Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll32.exe
|
loaddll32.exe "C:\Users\user\Desktop\raw.exe.dll"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\raw.exe.dll",#1
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\raw.exe.dll",#1
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
31B0000
|
heap
|
page read and write
|
||
|
312E000
|
stack
|
page read and write
|
||
|
2FF9000
|
heap
|
page read and write
|
||
|
7CE000
|
stack
|
page read and write
|
||
|
B3E000
|
stack
|
page read and write
|
||
|
316E000
|
stack
|
page read and write
|
||
|
60D000
|
stack
|
page read and write
|
||
|
2FFC000
|
heap
|
page read and write
|
||
|
AFF000
|
stack
|
page read and write
|
||
|
31BA000
|
heap
|
page read and write
|
||
|
6104000
|
heap
|
page read and write
|
||
|
301D000
|
heap
|
page read and write
|
||
|
2FFD000
|
heap
|
page read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
2FFE000
|
heap
|
page read and write
|
||
|
2FDA000
|
heap
|
page read and write
|
||
|
627F000
|
stack
|
page read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
2FFC000
|
heap
|
page read and write
|
||
|
60E0000
|
heap
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
60F0000
|
heap
|
page read and write
|
||
|
2FF0000
|
heap
|
page read and write
|
||
|
B5B000
|
heap
|
page read and write
|
||
|
2FF9000
|
heap
|
page read and write
|
||
|
2FFC000
|
heap
|
page read and write
|
||
|
3013000
|
heap
|
page read and write
|
||
|
2FD0000
|
heap
|
page read and write
|
||
|
BAC000
|
stack
|
page read and write
|
||
|
50D000
|
stack
|
page read and write
|
||
|
2FF0000
|
heap
|
page read and write
|
||
|
31AF000
|
stack
|
page read and write
|
||
|
3000000
|
heap
|
page read and write
|
||
|
D4F000
|
stack
|
page read and write
|
||
|
E90000
|
heap
|
page read and write
|
||
|
6100000
|
heap
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
2FF4000
|
heap
|
page read and write
|
||
|
2FF5000
|
heap
|
page read and write
|
||
|
31B6000
|
heap
|
page read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
3015000
|
heap
|
page read and write
|
||
|
B5F000
|
heap
|
page read and write
|
||
|
6680000
|
trusted library allocation
|
page read and write
|
||
|
E9E000
|
stack
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
623E000
|
stack
|
page read and write
|
||
|
B69000
|
stack
|
page read and write
|
There are 39 hidden memdumps, click here to show them.