Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll32.exe
|
loaddll32.exe "C:\Users\user\Desktop\ZlucX8xpYB.dll"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\ZlucX8xpYB.dll",#1
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\ZlucX8xpYB.dll",#1
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
313A000
|
heap
|
page read and write
|
||
|
495F000
|
stack
|
page read and write
|
||
|
4C0F000
|
stack
|
page read and write
|
||
|
2E68000
|
heap
|
page read and write
|
||
|
2E68000
|
heap
|
page read and write
|
||
|
2E70000
|
heap
|
page read and write
|
||
|
6450000
|
heap
|
page read and write
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
30CE000
|
stack
|
page read and write
|
||
|
2BFC000
|
stack
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
6460000
|
heap
|
page read and write
|
||
|
2E40000
|
heap
|
page read and write
|
||
|
A6E000
|
stack
|
page read and write
|
||
|
1040000
|
heap
|
page read and write
|
||
|
2E7E000
|
heap
|
page read and write
|
||
|
2F90000
|
heap
|
page read and write
|
||
|
2E6D000
|
heap
|
page read and write
|
||
|
6AD000
|
stack
|
page read and write
|
||
|
491E000
|
stack
|
page read and write
|
||
|
2E73000
|
heap
|
page read and write
|
||
|
2E60000
|
heap
|
page read and write
|
||
|
AEE000
|
stack
|
page read and write
|
||
|
A10000
|
heap
|
page read and write
|
||
|
310E000
|
stack
|
page read and write
|
||
|
2E73000
|
heap
|
page read and write
|
||
|
F0F000
|
stack
|
page read and write
|
||
|
2E85000
|
heap
|
page read and write
|
||
|
6524000
|
heap
|
page read and write
|
||
|
7AD000
|
stack
|
page read and write
|
||
|
3136000
|
heap
|
page read and write
|
||
|
2BB9000
|
stack
|
page read and write
|
||
|
B4F000
|
heap
|
page read and write
|
||
|
2E60000
|
heap
|
page read and write
|
||
|
3130000
|
heap
|
page read and write
|
||
|
2E68000
|
heap
|
page read and write
|
||
|
6520000
|
heap
|
page read and write
|
||
|
B4B000
|
heap
|
page read and write
|
||
|
4C4F000
|
stack
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
68B0000
|
trusted library allocation
|
page read and write
|
||
|
2E64000
|
heap
|
page read and write
|
||
|
2F60000
|
heap
|
page read and write
|
||
|
E0F000
|
stack
|
page read and write
|
||
|
2E73000
|
heap
|
page read and write
|
||
|
2F70000
|
heap
|
page read and write
|
||
|
2E4A000
|
heap
|
page read and write
|
There are 37 hidden memdumps, click here to show them.