Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll32.exe
|
loaddll32.exe "C:\Users\user\Desktop\file.dll"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\file.dll",#1
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",#1
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2FD000
|
stack
|
page read and write
|
||
|
2A48000
|
heap
|
page read and write
|
||
|
BBF000
|
stack
|
page read and write
|
||
|
2A66000
|
heap
|
page read and write
|
||
|
2A51000
|
heap
|
page read and write
|
||
|
2A51000
|
heap
|
page read and write
|
||
|
2C1F000
|
stack
|
page read and write
|
||
|
5B80000
|
heap
|
page read and write
|
||
|
2A66000
|
heap
|
page read and write
|
||
|
3FD000
|
stack
|
page read and write
|
||
|
2A45000
|
heap
|
page read and write
|
||
|
2A48000
|
heap
|
page read and write
|
||
|
2C37000
|
heap
|
page read and write
|
||
|
2BDE000
|
stack
|
page read and write
|
||
|
2A43000
|
heap
|
page read and write
|
||
|
29D0000
|
heap
|
page read and write
|
||
|
2A20000
|
heap
|
page read and write
|
||
|
2B9F000
|
stack
|
page read and write
|
||
|
ABF000
|
stack
|
page read and write
|
||
|
2A4D000
|
heap
|
page read and write
|
||
|
6090000
|
trusted library allocation
|
page read and write
|
||
|
28F0000
|
heap
|
page read and write
|
||
|
2B5E000
|
stack
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
2A48000
|
heap
|
page read and write
|
||
|
87C000
|
stack
|
page read and write
|
||
|
6FE000
|
stack
|
page read and write
|
||
|
446E000
|
stack
|
page read and write
|
||
|
44AF000
|
stack
|
page read and write
|
||
|
7FF000
|
heap
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
5BD4000
|
heap
|
page read and write
|
||
|
2C3A000
|
heap
|
page read and write
|
||
|
2A49000
|
heap
|
page read and write
|
||
|
2A52000
|
heap
|
page read and write
|
||
|
2A66000
|
heap
|
page read and write
|
||
|
6BE000
|
stack
|
page read and write
|
||
|
2C30000
|
heap
|
page read and write
|
||
|
2A4C000
|
heap
|
page read and write
|
||
|
2A66000
|
heap
|
page read and write
|
||
|
5B90000
|
heap
|
page read and write
|
||
|
2A2A000
|
heap
|
page read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
2A3C000
|
heap
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
839000
|
stack
|
page read and write
|
||
|
7FB000
|
heap
|
page read and write
|
||
|
2A3F000
|
heap
|
page read and write
|
||
|
5BD0000
|
heap
|
page read and write
|
There are 41 hidden memdumps, click here to show them.