Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Windows\System32\loaddll32.exe
|
loaddll32.exe "C:\Users\user\Desktop\iepdf32.dll"
|
||
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\iepdf32.dll,FORM_CanRedo
|
||
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\iepdf32.dll",#1
|
||
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\iepdf32.dll,FORM_CanUndo
|
||
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\iepdf32.dll,FORM_DoDocumentAAction
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\iepdf32.dll",#1
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
3304000
|
heap
|
page read and write
|
||
6C100000
|
unkown
|
page readonly
|
||
2770000
|
heap
|
page read and write
|
||
ECE000
|
stack
|
page read and write
|
||
6CF59000
|
unkown
|
page readonly
|
||
6C4CF000
|
unkown
|
page readonly
|
||
2FC0000
|
heap
|
page read and write
|
||
3500000
|
trusted library allocation
|
page read and write
|
||
6C0EF000
|
unkown
|
page readonly
|
||
D3D000
|
stack
|
page read and write
|
||
6C0E4000
|
unkown
|
page readonly
|
||
120F000
|
stack
|
page read and write
|
||
2C6A000
|
heap
|
page read and write
|
||
27C4000
|
heap
|
page read and write
|
||
2D81000
|
heap
|
page read and write
|
||
6C0FA000
|
unkown
|
page readonly
|
||
6C2BF000
|
unkown
|
page execute read
|
||
EC000
|
stack
|
page read and write
|
||
6C2EA000
|
unkown
|
page read and write
|
||
6C5C8000
|
unkown
|
page execute read
|
||
6C294000
|
unkown
|
page readonly
|
||
23C4000
|
heap
|
page read and write
|
||
6BE71000
|
unkown
|
page execute read
|
||
6C386000
|
unkown
|
page readonly
|
||
6C374000
|
unkown
|
page readonly
|
||
6C2BB000
|
unkown
|
page read and write
|
||
2FD0000
|
heap
|
page read and write
|
||
6BE70000
|
unkown
|
page readonly
|
||
276C000
|
stack
|
page read and write
|
||
2610000
|
heap
|
page read and write
|
||
6C0FA000
|
unkown
|
page readonly
|
||
6C0F6000
|
unkown
|
page readonly
|
||
2B9E000
|
stack
|
page read and write
|
||
6C0F6000
|
unkown
|
page readonly
|
||
6C23F000
|
unkown
|
page readonly
|
||
6C524000
|
unkown
|
page readonly
|
||
6C239000
|
unkown
|
page readonly
|
||
6C54F000
|
unkown
|
page execute read
|
||
101F000
|
heap
|
page read and write
|
||
6C254000
|
unkown
|
page readonly
|
||
6C2AF000
|
unkown
|
page read and write
|
||
6BE70000
|
unkown
|
page readonly
|
||
4660000
|
trusted library allocation
|
page read and write
|
||
6C2F0000
|
unkown
|
page execute read
|
||
6C0EF000
|
unkown
|
page readonly
|
||
2730000
|
heap
|
page read and write
|
||
1210000
|
trusted library allocation
|
page read and write
|
||
4011000
|
heap
|
page read and write
|
||
6C284000
|
unkown
|
page readonly
|
||
230F000
|
stack
|
page read and write
|
||
6C239000
|
unkown
|
page readonly
|
||
22CE000
|
stack
|
page read and write
|
||
277A000
|
heap
|
page read and write
|
||
6C254000
|
unkown
|
page readonly
|
||
2C1E000
|
stack
|
page read and write
|
||
6C239000
|
unkown
|
page readonly
|
||
6C4C9000
|
unkown
|
page readonly
|
||
2A84000
|
heap
|
page read and write
|
||
23C0000
|
heap
|
page read and write
