Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\b80aa0ad.dll"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\b80aa0ad.dll",#1
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\b80aa0ad.dll,boot_CryptX
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\b80aa0ad.dll",#1
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
21A7E2C5000
|
heap
|
page read and write
|
||
|
21A7E2B4000
|
heap
|
page read and write
|
||
|
21A7E297000
|
heap
|
page read and write
|
||
|
21A7E240000
|
heap
|
page read and write
|
||
|
21A7E2C0000
|
heap
|
page read and write
|
||
|
21A7E605000
|
heap
|
page read and write
|
||
|
24A57D04000
|
heap
|
page read and write
|
||
|
24A57D28000
|
heap
|
page read and write
|
||
|
24A57CFF000
|
heap
|
page read and write
|
||
|
24A57CE0000
|
heap
|
page read and write
|
||
|
24A57C70000
|
heap
|
page read and write
|
||
|
21A7E2BC000
|
heap
|
page read and write
|
||
|
21A7E2AB000
|
heap
|
page read and write
|
||
|
21A7E2B4000
|
heap
|
page read and write
|
||
|
24A57C30000
|
heap
|
page read and write
|
||
|
21A7E2B5000
|
heap
|
page read and write
|
||
|
904415F000
|
stack
|
page read and write
|
||
|
39EEA7E000
|
stack
|
page read and write
|
||
|
24A57CFA000
|
heap
|
page read and write
|
||
|
21A7E2B4000
|
heap
|
page read and write
|
||
|
904447F000
|
stack
|
page read and write
|
||
|
1C05B7F0000
|
heap
|
page read and write
|
||
|
21A7E230000
|
heap
|
page read and write
|
||
|
1C05B800000
|
heap
|
page read and write
|
||
|
70488FE000
|
stack
|
page read and write
|
||
|
1C05B899000
|
heap
|
page read and write
|
||
|
1C05B890000
|
heap
|
page read and write
|
||
|
21A7E2D8000
|
heap
|
page read and write
|
||
|
24A5B4B0000
|
trusted library allocation
|
page read and write
|
||
|
70489FF000
|
stack
|
page read and write
|
||
|
24A57C80000
|
heap
|
page read and write
|
||
|
21A00110000
|
heap
|
page read and write
|
||
|
90441DE000
|
stack
|
page read and write
|
||
|
39EEAFF000
|
stack
|
page read and write
|
||
|
21A7E2AB000
|
heap
|
page read and write
|
||
|
24A5AFF0000
|
heap
|
page read and write
|
||
|
24A57D16000
|
heap
|
page read and write
|
||
|
24A59790000
|
heap
|
page read and write
|
||
|
24A57CF7000
|
heap
|
page read and write
|
||
|
21A7E600000
|
heap
|
page read and write
|
||
|
24A5B023000
|
heap
|
page read and write
|
||
|
21A7E2DC000
|
heap
|
page read and write
|
||
|
21A7E2D1000
|
heap
|
page read and write
|
||
|
24A57D1B000
|
heap
|
page read and write
|
||
|
24A57CFA000
|
heap
|
page read and write
|
||
|
24A5B020000
|
heap
|
page read and write
|
||
|
7048AFF000
|
stack
|
page read and write
|
||
|
21A00140000
|
heap
|
page read and write
|
||
|
24A57D1B000
|
heap
|
page read and write
|
||
|
24A57D20000
|
heap
|
page read and write
|
||
|
1C05B89D000
|
heap
|
page read and write
|
||
|
24A57D00000
|
heap
|
page read and write
|
||
|
39EE79A000
|
stack
|
page read and write
|
||
|
90440DA000
|
stack
|
page read and write
|
||
|
704856B000
|
stack
|
page read and write
|
||
|
21A7E290000
|
heap
|
page read and write
|
||
|
24A57CE8000
|
heap
|
page read and write
|
||
|
21A00143000
|
heap
|
page read and write
|
||
|
21A7E60B000
|
heap
|
page read and write
|
||
|
21A7E29E000
|
heap
|
page read and write
|
||
|
21A7E260000
|
heap
|
page read and write
|
||
|
21A7E2AF000
|
heap
|
page read and write
|
||
|
21A01860000
|
trusted library allocation
|
page read and write
|
||
|
24A57C40000
|
heap
|
page read and write
|
||
|
24A57D0B000
|
heap
|
page read and write
|
||
|
1C05B8A8000
|
heap
|
page read and write
|
||
|
24A57C75000
|
heap
|
page read and write
|
||
|
24A57C7B000
|
heap
|
page read and write
|
||
|
24A57D10000
|
heap
|
page read and write
|
||
|
21A02060000
|
heap
|
page read and write
|
There are 60 hidden memdumps, click here to show them.