found (often used to terminate AV products)	Lowering of HIPS / PFW / Operating System Security Settings	Security Software Discovery
Yara detected Credential Stealer	Stealing of Sensitive Information
URLs found in memory or binary data	Networking

Details

Name:	00000006.00000000.21615424247.0000000000E10000.00000040.00000001.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	E10000
Size:	102400

Signature Hits	Behavior Group	Mitre Attack
Found malware configuration	AV Detection
Yara detected GuLoader	Data Obfuscation

Details

Name:	00000006.00000002.22647530025.000000001EF59000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1EF59000
Size:	155648

Details

Name:	00000001.00000002.21867312888.0000000000424000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	424000
Size:	4096

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	00000006.00000003.21921017279.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21944135354.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000001.00000002.21868475949.0000000002370000.00000004.00000040.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2370000
Size:	8192

Details

Name:	00000006.00000003.21923051964.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22646094670.000000001DEE0000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1DEE0000
Size:	12288

Details

Name:	00000006.00000003.21922554242.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21857052718.0000000020265000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20265000
Size:	8192

Details

Name:	00000006.00000002.22648761247.00000000201EE000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	201EE000
Size:	4096

Details

Name:	00000006.00000003.21945654339.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	8192

Details

Name:	00000005.00000000.21610968450.000000007F220000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F220000
Size:	4096

Details

Name:	00000006.00000002.22649578697.0000000020400000.00000040.00000040.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page execute and read and write
Base address:	20400000
Size:	4096

Details

Name:	00000005.00000000.21611045928.000000007F240000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F240000
Size:	12288

Details

Name:	00000006.00000003.21928497697.0000000000B40000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	B40000
Size:	65536

Details

Name:	00000006.00000003.21945986665.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000001.00000002.21868574710.0000000002C50000.00000004.00000040.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2C50000
Size:	4096

Details

Name:	00000006.00000003.21947016680.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21945228740.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21927899951.0000000000B41000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	B41000
Size:	8192

Details

Name:	00000006.00000000.21613840150.0000000000BF0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	BF0000
Size:	4096

Details

Name:	00000006.00000002.22647295645.000000001DFE3000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1DFE3000
Size:	49152

Details

Name:	00000006.00000002.22647430903.000000001DFF6000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1DFF6000
Size:	20480

Details

Name:	00000006.00000000.21615318987.0000000000BE0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	BE0000
Size:	16384

Details

Name:	00000006.00000002.22645339707.000000001DCC7000.00000004.00000010.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	1DCC7000
Size:	36864

Details

Name:	00000006.00000000.21613384669.000000007F7E0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F7E0000
Size:	4096

Details

Name:	00000005.00000000.21610434595.000000007F240000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F240000
Size:	12288

Details

Name:	00000001.00000002.21867818187.0000000000A10000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	A10000
Size:	32768

Details

Name:	00000006.00000000.21614365204.0000000000BF0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	BF0000
Size:	4096

Details

Name:	00000006.00000002.22646248138.000000001DF10000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	1DF10000
Size:	16384

Details

Name:	00000001.00000000.21401379983.000000007FFB0000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFB0000
Size:	4096

Details

Name:	00000006.00000002.22646006933.000000001DED0000.00000040.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	1DED0000
Size:	65536

Details

Name:	00000006.00000003.21929939441.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21857557745.0000000020260000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20260000
Size:	16384

Details

Name:	00000006.00000003.21930863549.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000001.00000000.21401090183.0000000000400000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	400000
Size:	4096

Details

Name:	00000006.00000003.21931491049.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21929057195.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22645727076.000000001DD26000.00000040.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	1DD26000
Size:	8192

Details

Name:	00000001.00000002.21869694639.0000000003239000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3239000
Size:	24576

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000005.00000000.21608347502.000000007F222000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F222000
Size:	4096

Details

Name:	00000001.00000003.21420395405.000000001D2F1000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1D2F1000
Size:	49152

Details

Name:	00000006.00000002.22646284455.000000001DF20000.00000040.00000040.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page execute and read and write
Base address:	1DF20000
Size:	4096

Details

Name:	00000001.00000002.21866941034.00000000001A0000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	1A0000
Size:	16384

Details

Name:	00000005.00000000.21610324807.000000007F222000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F222000
Size:	4096

Details

Name:	00000005.00000000.21609362737.00000000005A0000.00000004.00000001.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	5A0000
Size:	4096

Details

Name:	00000001.00000000.21401450195.000000007FFC0000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFC0000
Size:	4096

Details

Name:	00000006.00000003.21926334845.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000000.21612282271.000000007F7E2000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F7E2000
Size:	4096

Details

Name:	00000006.00000002.22648870367.00000000201FD000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	201FD000
Size:	4096

Details

Name:	00000006.00000002.22638217437.0000000001830000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	1830000
Size:	4096

Details

Name:	00000006.00000003.21849485274.000000001DF1A000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF1A000
Size:	24576

Details

Name:	00000005.00000002.21611526209.0000000000590000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	590000
Size:	4096

Details

Name:	00000006.00000003.21944264207.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22645131769.000000001D8DD000.00000004.00000010.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	1D8DD000
Size:	12288

Details

Name:	00000006.00000003.21926457162.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21943537725.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21924259449.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21858279045.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	131072

Details

Name:	00000006.00000003.21928732953.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	8192

Details

Name:	00000001.00000002.21867048383.00000000001F0000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	1F0000
Size:	4096

Details

Name:	00000006.00000000.21615782341.000000007F800000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F800000
Size:	12288

Details

Name:	00000006.00000000.21613677498.0000000000A80000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	A80000
Size:	118784

Details

Name:	00000006.00000003.21943270292.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21855679889.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	24576

Details

Name:	00000001.00000003.21612365332.00000000001D4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1D4000
Size:	4096

Details

Name:	00000006.00000002.22636419576.0000000000B7C000.00000004.00000010.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	B7C000
Size:	16384

Details

Name:	00000006.00000003.21944482993.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22644440444.000000001CD50000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD50000
Size:	4096

Details

Name:	00000006.00000003.21852821299.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	16384

Details

Name:	00000006.00000003.21846371652.000000001FFEC000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1FFEC000
Size:	65536

Details

Name:	00000006.00000002.22637235107.0000000000FC3000.00000004.00000020.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	FC3000
Size:	12288

Details

Name:	00000006.00000002.22646128611.000000001DEF0000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1DEF0000
Size:	65536

Details

Name:	00000006.00000003.21856189350.0000000020268000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20268000
Size:	20480

Details

Name:	00000001.00000002.21868597689.0000000002C70000.00000004.00000040.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2C70000
Size:	4096

Details

Name:	00000006.00000003.21930706155.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21850139918.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	28672

Details

Name:	00000006.00000002.22636456396.0000000000BBE000.00000004.00000010.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	BBE000
Size:	8192

Details

Name:	00000006.00000003.21853892949.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	20480

Details

Name:	00000006.00000003.21925473816.0000000000B00000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	B00000
Size:	16384

Details

Name:	00000006.00000003.21854250023.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	16384

Details

Name:	00000006.00000003.21847137283.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	16384

Details

Name:	00000006.00000003.21923286375.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21920950779.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22636564268.0000000000E27000.00000040.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	E27000
Size:	8192

Details

Name:	00000006.00000003.21945381779.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22638624948.0000000002C99000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2C99000
Size:	24576