|
||
2A20000
|
heap
|
page read and write
|
||
E84000
|
heap
|
page read and write
|
||
6C0DA000
|
unkown
|
page readonly
|
||
6CCC9000
|
unkown
|
page readonly
|
||
263F000
|
stack
|
page read and write
|
||
6C23F000
|
unkown
|
page readonly
|
||
2BF0000
|
heap
|
page read and write
|
||
6C2BB000
|
unkown
|
page read and write
|
||
6CCC9000
|
unkown
|
page readonly
|
||
23BC000
|
stack
|
page read and write
|
||
2C60000
|
heap
|
page read and write
|
||
4EA0000
|
heap
|
page read and write
|
||
27C4000
|
heap
|
page read and write
|
||
2A70000
|
heap
|
page read and write
|
||
3304000
|
heap
|
page read and write
|
||
E84000
|
heap
|
page read and write
|
||
27C4000
|
heap
|
page read and write
|
||
6C5C8000
|
unkown
|
page execute read
|
||
2A84000
|
heap
|
page read and write
|
||
C3C000
|
stack
|
page read and write
|
||
E80000
|
heap
|
page read and write
|
||
4200000
|
heap
|
page read and write
|
||
6C0EF000
|
unkown
|
page readonly
|
||
6C0E4000
|
unkown
|
page readonly
|
||
6C0EF000
|
unkown
|
page readonly
|
||
27C0000
|
heap
|
page read and write
|
||
6C2AF000
|
unkown
|
page read and write
|
||
2A80000
|
heap
|
page read and write
|
||
6C2BF000
|
unkown
|
page execute read
|
||
6C284000
|
unkown
|
page readonly
|
||
6C53F000
|
unkown
|
page read and write
|
||
2390000
|
heap
|
page read and write
|
||
4010000
|
heap
|
page read and write
|
||
6C254000
|
unkown
|
page readonly
|
||
6C294000
|
unkown
|
page readonly
|
||
6C27C000
|
unkown
|
page readonly
|
||
2A6E000
|
stack
|
page read and write
|
||
1010000
|
heap
|
page read and write
|
||
6C2AF000
|
unkown
|
page read and write
|
||
D60000
|
heap
|
page read and write
|
||
40CE000
|
stack
|
page read and write
|
||
346F000
|
stack
|
page read and write
|
||
6BE71000
|
unkown
|
page execute read
|
||
3560000
|
heap
|
page read and write
|
||
6C2BB000
|
unkown
|
page read and write
|
||
AC000
|
stack
|
page read and write
|
||
2A91000
|
heap
|
page read and write
|
||
6C239000
|
unkown
|
page readonly
|
||
320A000
|
heap
|
page read and write
|
||
6C580000
|
unkown
|
page execute read
|
||
3200000
|
heap
|
page read and write
|
||
6C0FA000
|
unkown
|
page readonly
|
||
6C294000
|
unkown
|
page readonly
|
||
6C37F000
|
unkown
|
page readonly
|
||
6C2F0000
|
unkown
|
page execute read
|
||
6C2BF000
|
unkown
|
page execute read
|
||
6CCC9000
|
unkown
|
page readonly
|
||
261A000
|
heap
|
page read and write
|
||
4201000
|
heap
|
page read and write
|
||
6C2AF000
|
unkown
|
page read and write
|
||
3300000
|
heap
|
page read and write
|
||
34FF000
|
stack
|
page read and write
|
||
1030000
|
heap
|
page read and write
|
||
6C27C000
|
unkown
|
page readonly
|
||
6C0E4000
|
unkown
|
page readonly
|
||
4110000
|
trusted library allocation
|
page read and write
|
||
41F0000
|
heap
|
page read and write
|
||
E40000
|
heap
|
page read and write
|
||
6C2F0000
|
unkown
|
page execute read
|
||
6C284000
|
unkown
|
page readonly
|
||
230000
|
heap
|
page read and write
|
||
34BE000
|
stack
|
page read and write
|
||
6BE71000
|
unkown
|
page execute read
|
||
235E000
|
stack
|
