Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll32.exe
|
loaddll32.exe "C:\Users\user\Desktop\file.dll"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\file.dll",#1
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",#1
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
61C0000
|
heap
|
page read and write
|
||
|
30FF000
|
heap
|
page read and write
|
||
|
2DFA000
|
heap
|
page read and write
|
||
|
ADC000
|
stack
|
page read and write
|
||
|
8EE000
|
stack
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
61C4000
|
heap
|
page read and write
|
||
|
2DDE000
|
stack
|
page read and write
|
||
|
30FC000
|
heap
|
page read and write
|
||
|
3105000
|
heap
|
page read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
43E000
|
stack
|
page read and write
|
||
|
2D9E000
|
stack
|
page read and write
|
||
|
A99000
|
stack
|
page read and write
|
||
|
3010000
|
heap
|
page read and write
|
||
|
3126000
|
heap
|
page read and write
|
||
|
1C0000
|
heap
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
310D000
|
heap
|
page read and write
|
||
|
30EA000
|
heap
|
page read and write
|
||
|
3126000
|
heap
|
page read and write
|
||
|
2D5F000
|
stack
|
page read and write
|
||
|
49BF000
|
stack
|
page read and write
|
||
|
9EF000
|
stack
|
page read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
6FB000
|
heap
|
page read and write
|
||
|
3112000
|
heap
|
page read and write
|
||
|
6F0000
|
heap
|
page read and write
|
||
|
14D000
|
stack
|
page read and write
|
||
|
3108000
|
heap
|
page read and write
|
||
|
3126000
|
heap
|
page read and write
|
||
|
3126000
|
heap
|
page read and write
|
||
|
56D000
|
stack
|
page read and write
|
||
|
3108000
|
heap
|
page read and write
|
||
|
310C000
|
heap
|
page read and write
|
||
|
3103000
|
heap
|
page read and write
|
||
|
3111000
|
heap
|
page read and write
|
||
|
6FF000
|
heap
|
page read and write
|
||
|
1D0000
|
heap
|
page read and write
|
||
|
3111000
|
heap
|
page read and write
|
||
|
6600000
|
trusted library allocation
|
page read and write
|
||
|
1B0000
|
heap
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
3124000
|
heap
|
page read and write
|
||
|
3000000
|
heap
|
page read and write
|
||
|
67E000
|
stack
|
page read and write
|
||
|
2DF7000
|
heap
|
page read and write
|
||
|
30DE000
|
stack
|
page read and write
|
||
|
3108000
|
heap
|
page read and write
|
||
|
CDE000
|
stack
|
page read and write
|
||
|
3109000
|
heap
|
page read and write
|
||
|
C90000
|
heap
|
page read and write
|
There are 42 hidden memdumps, click here to show them.