Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll32.exe
|
loaddll32.exe "C:\Users\user\Desktop\FBO3NVXcYu.dll"
|
 |
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\FBO3NVXcYu.dll,FreeLibraryMemoryAndExitThread
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\FBO3NVXcYu.dll",#1
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\FBO3NVXcYu.dll,NtUnloadDllMemoryAndExitThread
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\FBO3NVXcYu.dll",FreeLibraryMemoryAndExitThread
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\FBO3NVXcYu.dll",NtUnloadDllMemoryAndExitThread
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\FBO3NVXcYu.dll",#1
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
6D1B7000
|
unkown
|
page write copy
|
||
|
B6C000
|
stack
|
page read and write
|
||
|
6D1B8000
|
unkown
|
page read and write
|
||
|
6D121000
|
unkown
|
page execute read
|
||
|
2EB000
|
stack
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
6D120000
|
unkown
|
page readonly
|
||
|
3180000
|
heap
|
page read and write
|
||
|
2D90000
|
heap
|
page read and write
|
||
|
4970000
|
heap
|
page read and write
|
||
|
34C0000
|
heap
|
page read and write
|
||
|
2DB0000
|
heap
|
page read and write
|
||
|
FA4000
|
heap
|
page read and write
|
||
|
6D120000
|
unkown
|
page readonly
|
||
|
6D1B6000
|
unkown
|
page read and write
|
||
|
6D120000
|
unkown
|
page readonly
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
2CEB000
|
stack
|
page read and write
|
||
|
6D121000
|
unkown
|
page execute read
|
||
|
2D4C000
|
stack
|
page read and write
|
||
|
2C9C000
|
stack
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
390000
|
heap
|
page read and write
|
||
|
32C000
|
stack
|
page read and write
|
||
|
F7E000
|
stack
|
page read and write
|
||
|
6D1BB000
|
unkown
|
page readonly
|
||
|
6D1A0000
|
unkown
|
page readonly
|
||
|
6D1B6000
|
unkown
|
page read and write
|
||
|
6D120000
|
unkown
|
page readonly
|
||
|
6D1B8000
|
unkown
|
page read and write
|
||
|
2CA0000
|
heap
|
page read and write
|
||
|
321A000
|
heap
|
page read and write
|
||
|
6D1A0000
|
unkown
|
page readonly
|
||
|
6D1A0000
|
unkown
|
page readonly
|
||
|
2D10000
|
heap
|
page read and write
|
||
|
2DC0000
|
heap
|
page read and write
|
||
|
30F0000
|
heap
|
page read and write
|
||
|
6D1B3000
|
unkown
|
page write copy
|
||
|
6D1A0000
|
unkown
|
page readonly
|
||
|
6D1B3000
|
unkown
|
page write copy
|
||
|
6D1B3000
|
unkown
|
page write copy
|
||
|
2D0B000
|
stack
|
page read and write
|
||
|
4B30000
|
heap
|
page read and write
|
||
|
EFC000
|
stack
|
page read and write
|
||
|
3A0000
|
heap
|
page read and write
|
||
|
6D1B8000
|
unkown
|
page read and write
|
||
|
F8B000
|
heap
|
page read and write
|
||
|
6D1B3000
|
unkown
|
page write copy
|
||
|
33D0000
|
heap
|
page read and write
|
||
|
6D1B8000
|
unkown
|
page read and write
|
||
|
6D1BB000
|
unkown
|
page readonly
|
||
|
3130000
|
heap
|
page read and write
|
||
|
2EDB000
|
stack
|
page read and write
|
||
|
134F000
|
stack
|
page read and write
|
||
|
31DA000
|
heap
|
page read and write
|
||
|
F3E000
|
stack
|
page read and write
|
||
|
6D1B7000
|
unkown
|
page write copy
|
||
|
6D1BB000
|
unkown
|
page readonly
|
||
|
3210000
|
heap
|
page read and write
|
||
|
6D1B8000
|
unkown
|
page read and write
|
||
|
6D1BB000
|
unkown
|
page readonly
|
||
|
6D121000
|
unkown
|
page execute read
|
||
|
43A0000
|
heap
|
page read and write
|
||
|
2D00000
|
heap
|
page read and write
|
||
|
6D1BB000
|
unkown
|
page readonly
|
||
|
4D90000
|
heap
|
page read and write
|
||
|
6D1B3000
|
unkown
|
page write copy
|
||
|
2C5B000
|
stack
|
page read and write
|
||
|
3460000
|
heap
|
page read and write
|
||
|
6D1B6000
|
unkown
|
page read and write
|
||
|
2F80000
|
heap
|
page read and write
|
||
|
6D121000
|
unkown
|
page execute read
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
6D1B7000
|
unkown
|
page write copy
|
||
|
2DA0000
|
heap
|
page read and write
|
||
|
6D1B7000
|
unkown
|
page write copy
|
||
|
31D0000
|
heap
|
page read and write
|
||
|
33E0000
|
heap
|
page read and write
|
||
|
2F1C000
|
stack
|
page read and write
|
||
|
2D20000
|
heap
|
page read and write
|
||
|
2D2C000
|
stack
|
page read and write
|
||
|
2FE0000
|
heap
|
page read and write
|
||
|
6D1B6000
|
unkown
|
page read and write
|
||
|
6D120000
|
unkown
|
page readonly
|
||
|
318A000
|
heap
|
page read and write
|
||
|
6D1A0000
|
unkown
|
page readonly
|
||
|
2BB0000
|
heap
|
page read and write
|
||
|
F8F000
|
heap
|
page read and write
|
||
|
29BA000
|
heap
|
page read and write
|
||
|
124F000
|
stack
|
page read and write
|
||
|
6D121000
|
unkown
|
page execute read
|
||
|
6D1B6000
|
unkown
|
page read and write
|
||
|
2D9A000
|
heap
|
page read and write
|
||
|
2F90000
|
heap
|
page read and write
|
||
|
2D90000
|
heap
|
page read and write
|
||
|
6D1B7000
|
unkown
|
page write copy
|
||
|
29B0000
|
heap
|
page read and write
|
||
|
760000
|
heap
|
page read and write
|
||
|
30E0000
|
heap
|
page read and write
|
There are 89 hidden memdumps, click here to show them.