Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Users\user\Desktop\EngMain9.exe
|
"C:\Users\user\Desktop\EngMain9.exe"
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
570000
|
heap
|
page read and write
|
||
2CD0000
|
heap
|
page read and write
|
||
99000
|
stack
|
page read and write
|
||
6C3000
|
heap
|
page read and write
|
||
2A20000
|
heap
|
page read and write
|
||
4BD000
|
unkown
|
page read and write
|
||
4BE000
|
unkown
|
page readonly
|
||
401000
|
unkown
|
page execute read
|
||
2CD2000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
19C000
|
stack
|
page read and write
|
||
2CD6000
|
heap
|
page read and write
|
||
660000
|
heap
|
page read and write
|
||
21F0000
|
heap
|
page read and write
|
||
1F0000
|
heap
|
page read and write
|
||
4B7000
|
unkown
|
page read and write
|
||
2A24000
|
heap
|
page read and write
|
||
2200000
|
trusted library allocation
|
page read and write
|
||
650000
|
trusted library allocation
|
page execute read
|
||
50E000
|
stack
|
page read and write
|
||
699000
|
heap
|
page read and write
|
||
89F000
|
stack
|
page read and write
|
||
2B50000
|
trusted library allocation
|
page read and write
|
||
3C4E000
|
stack
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
3D4F000
|
stack
|
page read and write
|
||
6A0000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
2140000
|
heap
|
page read and write
|
||
3B0E000
|
stack
|
page read and write
|
||
4BE000
|
unkown
|
page readonly
|
||
6AA000
|
heap
|
page read and write
|
||
2160000
|
heap
|
page read and write
|
||
3C0F000
|
stack
|
page read and write
|
||
4C0000
|
heap
|
page read and write
|
||
32D0000
|
trusted library allocation
|
page read and write
|
||
2BD0000
|
heap
|
page read and write
|
||
2A30000
|
heap
|
page read and write
|
||
2B40000
|
trusted library allocation
|
page read and write
|
||
6AE000
|
heap
|
page read and write
|
||
690000
|
heap
|
page read and write
|
There are 31 hidden memdumps, click here to show them.