Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll32.exe
|
loaddll32.exe "C:\Users\user\Desktop\file.dll"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\file.dll",#1
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\file.dll",#1
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2ED0000
|
heap
|
page read and write
|
||
|
2F0D000
|
heap
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
60B4000
|
heap
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
2F11000
|
heap
|
page read and write
|
||
|
92E000
|
stack
|
page read and write
|
||
|
2ADC000
|
stack
|
page read and write
|
||
|
2F12000
|
heap
|
page read and write
|
||
|
2F08000
|
heap
|
page read and write
|
||
|
60B0000
|
heap
|
page read and write
|
||
|
2B40000
|
heap
|
page read and write
|
||
|
D3F000
|
stack
|
page read and write
|
||
|
2BDA000
|
heap
|
page read and write
|
||
|
2F22000
|
heap
|
page read and write
|
||
|
2F0C000
|
heap
|
page read and write
|
||
|
2EEA000
|
heap
|
page read and write
|
||
|
487E000
|
stack
|
page read and write
|
||
|
2BD7000
|
heap
|
page read and write
|
||
|
49D000
|
stack
|
page read and write
|
||
|
47BE000
|
stack
|
page read and write
|
||
|
2EFF000
|
heap
|
page read and write
|
||
|
2F09000
|
heap
|
page read and write
|
||
|
A4F000
|
heap
|
page read and write
|
||
|
2F03000
|
heap
|
page read and write
|
||
|
2EE0000
|
heap
|
page read and write
|
||
|
2EFF000
|
heap
|
page read and write
|
||
|
2B60000
|
heap
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
8E0000
|
heap
|
page read and write
|
||
|
2F26000
|
heap
|
page read and write
|
||
|
C3E000
|
stack
|
page read and write
|
||
|
2F26000
|
heap
|
page read and write
|
||
|
2F08000
|
heap
|
page read and write
|
||
|
48BF000
|
stack
|
page read and write
|
||
|
A0E000
|
stack
|
page read and write
|
||
|
59D000
|
stack
|
page read and write
|
||
|
2F08000
|
heap
|
page read and write
|
||
|
2F11000
|
heap
|
page read and write
|
||
|
A4B000
|
heap
|
page read and write
|
||
|
48C0000
|
heap
|
page read and write
|
||
|
2F26000
|
heap
|
page read and write
|
||
|
2F05000
|
heap
|
page read and write
|
||
|
2B50000
|
heap
|
page read and write
|
||
|
2EFC000
|
heap
|
page read and write
|
||
|
2A99000
|
stack
|
page read and write
|
||
|
2F08000
|
heap
|
page read and write
|
||
|
47FE000
|
stack
|
page read and write
|
||
|
61B0000
|
trusted library allocation
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
2BD0000
|
heap
|
page read and write
|
There are 41 hidden memdumps, click here to show them.