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000006.00000002.22649523715.00000000203AE000.00000004.00000010.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	203AE000
Size:	8192

Details

Name:	00000006.00000003.21929872224.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21855793815.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	65536

Details

Name:	00000006.00000002.22637286634.0000000000FCA000.00000004.00000020.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	FCA000
Size:	40960

Details

Name:	00000006.00000003.21847330086.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	16384

Details

Name:	00000006.00000002.22644981132.000000001D71E000.00000004.00000010.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	1D71E000
Size:	8192

Details

Name:	00000006.00000003.21922196873.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21854683548.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	53248

Details

Name:	00000006.00000003.21854511306.000000002000F000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2000F000
Size:	106496

Details

Name:	00000006.00000003.21857612254.0000000020265000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20265000
Size:	8192

Details

Name:	00000006.00000003.21847788362.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	16384

Details

Name:	00000006.00000002.22647078192.000000001DFD1000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1DFD1000
Size:	28672

Details

Name:	00000006.00000003.21922392668.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000000.21614431576.000000007F7F0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F7F0000
Size:	4096

Details

Name:	00000006.00000003.21944354912.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000001.00000002.21868038979.00000000021C0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	21C0000
Size:	4096

Details

Name:	00000006.00000002.22648143991.000000002006A000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2006A000
Size:	98304

Details

Name:	00000006.00000002.22636120657.0000000000A70000.00000004.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	A70000
Size:	4096

Details

Name:	00000006.00000003.21855606020.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	20480

Details

Name:	00000006.00000003.21922118730.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21852736786.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	28672

Details

Name:	00000006.00000003.21856621634.0000000020260000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20260000
Size:	16384

Details

Name:	00000006.00000002.22650786558.000000007F680000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F680000
Size:	20480

Details

Name:	00000006.00000002.22650902516.000000007F7F2000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F7F2000
Size:	4096

Details

Name:	00000006.00000003.21946330968.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22638049938.00000000014B0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	14B0000
Size:	32768

Details

Name:	00000006.00000003.21856673412.0000000020265000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20265000
Size:	8192

Details

Name:	00000006.00000003.21942808302.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22648618823.00000000201D4000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	201D4000
Size:	4096

Details

Name:	00000006.00000003.21924426280.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21856955945.0000000020265000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20265000
Size:	8192

Details

Name:	00000006.00000003.21921438065.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22649149914.000000002022E000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2022E000
Size:	8192

Details

Name:	00000006.00000003.21847251562.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	24576

Details

Name:	00000006.00000003.21929406828.0000000000BC0000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	BC0000
Size:	16384

Details

Name:	00000006.00000002.22644587288.000000001CFE0000.00000004.00000040.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	1CFE0000
Size:	16384

Details

Name:	00000006.00000003.21931210147.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21929675282.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21923132404.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21926377139.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21926780126.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22648983620.0000000020210000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	20210000
Size:	65536

Details

Name:	00000006.00000002.22637787747.0000000001041000.00000004.00000020.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	1041000
Size:	20480

Details

Name:	00000006.00000003.21919830271.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21854882888.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	28672

Details

Name:	00000006.00000003.21945471168.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	8192

Details

Name:	00000006.00000003.21926086838.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21924935718.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21923357644.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000000.21614473187.000000007F800000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F800000
Size:	12288

Details

Name:	00000006.00000003.21931032733.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21856442971.0000000020260000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20260000
Size:	16384

Details

Name:	00000006.00000003.21857095158.0000000020260000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20260000
Size:	16384

Details

Name:	00000006.00000003.21945567703.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22645917966.000000001DD80000.00000004.00000040.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	1DD80000
Size:	4096

Details

Name:	00000006.00000003.21946899466.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	8192

Details

Name:	00000006.00000003.21927852059.0000000000B41000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	B41000
Size:	8192

Details

Name:	00000006.00000003.21856074442.0000000020260000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20260000
Size:	12288

Details

Name:	00000006.00000003.21849743499.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	65536

Details

Name:	00000001.00000002.21868329212.0000000002310000.00000004.00000040.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2310000
Size:	8192

Details

Name:	00000006.00000003.21850378953.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	28672

Details

Name:	00000006.00000003.22247857910.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21928696936.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22648645559.00000000201D6000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	201D6000
Size:	4096

Details

Name:	00000006.00000000.21613893775.000000007F7F0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F7F0000
Size:	4096

Details

Name:	00000006.00000003.21926619933.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21851978218.000000001DF16000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF16000
Size:	16384

Details

Name:	00000006.00000003.22130078038.0000000000BD0000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	BD0000
Size:	20480

Details

Name:	00000006.00000003.21926041273.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000005.00000000.21608150587.0000000000420000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	420000
Size:	118784

Details

Name:	00000001.00000000.21401518646.000000007FFD0000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFD0000
Size:	12288

Details

Name:	00000006.00000002.22645532764.000000001DD0D000.00000040.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	1DD0D000
Size:	4096

Details

Name:	00000005.00000000.21610194247.0000000000580000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	580000
Size:	16384

Details

Name:	00000006.00000003.21923628623.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21943784058.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21922230267.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22644918471.000000001D6AE000.00000004.00000010.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	1D6AE000
Size:	8192

Details

Name:	00000006.00000003.21846929986.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	45056

Details

Name:	00000006.00000003.21849562860.0000000020250000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20250000
Size:	36864

Details

Name:	00000006.00000002.22637850136.0000000001050000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	1050000
Size:	4096

Details

Name:	00000006.00000003.21922713443.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21928769282.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000005.00000000.21610245581.0000000000590000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	590000
Size:	4096

Details

Name:	00000006.00000002.22647247642.000000001DFE0000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1DFE0000
Size:	8192

Details

Name:	00000006.00000003.21857708978.0000000020265000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20265000
Size:	8192

Details

Name:	00000006.00000003.21851708278.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	45056

Details

Name:	00000006.00000003.21929150013.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000000.21613927612.000000007F800000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F800000
Size:	12288

Details

Name:	00000006.00000003.21945426231.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21847507236.000000001DF15000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF15000
Size:	8192

Details

Name:	00000006.00000003.21924677604.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21922516942.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000001.00000002.21867863654.0000000000C11000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	C11000
Size:	12288

Details

Name:	00000006.00000003.21858159342.0000000020280000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20280000
Size:	20480

Details

Name:	00000006.00000003.22248083161.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21922310809.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21923819113.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000001.00000002.21867120301.0000000000400000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	400000
Size:	4096

Details

Name:	00000006.00000003.21944874062.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	8192

Details

Name:	00000006.00000003.21930954438.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21929366769.0000000000BC0000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	BC0000
Size:	8192

Details

Name:	00000006.00000003.21921790627.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21923667938.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21926925079.0000000000B20000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	B20000
Size:	20480

Details

Name:	00000006.00000003.21922079627.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21856715571.0000000020260000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20260000
Size:	16384

Details

Name:	00000006.00000003.22247714867.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21943470650.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21928272126.0000000000B50000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	B50000
Size:	12288

Details

Name:	00000006.00000003.21921316279.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21855545309.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	16384

Details

Name:	00000006.00000003.21850652846.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	16384

Details

Name:	00000006.00000003.21856013111.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	20480

Details

Name:	00000006.00000003.21946794895.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000001.00000002.21867701691.000000000068E000.00000004.00000010.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	68E000
Size:	8192

