Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll32.exe
|
loaddll32.exe "C:\Users\user\Desktop\file.dll"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\file.dll",#1
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",#1
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3243000
|
heap
|
page read and write
|
||
|
34D7000
|
heap
|
page read and write
|
||
|
31DE000
|
stack
|
page read and write
|
||
|
323E000
|
heap
|
page read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
4B6E000
|
stack
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
97B000
|
heap
|
page read and write
|
||
|
93F000
|
stack
|
page read and write
|
||
|
67C0000
|
trusted library allocation
|
page read and write
|
||
|
3236000
|
heap
|
page read and write
|
||
|
3256000
|
heap
|
page read and write
|
||
|
3242000
|
heap
|
page read and write
|
||
|
34A0000
|
heap
|
page read and write
|
||
|
319F000
|
stack
|
page read and write
|
||
|
1D0000
|
heap
|
page read and write
|
||
|
3239000
|
heap
|
page read and write
|
||
|
4BAF000
|
stack
|
page read and write
|
||
|
2D1A000
|
stack
|
page read and write
|
||
|
34B0000
|
heap
|
page read and write
|
||
|
4FD000
|
stack
|
page read and write
|
||
|
3235000
|
heap
|
page read and write
|
||
|
2D5C000
|
stack
|
page read and write
|
||
|
3256000
|
heap
|
page read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
3256000
|
heap
|
page read and write
|
||
|
16D000
|
stack
|
page read and write
|
||
|
3239000
|
heap
|
page read and write
|
||
|
3210000
|
heap
|
page read and write
|
||
|
3253000
|
heap
|
page read and write
|
||
|
63F0000
|
heap
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
311E000
|
stack
|
page read and write
|
||
|
34D0000
|
heap
|
page read and write
|
||
|
98E000
|
heap
|
page read and write
|
||
|
34DA000
|
heap
|
page read and write
|
||
|
323D000
|
heap
|
page read and write
|
||
|
4B2F000
|
stack
|
page read and write
|
||
|
63F4000
|
heap
|
page read and write
|
||
|
321A000
|
heap
|
page read and write
|
||
|
97F000
|
heap
|
page read and write
|
||
|
75E000
|
stack
|
page read and write
|
||
|
71F000
|
stack
|
page read and write
|
||
|
3239000
|
heap
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
2DC0000
|
heap
|
page read and write
|
||
|
3150000
|
heap
|
page read and write
|
||
|
60E000
|
stack
|
page read and write
|
||
|
3231000
|
heap
|
page read and write
|
There are 39 hidden memdumps, click here to show them.