Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\e3f6uu0uqV.exe
|
"C:\Users\user\Desktop\e3f6uu0uqV.exe"
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
s-part-0017.t-0009.t-msedge.net
|
13.107.246.45
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
681000
|
unkown
|
page execute read
|
||
|
F10000
|
heap
|
page read and write
|
||
|
950000
|
heap
|
page read and write
|
||
|
67D000
|
stack
|
page read and write
|
||
|
99E000
|
stack
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
A5A000
|
heap
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
D4F000
|
stack
|
page read and write
|
||
|
79E000
|
stack
|
page read and write
|
||
|
680000
|
unkown
|
page readonly
|
||
|
C4E000
|
stack
|
page read and write
|
||
|
93E000
|
stack
|
page read and write
|
||
|
A5E000
|
heap
|
page read and write
|
||
|
686000
|
unkown
|
page readonly
|
||
|
7AE000
|
stack
|
page read and write
|
||
|
680000
|
unkown
|
page readonly
|
||
|
683000
|
unkown
|
page readonly
|
||
|
685000
|
unkown
|
page write copy
|
||
|
681000
|
unkown
|
page execute read
|
||
|
685000
|
unkown
|
page read and write
|
||
|
683000
|
unkown
|
page readonly
|
||
|
686000
|
unkown
|
page readonly
|
There are 14 hidden memdumps, click here to show them.