Details

Name:	00000006.00000003.21926416175.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21928803681.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000005.00000002.21611441786.0000000000580000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	580000
Size:	16384

Details

Name:	00000006.00000003.21848765863.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	57344

Details

Name:	00000006.00000003.22247786395.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21920423705.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21929474604.0000000000BC0000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	BC0000
Size:	12288

Details

Name:	00000006.00000003.21853168757.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	16384

Details

Name:	00000006.00000002.22647728660.000000001FFD2000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1FFD2000
Size:	245760

Details

Name:	00000006.00000003.21923165827.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000001.00000002.21867722644.000000000078F000.00000004.00000010.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	78F000
Size:	4096

Details

Name:	00000006.00000002.22645024685.000000001D81E000.00000004.00000010.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	1D81E000
Size:	8192

Details

Name:	00000006.00000003.21927951510.0000000000B40000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	B40000
Size:	12288

Details

Name:	00000006.00000003.21924329516.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21928873840.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	8192

Details

Name:	00000006.00000003.21856766905.0000000020265000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20265000
Size:	8192

Details

Name:	00000006.00000002.22648542826.00000000201CE000.00000004.00000010.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	201CE000
Size:	8192

Details

Name:	00000001.00000002.21867739041.00000000007CE000.00000004.00000010.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7CE000
Size:	8192

Details

Name:	00000006.00000003.21944675012.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21855190159.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	24576

Details

Name:	00000006.00000003.21850585702.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	16384

Details

Name:	00000006.00000003.21947160343.0000000000BC0000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	BC0000
Size:	12288

Details

Name:	00000006.00000002.22644832866.000000001D56E000.00000004.00000010.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	1D56E000
Size:	8192

Details

Name:	00000006.00000003.21930208778.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21857656179.0000000020260000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20260000
Size:	16384

Details

Name:	00000006.00000003.21856141138.0000000020260000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20260000
Size:	28672

Details

Name:	00000006.00000003.21857142508.0000000020265000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20265000
Size:	8192

Details

Name:	00000006.00000003.21944829098.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21943868194.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	8192

Details

Name:	00000006.00000000.21613455854.000000007F800000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F800000
Size:	12288

Details

Name:	00000006.00000002.22650929258.000000007F800000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F800000
Size:	12288

Details

Name:	00000006.00000002.22644516754.000000001CFCE000.00000004.00000010.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	1CFCE000
Size:	8192

Details

Name:	00000006.00000003.21852180025.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	16384

Details

Name:	00000006.00000003.21850229133.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	16384

Details

Name:	00000006.00000003.21856529124.0000000020260000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20260000
Size:	16384

Details

Name:	00000006.00000002.22649601862.0000000020410000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	20410000
Size:	925696

Details

Name:	00000006.00000003.21923744734.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22644872996.000000001D5AE000.00000004.00000010.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	1D5AE000
Size:	8192

Details

Name:	00000006.00000003.21920010829.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000001.00000000.21401125559.0000000000401000.00000020.00020000.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page execute read
Base address:	401000
Size:	135168

Details

Name:	00000006.00000003.21923900395.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21926260442.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21925697394.0000000000AF0000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AF0000
Size:	12288

Details

Name:	00000006.00000002.22636516425.0000000000BF0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	BF0000
Size:	4096

Details

Name:	00000001.00000000.21401413906.000000007FFB2000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFB2000
Size:	4096

Details

Name:	00000006.00000002.22636537249.0000000000CFD000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	CFD000
Size:	8192

Details

Name:	00000006.00000003.21924360053.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22637871216.0000000001060000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	1060000
Size:	8192

Details

Name:	00000006.00000003.21945940025.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21844755399.0000000001033000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1033000
Size:	4096

Details

Name:	00000001.00000002.21867431114.000000000051D000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	51D000
Size:	65536

Details

Name:	00000006.00000003.21919424399.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	208896

Details

Name:	00000006.00000003.21945127009.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22648596770.00000000201D2000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	201D2000
Size:	4096

Details

Name:	00000006.00000003.21928006999.0000000000B40000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	B40000
Size:	12288

Details

Name:	00000005.00000000.21609325217.0000000000590000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	590000
Size:	4096

Details

Name:	00000006.00000003.21853964473.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	16384

Details

Name:	00000006.00000002.22637983988.0000000001260000.00000004.00000040.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	1260000
Size:	16384

Details

Name:	00000006.00000000.21612319667.000000007F7F2000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F7F2000
Size:	4096

Details

Name:	00000006.00000000.21612934560.000000007F800000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F800000
Size:	12288

Details

Name:	00000006.00000003.21856400322.0000000020268000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20268000
Size:	16384

Details

Name:	00000006.00000003.21942895044.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21853845190.000000001DF15000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF15000
Size:	8192

Details

Name:	00000006.00000003.21924976258.0000000000AF1000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AF1000
Size:	8192

Details

Name:	00000006.00000000.21615700743.000000007F7F0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F7F0000
Size:	4096

Details

Name:	00000006.00000003.21924559067.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21847199303.000000001DF15000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF15000
Size:	8192

Details

Name:	00000006.00000003.21929014921.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	8192

Details

Name:	00000006.00000003.21854362250.0000000020029000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20029000
Size:	16384

Details

Name:	00000006.00000002.22636994763.0000000000F95000.00000004.00000020.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	F95000
Size:	20480

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000006.00000002.22636332311.0000000000AA0000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	AA0000
Size:	4096

Details

Name:	00000006.00000003.21855578239.000000001DF15000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF15000
Size:	8192

Details

Name:	00000001.00000002.21868557400.0000000002BC0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2BC0000
Size:	4096

Details

Name:	00000006.00000002.22649492108.00000000202BD000.00000004.00000010.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	202BD000
Size:	12288

Details

Name:	00000006.00000003.21922939101.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000001.00000002.21875569143.000000001D2F0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1D2F0000
Size:	4096

Details

Name:	00000006.00000003.21852384215.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	16384

Details

Name:	00000006.00000003.21854832652.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	28672

Details

Name:	00000006.00000002.22648571344.00000000201D0000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	201D0000
Size:	4096

Details

Name:	00000006.00000003.21928218876.0000000000B41000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	B41000
Size:	12288

Details

Name:	00000006.00000003.21855486711.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	16384

Details

Name:	00000006.00000002.22648702554.00000000201E4000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	201E4000
Size:	12288

Details

Name:	00000006.00000003.21852886741.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	16384

Details

Name:	00000006.00000002.22648006368.000000002000F000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2000F000
Size:	114688

Details

Name:	00000006.00000003.21852045291.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	16384

Details

Name:	00000006.00000003.21924806808.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21857807039.0000000020265000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20265000
Size:	8192

Details

Name:	00000006.00000003.21854794654.000000001DF15000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF15000
Size:	12288

Details

Name:	00000001.00000002.21868147428.0000000002230000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	2230000
Size:	16384

Details

Name:	00000006.00000003.21944623284.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21856902951.0000000020260000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20260000
Size:	16384

Details

Name:	00000006.00000002.22647472756.000000001EF31000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1EF31000
Size:	32768

Details

Name:	00000006.00000003.21946468386.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21945756605.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21924715330.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000001.00000002.21868523702.0000000002AC0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2AC0000
Size:	16384

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	00000006.00000003.21833373247.000000001DA40000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DA40000
Size:	4096

Details

Name:	00000006.00000002.22645425164.000000001DCF0000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1DCF0000
Size:	8192

