Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\svcmsi_32.dll.dll"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\svcmsi_32.dll.dll",#1
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\svcmsi_32.dll.dll,StartAction
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\svcmsi_32.dll.dll",#1
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\svcmsi_32.dll.dll",StartAction
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1E7BF000000
|
heap
|
page read and write
|
||
|
1DB93800000
|
heap
|
page read and write
|
||
|
DB3B87D000
|
stack
|
page read and write
|
||
|
1E7BD790000
|
heap
|
page read and write
|
||
|
1DB939E0000
|
heap
|
page read and write
|
||
|
1DB93BB0000
|
heap
|
page read and write
|
||
|
1C8FB7F000
|
stack
|
page read and write
|
||
|
20E811D0000
|
heap
|
page read and write
|
||
|
1E7BD689000
|
heap
|
page read and write
|
||
|
1DB93B80000
|
heap
|
page read and write
|
||
|
1E7BD560000
|
heap
|
page read and write
|
||
|
1E7BD7A0000
|
heap
|
page read and write
|
||
|
20E80F10000
|
heap
|
page read and write
|
||
|
1965C690000
|
heap
|
page read and write
|
||
|
1E7BD698000
|
heap
|
page read and write
|
||
|
12ED1FD000
|
stack
|
page read and write
|
||
|
769BF6E000
|
stack
|
page read and write
|
||
|
1965ABB0000
|
heap
|
page read and write
|
||
|
769BFED000
|
stack
|
page read and write
|
||
|
1965ABB7000
|
heap
|
page read and write
|
||
|
1DB93BB5000
|
heap
|
page read and write
|
||
|
DB3B8FE000
|
stack
|
page read and write
|
||
|
1965AAD0000
|
heap
|
page read and write
|
||
|
20E80ED0000
|
heap
|
page read and write
|
||
|
20E80EF0000
|
heap
|
page read and write
|
||
|
1965AAF0000
|
heap
|
page read and write
|
||
|
12ECD1C000
|
stack
|
page read and write
|
||
|
1E7BD790000
|
heap
|
page read and write
|
||
|
1DB93900000
|
heap
|
page read and write
|
||
|
1E7BD68D000
|
heap
|
page read and write
|
||
|
1DB93A00000
|
heap
|
page read and write
|
||
|
20E811D5000
|
heap
|
page read and write
|
||
|
12ED0FF000
|
stack
|
page read and write
|
||
|
20E80F18000
|
heap
|
page read and write
|
||
|
1C8FBFE000
|
stack
|
page read and write
|
||
|
20E80EC0000
|
heap
|
page read and write
|
||
|
1965AE85000
|
heap
|
page read and write
|
||
|
DB3B97F000
|
stack
|
page read and write
|
||
|
1DB93808000
|
heap
|
page read and write
|
||
|
1965ABBE000
|
heap
|
page read and write
|
||
|
1965A9F0000
|
heap
|
page read and write
|
||
|
20E82AC0000
|
heap
|
page read and write
|
||
|
1E7BD680000
|
heap
|
page read and write
|
||
|
769BEEC000
|
stack
|
page read and write
|
||
|
1E7BD640000
|
heap
|
page read and write
|
||
|
1965AE80000
|
heap
|
page read and write
|
||
|
DB3B5FC000
|
stack
|
page read and write
|
||
|
1C8FAFC000
|
stack
|
page read and write
|
There are 38 hidden memdumps, click here to show them.