page read and write
|
||
E84000
|
heap
|
page read and write
|
||
6C2EA000
|
unkown
|
page read and write
|
||
2A90000
|
heap
|
page read and write
|
||
2F5C000
|
stack
|
page read and write
|
||
E84000
|
heap
|
page read and write
|
||
E84000
|
heap
|
page read and write
|
||
27AE000
|
stack
|
page read and write
|
||
6C0FA000
|
unkown
|
page readonly
|
||
6C2EA000
|
unkown
|
page read and write
|
||
2BDF000
|
stack
|
page read and write
|
||
6C858000
|
unkown
|
page execute read
|
||
6C5C8000
|
unkown
|
page execute read
|
||
6C23F000
|
unkown
|
page readonly
|
||
4D11000
|
heap
|
page read and write
|
||
6C0E4000
|
unkown
|
page readonly
|
||
6C27C000
|
unkown
|
page readonly
|
||
3304000
|
heap
|
page read and write
|
||
150000
|
heap
|
page read and write
|
||
4D10000
|
heap
|
page read and write
|
||
6C254000
|
unkown
|
page readonly
|
||
4201000
|
heap
|
page read and write
|
||
6BE70000
|
unkown
|
page readonly
|
||
6BE70000
|
unkown
|
page readonly
|
||
6C54B000
|
unkown
|
page read and write
|
||
2A10000
|
heap
|
page read and write
|
||
6C50C000
|
unkown
|
page readonly
|
||
6C514000
|
unkown
|
page readonly
|
||
6C2F0000
|
unkown
|
page execute read
|
||
6C57A000
|
unkown
|
page read and write
|
||
6CCC9000
|
unkown
|
page readonly
|
||
4D11000
|
heap
|
page read and write
|
||
6C27C000
|
unkown
|
page readonly
|
||
6C0F6000
|
unkown
|
page readonly
|
||
2EB0000
|
heap
|
page read and write
|
||
2A91000
|
heap
|
page read and write
|
||
410F000
|
stack
|
page read and write
|
||
E84000
|
heap
|
page read and write
|
||
2D70000
|
heap
|
page read and write
|
||
6C4E4000
|
unkown
|
page readonly
|
||
23C4000
|
heap
|
page read and write
|
||
6C101000
|
unkown
|
page execute read
|
||
237C000
|
stack
|
page read and write
|
||
6C0DA000
|
unkown
|
page readonly
|
||
100E000
|
stack
|
page read and write
|
||
6C0DA000
|
unkown
|
page readonly
|
||
101B000
|
heap
|
page read and write
|
||
6BE71000
|
unkown
|
page execute read
|
||
6C38A000
|
unkown
|
page readonly
|
||
2640000
|
trusted library allocation
|
page read and write
|
||
6C36A000
|
unkown
|
page readonly
|
||
6C0F6000
|
unkown
|
page readonly
|
||
FCF000
|
stack
|
page read and write
|
||
6C2EA000
|
unkown
|
page read and write
|
||
6C294000
|
unkown
|
page readonly
|
||
2D81000
|
heap
|
page read and write
|
||
6C5C8000
|
unkown
|
page execute read
|
||
6C0DA000
|
unkown
|
page readonly
|
||
6C23F000
|
unkown
|
page readonly
|
||
6C2BB000
|
unkown
|
page read and write
|
||
23C4000
|
heap
|
page read and write
|
||
342E000
|
stack
|
page read and write
|
||
2A84000
|
heap
|
page read and write
|
||
4011000
|
heap
|
page read and write
|
||
26C0000
|
heap
|
page read and write
|
||
2F1C000
|
stack
|
page read and write
|
||
6C284000
|
unkown
|
page readonly
|
||
27AC000
|
stack
|
page read and write
|
||
2720000
|
heap
|
page read and write
|
||
2C5F000
|
stack
|
page read and write
|
||
6C2BF000
|
unkown
|
page execute read
|
||
12E0000
|
heap
|
page read and write
|
||
2D80000
|
heap
|
page read and write
|
There are 195 hidden memdumps, click here to show them.