Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll32.exe
|
loaddll32.exe "C:\Users\user\Desktop\file.dll"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\file.dll",#1
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",#1
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2CDE000
|
heap
|
page read and write
|
||
|
2CC0000
|
heap
|
page read and write
|
||
|
2CC9000
|
heap
|
page read and write
|
||
|
2CAA000
|
heap
|
page read and write
|
||
|
6230000
|
trusted library allocation
|
page read and write
|
||
|
2CD1000
|
heap
|
page read and write
|
||
|
2BF0000
|
heap
|
page read and write
|
||
|
2B9E000
|
stack
|
page read and write
|
||
|
46DE000
|
stack
|
page read and write
|
||
|
2E64000
|
heap
|
page read and write
|
||
|
2B5E000
|
stack
|
page read and write
|
||
|
2DC0000
|
heap
|
page read and write
|
||
|
2CE3000
|
heap
|
page read and write
|
||
|
C50000
|
heap
|
page read and write
|
||
|
2EEF000
|
stack
|
page read and write
|
||
|
2CC8000
|
heap
|
page read and write
|
||
|
2BDE000
|
stack
|
page read and write
|
||
|
2EAE000
|
stack
|
page read and write
|
||
|
2EF7000
|
heap
|
page read and write
|
||
|
2C3F000
|
stack
|
page read and write
|
||
|
2CC8000
|
heap
|
page read and write
|
||
|
2CA0000
|
heap
|
page read and write
|
||
|
DFF000
|
stack
|
page read and write
|
||
|
C0F000
|
stack
|
page read and write
|
||
|
2CC8000
|
heap
|
page read and write
|
||
|
2CD1000
|
heap
|
page read and write
|
||
|
77C000
|
stack
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
56D000
|
stack
|
page read and write
|
||
|
2CCD000
|
heap
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
2CC0000
|
heap
|
page read and write
|
||
|
9DF000
|
heap
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
2CC4000
|
heap
|
page read and write
|
||
|
B0E000
|
stack
|
page read and write
|
||
|
739000
|
stack
|
page read and write
|
||
|
471F000
|
stack
|
page read and write
|
||
|
2CD2000
|
heap
|
page read and write
|
||
|
C4E000
|
stack
|
page read and write
|
||
|
2E60000
|
heap
|
page read and write
|
||
|
2EFA000
|
heap
|
page read and write
|
||
|
9DB000
|
heap
|
page read and write
|
||
|
2EF0000
|
heap
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
8FD000
|
stack
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
There are 39 hidden memdumps, click here to show them.