Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\System32\WScript.exe" "D:\ico\invoice#00976.vbs"
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2A55866C000
|
heap
|
page read and write
|
||
|
2A558667000
|
heap
|
page read and write
|
||
|
2A558673000
|
heap
|
page read and write
|
||
|
2A558570000
|
heap
|
page read and write
|
||
|
C8DC3FE000
|
stack
|
page read and write
|
||
|
2A558490000
|
heap
|
page read and write
|
||
|
2A558667000
|
heap
|
page read and write
|
||
|
2A558673000
|
heap
|
page read and write
|
||
|
2A55866D000
|
heap
|
page read and write
|
||
|
C8DC5FF000
|
stack
|
page read and write
|
||
|
2A5585C5000
|
heap
|
page read and write
|
||
|
2A55BAB0000
|
heap
|
page read and write
|
||
|
2A558630000
|
heap
|
page read and write
|
||
|
2A558670000
|
heap
|
page read and write
|
||
|
2A55A000000
|
heap
|
page read and write
|
||
|
2A5585C0000
|
heap
|
page read and write
|
||
|
2A558699000
|
heap
|
page read and write
|
||
|
2A558651000
|
heap
|
page read and write
|
||
|
2A5585CC000
|
heap
|
page read and write
|
||
|
2A55867C000
|
heap
|
page read and write
|
||
|
C8DC2FE000
|
stack
|
page read and write
|
||
|
2A558695000
|
heap
|
page read and write
|
||
|
C8DBF7A000
|
stack
|
page read and write
|
||
|
2A55BBD0000
|
trusted library allocation
|
page read and write
|
||
|
2A558699000
|
heap
|
page read and write
|
||
|
2A558673000
|
heap
|
page read and write
|
||
|
2A55865F000
|
heap
|
page read and write
|
||
|
2A55A004000
|
heap
|
page read and write
|
||
|
2A558638000
|
heap
|
page read and write
|
||
|
2A55C3D0000
|
heap
|
page read and write
|
||
|
2A558699000
|
heap
|
page read and write
|
||
|
2A558590000
|
heap
|
page read and write
|
||
|
2A55864C000
|
heap
|
page read and write
|
There are 23 hidden memdumps, click here to show them.