Details

Name:	00000006.00000003.21848887494.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	16384

Details

Name:	00000006.00000003.21929803257.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000005.00000000.21610910710.0000000000580000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	580000
Size:	16384

Details

Name:	00000006.00000002.22644737702.000000001D42E000.00000004.00000010.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	1D42E000
Size:	8192

Details

Name:	00000006.00000003.21920071536.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21920242953.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21845733777.000000000102F000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	102F000
Size:	16384

Details

Name:	00000001.00000002.21867138817.0000000000401000.00000020.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page execute read
Base address:	401000
Size:	135168

Details

Name:	00000006.00000003.21921610272.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000000.21613911857.000000007F7F2000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F7F2000
Size:	4096

Details

Name:	00000006.00000003.21946091012.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21929235392.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21930552158.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21946756053.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	8192

Details

Name:	00000006.00000003.21925763947.0000000000AF0000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AF0000
Size:	12288

Details

Name:	00000006.00000003.21856107211.0000000020264000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20264000
Size:	12288

Details

Name:	00000006.00000003.21855058558.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	16384

Details

Name:	00000006.00000003.21926846751.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000001.00000002.21868655171.0000000003080000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	3080000
Size:	925696

Details

Name:	00000006.00000000.21613198109.0000000000A80000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	A80000
Size:	118784

Details

Name:	00000006.00000003.21847850891.000000001DF15000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF15000
Size:	8192

Details

Name:	00000006.00000002.22650879280.000000007F7F0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F7F0000
Size:	4096

Details

Name:	00000006.00000003.21930491704.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000001.00000002.21866613000.0000000000010000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	10000
Size:	4096

Details

Name:	00000006.00000003.21923544283.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21928168886.0000000000B41000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	B41000
Size:	8192

Details

Name:	00000006.00000003.21852451365.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	16384

Details

Name:	00000001.00000002.21869664727.0000000003200000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3200000
Size:	12288

Details

Name:	00000006.00000002.22637364540.0000000000FD8000.00000004.00000020.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	FD8000
Size:	32768

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000006.00000003.21946138225.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21850880456.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	16384

Details

Name:	00000005.00000000.21609397366.000000007F220000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F220000
Size:	4096

Details

Name:	00000006.00000002.22645506579.000000001DD04000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD04000
Size:	4096

Details

Name:	00000001.00000003.21420522863.00000000001D4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1D4000
Size:	4096

Details

Name:	00000006.00000003.21947106683.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21926715338.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000001.00000002.21868232892.0000000002269000.00000004.00000040.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2269000
Size:	24576

Details

Name:	00000006.00000003.21855972881.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	16384

Details

Name:	00000006.00000003.21924160393.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21850071557.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	16384

Details

Name:	00000006.00000003.21923091539.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000005.00000002.21611737651.000000007F240000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F240000
Size:	12288

Details

Name:	00000001.00000002.21867067228.00000000002F0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2F0000
Size:	12288

Details

Name:	00000006.00000000.21614388422.000000007F7E0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F7E0000
Size:	4096

Details

Name:	00000006.00000003.21920183074.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000005.00000000.21609074004.0000000000420000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	420000
Size:	118784

Details

Name:	00000006.00000003.21944784460.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21923980737.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000000.21613811226.0000000000BE0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	BE0000
Size:	16384

Details

Name:	00000006.00000003.21857420853.0000000020265000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20265000
Size:	8192

Details

Name:	00000006.00000003.21925288184.0000000000AF1000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AF1000
Size:	12288

Details

Name:	00000006.00000000.21612898292.000000007F7F0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F7F0000
Size:	4096

Details

Name:	00000006.00000003.21926002287.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22648783837.00000000201F1000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	201F1000
Size:	8192

Details

Name:	00000006.00000003.21853721258.0000000020250000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20250000
Size:	24576

Details

Name:	00000006.00000003.21849013070.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	20480

Details

Name:	00000005.00000002.21611685335.000000007F232000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F232000
Size:	4096

Details

Name:	00000005.00000000.21609510365.000000007F232000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F232000
Size:	4096

Details

Name:	00000006.00000002.22645289549.000000001DBCA000.00000004.00000010.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	1DBCA000
Size:	24576

Details

Name:	00000006.00000003.21921081236.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21946652589.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000001.00000002.21867333197.0000000000500000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	500000
Size:	4096

Details

Name:	00000006.00000003.21944094726.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21850013159.000000001DF15000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF15000
Size:	8192

Details

Name:	00000006.00000000.21612115706.0000000000A80000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	A80000
Size:	118784

Details

Name:	00000006.00000003.21931284467.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21847676681.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	16384

Details

Name:	00000006.00000002.22645255491.000000001DB7E000.00000004.00000010.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	1DB7E000
Size:	8192

Details

Name:	00000006.00000003.21930270941.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21927512599.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21857371333.0000000020260000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20260000
Size:	16384

Details

Name:	00000006.00000003.21945281745.0000000000BC1000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	BC1000
Size:	53248

Details

Name:	00000006.00000000.21613364890.0000000000BF0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	BF0000
Size:	4096

Details

Name:	00000006.00000002.22636377269.0000000000B20000.00000040.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	B20000
Size:	24576

Details

Name:	00000006.00000000.21612261799.000000007F7E0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F7E0000
Size:	4096

Details

Name:	00000006.00000003.21928062337.0000000000B40000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	B40000
Size:	12288

Details

Name:	00000006.00000003.21853522590.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	16384

Details

Name:	00000006.00000003.21849143810.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	49152

Details

Name:	00000001.00000000.21401483854.000000007FFC2000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFC2000
Size:	4096

Details

Name:	00000005.00000000.21610288156.000000007F220000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F220000
Size:	4096

Details

Name:	00000006.00000003.21925797793.0000000000AF0000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AF0000
Size:	16384

Details

Name:	00000006.00000002.22637171459.0000000000FB9000.00000004.00000020.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	FB9000
Size:	24576

Details

Name:	00000006.00000003.21922270970.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22636737249.0000000000F58000.00000004.00000020.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	F58000
Size:	237568

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery
URLs found in memory or binary data	Networking

Details

Name:	00000001.00000002.21867528044.0000000000534000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	534000
Size:	131072

Details

Name:	00000006.00000003.21924747637.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21929190334.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	8192

Details

Name:	00000006.00000003.21926198272.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000000.21613876925.000000007F7E2000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F7E2000
Size:	4096

Details

Name:	00000006.00000003.21923424927.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21858043131.0000000020280000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20280000
Size:	24576

Details

Name:	00000006.00000003.21846562827.000000001FFE9000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1FFE9000
Size:	12288

Details

Name:	00000006.00000003.21852316693.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	16384

Details

Name:	00000006.00000003.21930337436.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22649418693.0000000020270000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	20270000
Size:	49152

Details

Name:	00000006.00000003.21943673772.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	8192

Details

Name:	00000006.00000002.22645887204.000000001DD7E000.00000004.00000010.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	1DD7E000
Size:	8192

Details

Name:	00000006.00000003.21925553216.0000000000B00000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	B00000
Size:	16384

Details

Name:	00000006.00000000.21614410055.000000007F7E2000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F7E2000
Size:	4096

Details

Name:	00000006.00000002.22636695872.0000000000F50000.00000004.00000020.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	F50000
Size:	24576

Details

Name:	00000006.00000003.21854430350.000000002002E000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	2002E000
Size:	28672

