Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\notepad.exe
|
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\user\Desktop\License free.txt
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.freepik.com/terms_of_use
|
unknown
|
||
|
http://www.freepik.com
|
unknown
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2F17E310000
|
heap
|
page read and write
|
||
|
2F17E34F000
|
heap
|
page read and write
|
||
|
2F17FE60000
|
heap
|
page read and write
|
||
|
2F17FBF0000
|
trusted library allocation
|
page read and write
|
||
|
2F17E34B000
|
heap
|
page read and write
|
||
|
2F17FC10000
|
heap
|
page read and write
|
||
|
FF5BCFF000
|
stack
|
page read and write
|
||
|
FF5BA78000
|
stack
|
page read and write
|
||
|
2F17FD35000
|
heap
|
page read and write
|
||
|
2F17E230000
|
heap
|
page read and write
|
||
|
2F17E350000
|
heap
|
page read and write
|
||
|
2F17FD30000
|
heap
|
page read and write
|
||
|
2F17E150000
|
heap
|
page read and write
|
||
|
2F101D50000
|
trusted library allocation
|
page read and write
|
||
|
FF5BBFE000
|
stack
|
page read and write
|
||
|
2F17E320000
|
heap
|
page read and write
|
||
|
2F17E270000
|
heap
|
page read and write
|
||
|
2F17E342000
|
heap
|
page read and write
|
||
|
2F17FC30000
|
heap
|
page read and write
|
||
|
2F17FD3C000
|
heap
|
page read and write
|
||
|
2F17E348000
|
heap
|
page read and write
|
||
|
2F17FC33000
|
heap
|
page read and write
|
||
|
2F17E318000
|
heap
|
page read and write
|
||
|
2F17E368000
|
heap
|
page read and write
|
||
|
2F17E38D000
|
heap
|
page read and write
|
||
|
2F17E34B000
|
heap
|
page read and write
|
There are 16 hidden memdumps, click here to show them.