IOC Report
EngMain9.exe

loading gif

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\EngMain9.exe
"C:\Users\user\Desktop\EngMain9.exe"
malicious

Memdumps

Base Address
Regiontype
Protect
Malicious
570000
heap
page read and write
2CD0000
heap
page read and write
99000
stack
page read and write
6C3000
heap
page read and write
2A20000
heap
page read and write
4BD000
unkown
page read and write
4BE000
unkown
page readonly
401000
unkown
page execute read
2CD2000
heap
page read and write
400000
unkown
page readonly
19C000
stack
page read and write
2CD6000
heap
page read and write
660000
heap
page read and write
21F0000
heap
page read and write
1F0000
heap
page read and write
4B7000
unkown
page read and write
2A24000
heap
page read and write
2200000
trusted library allocation
page read and write
650000
trusted library allocation
page execute read
50E000
stack
page read and write
699000
heap
page read and write
89F000
stack
page read and write
2B50000
trusted library allocation
page read and write
3C4E000
stack
page read and write
401000
unkown
page execute read
3D4F000
stack
page read and write
6A0000
heap
page read and write
400000
unkown
page readonly
2140000
heap
page read and write
3B0E000
stack
page read and write
4BE000
unkown
page readonly
6AA000
heap
page read and write
2160000
heap
page read and write
3C0F000
stack
page read and write
4C0000
heap
page read and write
32D0000
trusted library allocation
page read and write
2BD0000
heap
page read and write
2A30000
heap
page read and write
2B40000
trusted library allocation
page read and write
6AE000
heap
page read and write
690000
heap
page read and write
There are 31 hidden memdumps, click here to show them.