Details

Name:	00000001.00000002.21875793727.000000007FFC0000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFC0000
Size:	4096

Details

Name:	00000006.00000002.22637343434.0000000000FD5000.00000004.00000020.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	FD5000
Size:	4096

Details

Name:	00000006.00000003.21943192020.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21930407833.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21945801963.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21946584240.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21931426628.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21840084981.000000000102E000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	102E000
Size:	8192

Details

Name:	00000006.00000002.22647197065.000000001DFDC000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1DFDC000
Size:	12288

Details

Name:	00000006.00000003.21921937201.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21854176215.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	20480

Details

Name:	00000005.00000002.21611648603.000000007F230000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F230000
Size:	4096

Details

Name:	00000006.00000003.21931357585.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21928656696.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000001.00000002.21867099533.00000000002F4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2F4000
Size:	4096

Details

Name:	00000006.00000003.21925213330.0000000000AF0000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AF0000
Size:	16384

Details

Name:	00000006.00000003.21928442864.0000000000B50000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	B50000
Size:	12288

Details

Name:	00000006.00000003.21920656790.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22637827481.000000000104E000.00000004.00000020.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	104E000
Size:	4096

Details

Name:	00000006.00000003.21931624374.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21857849229.0000000020260000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20260000
Size:	16384

Details

Name:	00000006.00000003.21856860476.0000000020265000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20265000
Size:	8192

Details

Name:	00000001.00000002.21866867096.000000000009A000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	9A000
Size:	24576

Details

Name:	00000006.00000002.22649551834.00000000203EE000.00000004.00000010.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	203EE000
Size:	8192

Details

Name:	00000006.00000003.21944220365.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000001.00000002.21867292253.0000000000422000.00000004.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	422000
Size:	8192

Details

Name:	00000001.00000002.21868062957.00000000021D0000.00000020.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute read
Base address:	21D0000
Size:	40960

Details

Name:	00000006.00000002.22637264870.0000000000FC7000.00000004.00000020.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	FC7000
Size:	4096

Details

Name:	00000006.00000003.21833332644.000000001DA40000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DA40000
Size:	4096

Details

Name:	00000006.00000002.22645400777.000000001DCD0000.00000004.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	1DCD0000
Size:	4096

Details

Name:	00000006.00000003.22129999272.0000000000BD1000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	BD1000
Size:	8192

Details

Name:	00000006.00000003.21944177132.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21855517933.000000001DF15000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF15000
Size:	8192

Details

Name:	00000001.00000002.21868618173.0000000002C80000.00000004.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	2C80000
Size:	16384

Details

Name:	00000006.00000003.21944051799.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21644194070.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	49152

Details

Name:	00000006.00000003.21855753139.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	20480

Details

Name:	00000006.00000000.21615745108.000000007F7F2000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F7F2000
Size:	4096

Details

Name:	00000006.00000003.21852952807.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	20480

Details

Name:	00000006.00000003.21855719793.000000001DF17000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF17000
Size:	16384

Details

Name:	00000005.00000000.21608383497.000000007F230000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F230000
Size:	4096

Details

Name:	00000006.00000003.21924515430.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21923510815.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22650829487.000000007F7E0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F7E0000
Size:	4096

Details

Name:	00000006.00000003.21928947840.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000005.00000000.21610397818.000000007F232000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F232000
Size:	4096

Details

Name:	00000006.00000003.22248236390.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22645175344.000000001D9DC000.00000004.00000010.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	1D9DC000
Size:	16384

Details

Name:	00000006.00000003.21847908310.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	28672

Details

Name:	00000006.00000003.21922678564.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22645944497.000000001DE8F000.00000004.00000010.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	1DE8F000
Size:	4096

Details

Name:	00000005.00000000.21610773922.0000000000420000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	420000
Size:	118784

Details

Name:	00000006.00000003.21924104403.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22649269359.0000000020240000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	20240000
Size:	65536

Details

Name:	00000006.00000003.21855272177.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	40960

Details

Name:	00000006.00000002.22649128199.0000000020228000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	20228000
Size:	4096

Details

Name:	00000006.00000003.21925012470.0000000000AF1000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AF1000
Size:	12288

Details

Name:	00000006.00000003.21930071228.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21925319684.0000000000AF0000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AF0000
Size:	20480

Details

Name:	00000006.00000003.21925870236.0000000000AF0000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AF0000
Size:	32768

Details

Name:	00000006.00000002.22645642172.000000001DD1D000.00000040.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	1DD1D000
Size:	8192

Details

Name:	00000006.00000003.21850526527.000000001DF15000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF15000
Size:	12288

Details

Name:	00000006.00000003.21928384879.0000000000B50000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	B50000
Size:	12288

Details

Name:	00000006.00000003.21849661447.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	16384

Details

Name:	00000001.00000002.21866646453.0000000000020000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	20000
Size:	4096

Details

Name:	00000006.00000003.21946614887.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	8192

Details

Name:	00000006.00000003.21848690546.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	20480

Details

Name:	00000006.00000003.21922747543.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21927282614.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21853350949.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	16384

Details

Name:	00000001.00000002.21875745372.000000007FFB2000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFB2000
Size:	4096

Details

Name:	00000006.00000003.21856290510.0000000020260000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20260000
Size:	32768

Details

Name:	00000006.00000003.21945176774.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	8192

Details

Name:	00000006.00000003.21851339554.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	20480

Details

Name:	00000006.00000003.21946545793.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21855894193.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	57344

Details

Name:	00000006.00000002.22645758629.000000001DD2A000.00000040.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	1DD2A000
Size:	4096

Details

Name:	00000006.00000003.21946865259.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21851594919.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	45056

Details

Name:	00000006.00000000.21613402826.000000007F7E2000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F7E2000
Size:	4096

Details

Name:	00000006.00000002.22645673751.000000001DD20000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD20000
Size:	4096

Details

Name:	00000001.00000002.21868304444.0000000002300000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	2300000
Size:	8192

Details

Name:	00000006.00000002.22644673887.000000001CFE7000.00000004.00000040.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	1CFE7000
Size:	8192

Details

Name:	00000005.00000000.21611008410.000000007F230000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F230000
Size:	4096

Details

Name:	00000001.00000002.21867397408.0000000000519000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	519000
Size:	12288

Details

Name:	00000006.00000003.21851116740.0000000020251000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20251000
Size:	61440

Details

Name:	00000006.00000003.21925392685.0000000000AF0000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AF0000
Size:	16384

Details

Name:	00000006.00000000.21614451211.000000007F7F2000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F7F2000
Size:	4096

Details

Name:	00000006.00000003.21945078157.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21851254462.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	28672

Details

Name:	00000006.00000003.21924190697.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22650707404.000000002116E000.00000004.00000010.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2116E000
Size:	8192

Details

Name:	00000006.00000003.21853406311.000000001DF15000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF15000
Size:	8192

Details

Name:	00000006.00000003.21923213579.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21857461972.0000000020260000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20260000
Size:	16384

Details

Name:	00000006.00000003.21924840545.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000000.21612336566.000000007F800000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F800000
Size:	12288

Details

Name:	00000006.00000003.21925359712.0000000000AF0000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AF0000
Size:	12288

Details

Name:	00000006.00000002.22645557121.000000001DD10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD10000
Size:	8192

Details

Name:	00000006.00000003.21854108447.000000001DF17000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF17000
Size:	16384

Details

Name:	00000006.00000003.21942973494.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	8192

Details

Name:	00000006.00000002.22645221062.000000001DA7E000.00000004.00000010.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	1DA7E000
Size:	8192

Details

Name:	00000006.00000003.21857899521.0000000020265000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20265000
Size:	8192

Details

Name:	00000006.00000002.22638019326.0000000001470000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1470000
Size:	12288

Details

Name:	00000006.00000003.21929524973.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21845391885.0000000000FEC000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	FEC000
Size:	290816

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000006.00000003.21924778121.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22650761984.000000007F620000.00000040.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	7F620000
Size:	4096

Details

Name:	00000006.00000003.21946940812.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21847444305.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	16384

Details

Name:	00000006.00000002.22650678414.000000002106E000.00000004.00000010.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2106E000
Size:	8192

Details

Name:	00000006.00000003.21923388761.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000005.00000000.21611027406.000000007F232000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F232000
Size:	4096

Details

Name:	00000006.00000002.22636653249.0000000000F30000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	F30000
Size:	4096

Details

Name:	00000006.00000000.21615379110.0000000000BF0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	BF0000
Size:	4096

Details

Name:	00000006.00000003.21927742843.0000000000B40000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	B40000
Size:	16384

Details

Name:	00000006.00000003.21944579691.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21925598694.0000000000AF0000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AF0000
Size:	65536

Details

Name:	00000006.00000003.21854760092.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	16384

Details

Name:	00000006.00000003.21943916444.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21844798524.0000000000FDF000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	FDF000
Size:	49152

Details

Name:	00000005.00000002.21611570767.000000007F220000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F220000
Size:	4096

Details

Name:	00000006.00000003.21921549495.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000000.21613331595.0000000000BE0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	BE0000
Size:	16384

Details

Name:	00000006.00000003.21946373840.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21928983202.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21848544004.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	65536

Details

Name:	00000001.00000002.21875890509.000000007FFD0000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFD0000
Size:	12288

Details

Name:	00000006.00000003.21945896178.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21925971665.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21924590687.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22647029701.000000001DFCE000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1DFCE000
Size:	8192

Details

Name:	00000006.00000003.21847737179.000000001DF15000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF15000
Size:	8192

Details

Name:	00000006.00000003.21844916674.0000000000FEC000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	FEC000
Size:	290816

Details

Name:	00000006.00000000.21614336239.0000000000BE0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	BE0000
Size:	16384

Details

Name:	00000005.00000000.21609474256.000000007F230000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F230000
Size:	4096

Details

Name:	00000001.00000002.21875623357.000000007FE50000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FE50000
Size:	20480

Details

Name:	00000006.00000003.21858096928.0000000020290000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20290000
Size:	40960

Details

Name:	00000006.00000003.21944397387.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21846514126.000000001FFFD000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1FFFD000
Size:	8192

Details

Name:	00000006.00000003.21930004945.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000005.00000000.21610948275.0000000000590000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	590000
Size:	4096

Details

Name:	00000005.00000000.21610361564.000000007F230000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F230000
Size:	4096

Details

Name:	00000006.00000002.22637033624.0000000000F9B000.00000004.00000020.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	F9B000
Size:	118784

Details

Name:	00000006.00000003.21923252424.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21833287790.000000001DA40000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DA40000
Size:	4096

Details

Name:	00000005.00000000.21609546297.000000007F240000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F240000
Size:	12288

Details

Name:	00000006.00000003.22247631321.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21852246836.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	16384

Details

Name:	00000006.00000000.21612682983.0000000000A80000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	A80000
Size:	118784

Details

Name:	00000001.00000002.21866909238.000000000019C000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	19C000
Size:	16384

Details

Name:	00000001.00000002.21869632814.0000000003170000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	3170000
Size:	4096

Signature Hits	Behavior Group	Mitre Attack
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)	Malware Analysis System Evasion	Security Software Discovery
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000006.00000000.21615623873.000000007F7E0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F7E0000
Size:	4096

Details

Name:	00000006.00000003.21922902531.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22645587493.000000001DD13000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD13000
Size:	28672

Details

Name:	00000006.00000003.21946689939.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21850974511.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	57344

Details

Name:	00000006.00000003.21943960425.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.22248008963.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000005.00000000.21609985588.0000000000420000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	420000
Size:	118784

Details

Name:	00000006.00000003.21848221126.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	32768

Details

Name:	00000006.00000003.21946184850.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22647150840.000000001DFD9000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1DFD9000
Size:	8192

Details

Name:	00000006.00000003.21854034693.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	24576

Details

Name:	00000006.00000003.21852522084.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	65536

Details

Name:	00000006.00000003.21943603798.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22645456862.000000001DD00000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD00000
Size:	4096

Details

Name:	00000006.00000003.21921703988.0000000000AA0000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AA0000
Size:	4096

Details

Name:	00000006.00000003.21927006082.0000000000B20000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	B20000
Size:	53248

Details

Name:	00000005.00000000.21608452585.000000007F240000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F240000
Size:	12288

Details

Name:	00000005.00000000.21609268128.0000000000580000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	580000
Size:	16384

Details

Name:	00000005.00000002.21611608294.000000007F222000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F222000
Size:	4096

Details

Name:	00000006.00000003.21921376928.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22645972260.000000001DECD000.00000004.00000010.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	1DECD000
Size:	12288

Details

Name:	00000006.00000003.21855023121.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	16384

Details

Name:	00000006.00000003.21855096726.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	28672

Details

Name:	00000006.00000000.21612862189.000000007F7E0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F7E0000
Size:	4096

Details

Name:	00000006.00000003.21856234155.0000000020260000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20260000
Size:	32768

Details

Name:	00000006.00000000.21613439284.000000007F7F2000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F7F2000
Size:	4096

Details

Name:	00000006.00000002.22645809479.000000001DD32000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD32000
Size:	4096

Details

Name:	00000006.00000003.21852662782.0000000020250000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20250000
Size:	24576

Details

Name:	00000006.00000003.21928836431.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21923863229.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21927345973.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21923703172.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22645859023.000000001DD3B000.00000040.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	1DD3B000
Size:	4096

Details

Name:	00000006.00000003.21923325711.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22647391270.000000001DFF0000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1DFF0000
Size:	20480

Details

Name:	00000006.00000003.21847560838.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	16384

Details

Name:	00000006.00000003.21853453738.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	20480

Details

Name:	00000006.00000003.21922157089.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000001.00000002.21866712346.0000000000040000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	40000
Size:	118784

Details

Name:	00000006.00000003.21857513867.0000000020265000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20265000
Size:	8192

Details

Name:	00000006.00000003.21850724457.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	28672

Details

Name:	00000006.00000003.21923592976.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22649079310.0000000020220000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	20220000
Size:	28672

Details

Name:	00000006.00000003.21944534897.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21850294029.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	28672

Details

Name:	00000006.00000002.22637213261.0000000000FC0000.00000004.00000020.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	FC0000
Size:	4096

Details

Name:	00000001.00000002.21868018073.0000000000DA0000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	DA0000
Size:	4096

Details

Name:	00000006.00000003.21852113280.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	16384

Details

Name:	00000006.00000000.21612300864.000000007F7F0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F7F0000
Size:	4096

Details

Name:	00000006.00000003.21848319485.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	28672

Details

Name:	00000001.00000002.21867025764.00000000001E0000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	1E0000
Size:	4096

Details

Name:	00000001.00000002.21868126991.00000000021F0000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	21F0000
Size:	4096

Details

Name:	00000001.00000003.21608619961.00000000001D4000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1D4000
Size:	4096

Details

Name:	00000006.00000003.21923778302.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21946036582.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	8192

Details

Name:	00000006.00000003.21946830271.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21925051702.0000000000AF1000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AF1000
Size:	16384

Details

Name:	00000006.00000002.22648814425.00000000201F6000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	201F6000
Size:	4096

Details

Name:	00000006.00000002.22645835781.000000001DD37000.00000040.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	1DD37000
Size:	4096

Details

Name:	00000006.00000003.22247937737.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21857327442.0000000020265000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20265000
Size:	8192

Details

Name:	00000006.00000000.21612880083.000000007F7E2000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F7E2000
Size:	4096

Details

Name:	00000006.00000002.22650603185.0000000020E2D000.00000004.00000010.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	20E2D000
Size:	12288

Details

Name:	00000006.00000003.21851515560.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	20480

Details

Name:	00000006.00000003.21923020850.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21928912681.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21925515409.0000000000B00000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	B00000
Size:	16384

Details

Name:	00000006.00000003.21943336134.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000005.00000000.21609435072.000000007F222000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F222000
Size:	4096

Details

Name:	00000006.00000003.21946279979.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21845352184.0000000000FEA000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	FEA000
Size:	4096

Details

Name:	00000006.00000003.21922984705.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22637957801.000000000120E000.00000004.00000010.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	120E000
Size:	8192

Details

Name:	00000006.00000003.21857235580.0000000020265000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20265000
Size:	8192

Details

Name:	00000001.00000002.21868278192.0000000002270000.00000004.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	2270000
Size:	8192

Details

Name:	00000006.00000003.21921864214.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22648897512.0000000020202000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	20202000
Size:	8192

Details

Name:	00000006.00000003.21920770685.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21922808084.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21920361447.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22636353629.0000000000B10000.00000040.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	B10000
Size:	8192

Details

Name:	00000006.00000003.21925730412.0000000000AF1000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AF1000
Size:	12288

Details

Name:	00000001.00000000.21400870483.0000000000040000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	40000
Size:	118784

Details

Name:	00000006.00000003.21924028033.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21946231037.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	8192

Details

Name:	00000006.00000003.21945609852.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22636674277.0000000000F40000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	F40000
Size:	4096

Details

Name:	00000001.00000002.21867798664.0000000000A0F000.00000004.00000010.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	A0F000
Size:	4096

Details

Name:	00000006.00000003.21851412427.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	40960

Details

Name:	00000006.00000002.22636003141.0000000000A50000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	A50000
Size:	4096

Details

Name:	00000006.00000003.21925256652.0000000000AF1000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AF1000
Size:	8192

Details

Name:	00000006.00000000.21615117392.0000000000A80000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	A80000
Size:	118784

Details

Name:	00000006.00000003.21924873330.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21943401688.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	8192

Details

Name:	00000006.00000002.22644786965.000000001D46E000.00000004.00000010.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	1D46E000
Size:	8192

Details

Name:	00000006.00000002.22637414137.0000000000FE2000.00000004.00000020.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	FE2000
Size:	352256

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000006.00000003.21850810555.000000001DF18000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF18000
Size:	20480

Details

Name:	00000006.00000002.22649354151.0000000020260000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	20260000
Size:	36864

Details

Name:	00000006.00000003.21857754226.0000000020260000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20260000
Size:	16384

Details

Name:	00000006.00000003.21922642987.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21856810396.0000000020260000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20260000
Size:	16384

Details

Name:	00000006.00000003.21925173554.0000000000AF0000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AF0000
Size:	16384

Details

Name:	00000006.00000003.21922428421.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22645703139.000000001DD22000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD22000
Size:	4096

Details

Name:	00000006.00000003.21924389426.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22636175116.0000000000A80000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	A80000
Size:	118784

Details

Name:	00000006.00000003.21927406741.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000001.00000002.21875698155.000000007FFB0000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFB0000
Size:	4096

Details

Name:	00000006.00000003.21927166360.0000000000B30000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	B30000
Size:	16384

Details

Name:	00000006.00000003.21944005171.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21927682347.0000000000B40000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	B40000
Size:	16384

Details

Name:	00000006.00000003.21923464628.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21928329987.0000000000B50000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	B50000
Size:	12288

Details

Name:	00000001.00000002.21868184218.0000000002260000.00000004.00000040.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	2260000
Size:	28672

Details

Name:	00000001.00000002.21875842500.000000007FFC2000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7FFC2000
Size:	4096

Details

Name:	00000006.00000003.21855234545.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	16384

Details

Name:	00000006.00000003.21922347813.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21922473112.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000001.00000001.21401637069.0000000000400000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	image loaded
Regiontype:	unkown image
Protect:	page readonly
Base address:	400000
Size:	4096

Details

Name:	00000006.00000003.21922778464.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.22248308221.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21929737580.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21930146380.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22638103126.00000000016B0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	16B0000
Size:	73728

Details

Name:	00000006.00000003.21856486085.0000000020265000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20265000
Size:	12288

Details

Name:	00000006.00000000.21612828015.0000000000BF0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	BF0000
Size:	4096

Details

Name:	00000006.00000003.21857184167.0000000020260000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20260000
Size:	16384

Details

Name:	00000006.00000003.21924225405.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21930620419.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22638599340.0000000002C50000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2C50000
Size:	4096

Details

Name:	00000006.00000003.21944313103.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22637930252.0000000001150000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1150000
Size:	4096

Signature Hits	Behavior Group	Mitre Attack
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)	Malware Analysis System Evasion	Security Software Discovery
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery
URLs found in memory or binary data	Networking

Details

Name:	00000006.00000003.22248160913.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21930768873.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21944925073.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000001.00000002.21868499765.0000000002380000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2380000
Size:	4096

Details

Name:	00000006.00000003.21929574763.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22636482944.0000000000BE0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	BE0000
Size:	16384

Details

Name:	00000006.00000003.21855341797.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	65536

Details

Name:	00000006.00000003.21840176556.0000000000FE6000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	FE6000
Size:	20480

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000006.00000003.21849391272.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	36864

Details

Name:	00000006.00000003.21924905653.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000005.00000000.21610988356.000000007F222000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F222000
Size:	4096

Details

Name:	00000006.00000003.21943827193.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21925095758.0000000000AF1000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AF1000
Size:	12288

Details

Name:	00000006.00000003.21925138894.0000000000AF0000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AF0000
Size:	12288

Details

Name:	00000006.00000002.22636622134.0000000000F21000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	F21000
Size:	12288

Details

Name:	00000005.00000002.21611226056.0000000000420000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	420000
Size:	118784

Details

Name:	00000006.00000003.21847056092.0000000020230000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20230000
Size:	24576

Details

Name:	00000001.00000002.21868357471.0000000002320000.00000040.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2320000
Size:	102400

Details

Name:	00000006.00000002.22637895480.0000000001070000.00000004.00000020.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	1070000
Size:	16384

Details

Name:	00000006.00000000.21613858253.000000007F7E0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F7E0000
Size:	4096

Details

Name:	00000006.00000003.21927564510.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21922000311.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21945705823.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21925834856.0000000000AF1000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AF1000
Size:	8192

Details

Name:	00000006.00000003.21926123091.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22646219554.000000001DF00000.00000004.00000040.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap private
Protect:	page read and write
Base address:	1DF00000
Size:	4096

Details

Name:	00000006.00000000.21612915603.000000007F7F2000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F7F2000
Size:	4096

Details

Name:	00000006.00000003.21853237461.000000001DF15000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF15000
Size:	16384

Details

Name:	00000001.00000002.21867349882.0000000000510000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	510000
Size:	28672

Details

Name:	00000006.00000003.22248388056.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22648732758.00000000201E8000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	201E8000
Size:	4096

Details

Name:	00000006.00000002.22638238010.0000000001840000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	1840000
Size:	335872

Signature Hits	Behavior Group	Mitre Attack
May try to detect the Windows Explorer process (often used for injection)	HIPS / PFW / Operating System Protection Evasion	Process Injection Process Discovery

Details

Name:	00000001.00000002.21866679702.0000000000030000.00000004.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page read and write
Base address:	30000
Size:	4096

Details

Name:	00000006.00000000.21612798796.0000000000BE0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	BE0000
Size:	16384

Details

Name:	00000006.00000003.21923947649.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22648669097.00000000201DE000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	201DE000
Size:	12288

Details

Name:	00000006.00000003.21848953709.000000001DF15000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF15000
Size:	12288

Details

Name:	00000006.00000003.21853788277.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	16384

Details

Name:	00000006.00000003.21945520179.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21946978504.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22650853670.000000007F7E2000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F7E2000
Size:	4096

Details

Name:	00000006.00000003.21927463103.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21943730181.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21924475800.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21850463804.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	16384

Details

Name:	00000006.00000000.21612844471.0000000000E00000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown
Protect:	page read and write
Base address:	E00000
Size:	4096

Details

Name:	00000006.00000003.21857277182.0000000020260000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20260000
Size:	16384

Details

Name:	00000006.00000003.21924066265.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21849951548.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	16384

Details

Name:	00000006.00000003.21926160915.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21853588637.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	65536

Details

Name:	00000006.00000003.21855642074.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	16384

Details

Name:	00000006.00000003.21847393260.000000001DF15000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF15000
Size:	8192

Details

Name:	00000006.00000002.22650644174.000000002102C000.00000004.00000010.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2102C000
Size:	16384

Details

Name:	00000006.00000003.21946723726.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000001.00000003.21608507691.000000001D2F1000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1D2F1000
Size:	49152

Details

Name:	00000006.00000000.21613420945.000000007F7F0000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F7F0000
Size:	4096

Details

Name:	00000006.00000003.21851903784.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	20480

Details

Name:	00000006.00000003.21929105382.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22648846317.00000000201F9000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	201F9000
Size:	4096

Details

Name:	00000001.00000002.21866975023.00000000001C0000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	1C0000
Size:	4096

Details

Name:	00000006.00000003.21853031098.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	49152

Details

Name:	00000006.00000003.21848101404.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	36864

Details

Name:	00000006.00000002.22645089328.000000001D830000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1D830000
Size:	4096

Details

Name:	00000001.00000002.21866991339.00000000001D0000.00000004.00000020.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap default
Protect:	page read and write
Base address:	1D0000
Size:	20480

Details

Name:	00000006.00000003.21840136475.0000000000FDF000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	FDF000
Size:	4096

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000006.00000003.21840238765.0000000000FEC000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	FEC000
Size:	270336

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000006.00000003.21855422952.0000000020250000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20250000
Size:	45056

Details

Name:	00000006.00000002.22645782702.000000001DD30000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1DD30000
Size:	4096

Details

Name:	00000005.00000000.21608315836.000000007F220000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F220000
Size:	4096

Details

Name:	00000006.00000003.21920835521.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22636062960.0000000000A60000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	A60000
Size:	4096

Details

Name:	00000006.00000003.21851833450.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	16384

Details

Name:	00000001.00000002.21867896937.0000000000C20000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	C20000
Size:	73728

Details

Name:	00000006.00000003.21856578813.0000000020265000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20265000
Size:	8192

Details

Name:	00000006.00000000.21614186127.0000000000A80000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	A80000
Size:	118784

Details

Name:	00000006.00000002.22648268172.0000000020083000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	20083000
Size:	241664

Details

Name:	00000006.00000000.21615662329.000000007F7E2000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F7E2000
Size:	4096

Details

Name:	00000006.00000003.21854942257.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	57344

Details

Name:	00000006.00000003.21947057304.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	8192

Details

Name:	00000006.00000003.21855145999.000000001DF18000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF18000
Size:	24576

Details

Name:	00000006.00000003.21922868423.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21928114796.0000000000B40000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	B40000
Size:	12288

Details

Name:	00000006.00000003.21922837936.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21856348633.0000000020260000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20260000
Size:	28672

Details

Name:	00000006.00000002.22644957285.000000001D6D0000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	1D6D0000
Size:	4096

Details

Name:	00000005.00000000.21608418951.000000007F232000.00000002.00020000.sdmp
TargetID:	5
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	7F232000
Size:	4096

Details

Name:	00000006.00000002.22645484075.000000001DD03000.00000040.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	1DD03000
Size:	4096

Details

Name:	00000006.00000003.21926296855.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000002.22648925918.0000000020205000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	20205000
Size:	36864

Details

Name:	00000006.00000003.21856999864.0000000020260000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20260000
Size:	16384

Details

Name:	00000006.00000003.21855870076.0000000020250000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20250000
Size:	4096

Details

Name:	00000006.00000003.21931554224.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	8192

Details

Name:	00000006.00000003.21946419106.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	8192

Details

Name:	00000006.00000003.21920593940.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21849879798.0000000020250000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20250000
Size:	24576

Details

Name:	00000006.00000003.21925432718.0000000000AF0000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	AF0000
Size:	16384

Details

Name:	00000006.00000003.21644296164.0000000001074000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1074000
Size:	4096

Details

Name:	00000006.00000003.21931118896.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21849080733.000000001DF10000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF10000
Size:	20480

Details

Name:	00000001.00000000.21401344921.0000000000424000.00000002.00020000.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown image
Protect:	page readonly
Base address:	424000
Size:	4096

Details

Name:	00000001.00000002.21867682961.0000000000610000.00000004.00000001.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	610000
Size:	4096

Details

Name:	00000006.00000003.21944439211.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21858194008.0000000020286000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	20286000
Size:	40960

Details

Name:	00000006.00000002.22636602306.0000000000F10000.00000002.00020000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown image
Protect:	page readonly
Base address:	F10000
Size:	4096

Details

Name:	00000006.00000002.22649178895.0000000020230000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	20230000
Size:	61440

Details

Name:	00000006.00000003.21944721615.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	4096

Details

Name:	00000006.00000003.21927802922.0000000000B41000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	B41000
Size:	8192

Details

Name:	00000006.00000003.21945849121.000000001CD51000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1CD51000
Size:	8192

Details

Name:	00000001.00000002.21867757990.00000000008CF000.00000004.00000010.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	8CF000
Size:	4096

Details

Name:	00000001.00000002.21867778160.000000000090E000.00000004.00000010.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	90E000
Size:	8192

Details

Name:	00000006.00000003.21847623106.000000001DF15000.00000004.00000001.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	unkown
Protect:	page read and write
Base address:	1DF15000
Size:	8192

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report

Files

Processes

URLs

Domains

IPs

Registry

Memdumps