Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Windows\System32\loaddll32.exe
|
loaddll32.exe "C:\Users\user\Desktop\iepdf32.dll"
|
||
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\iepdf32.dll,FORM_CanRedo
|
||
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\iepdf32.dll",#1
|
||
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\iepdf32.dll,FORM_CanUndo
|
||
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\iepdf32.dll,FORM_DoDocumentAAction
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\iepdf32.dll",#1
|
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
32C0000
|
heap
|
page read and write
|
||
6C644000
|
unkown
|
page readonly
|
||
6D0AB000
|
unkown
|
page readonly
|
||
984000
|
heap
|
page read and write
|
||
6C9B2000
|
unkown
|
page execute read
|
||
27B0000
|
heap
|
page read and write
|
||
3330000
|
heap
|
page read and write
|
||
6C4CA000
|
unkown
|
page readonly
|
||
6C6AB000
|
unkown
|
page read and write
|
||
2CB0000
|
heap
|
page read and write
|
||
6C6E0000
|
unkown
|
page execute read
|
||
6C66C000
|
unkown
|
page readonly
|
||
6C6DA000
|
unkown
|
page read and write
|
||
4890000
|
heap
|
page read and write
|
||
29FC000
|
stack
|
page read and write
|
||
6C4EA000
|
unkown
|
page readonly
|
||
6C674000
|
unkown
|
page readonly
|
||
6C314000
|
unkown
|
page readonly
|
||
6C9B2000
|
unkown
|
page execute read
|
||
6D0AB000
|
unkown
|
page readonly
|
||
6C4E6000
|
unkown
|
page readonly
|
||
ED0000
|
heap
|
page read and write
|
||
6C6DA000
|
unkown
|
page read and write
|
||
6C644000
|
unkown
|
page readonly
|
||
6C6E0000
|
unkown
|
page execute read
|
||
6C4D4000
|
unkown
|
page readonly
|
||
28CE000
|
stack
|
page read and write
|
||
6C682000
|
unkown
|
page execute read
|
||
6C4DF000
|
unkown
|
page readonly
|
||
6C9B2000
|
unkown
|
page execute read
|
||
6C2F9000
|
unkown
|
page readonly
|
||
6C4D4000
|
unkown
|
page readonly
|
||
28D0000
|
heap
|
page read and write
|
||
27B4000
|
heap
|
page read and write
|
||
6C260000
|
unkown
|
page readonly
|
||
4891000
|
heap
|
page read and write
|
||
6C3B0000
|
unkown
|
page execute read
|
||
984000
|
heap
|
page read and write
|
||
6C6AF000
|
unkown
|
page execute read
|
||
6C4E6000
|
unkown
|
page readonly
|
||
42E0000
|
heap
|
page read and write
|
||
984000
|
heap
|
page read and write
|
||
9F2000
|
heap
|
page read and write
|
||
6C260000
|
unkown
|
page readonly
|
||
6C4EA000
|
unkown
|
page readonly
|
||
6C354000
|
unkown
|
page readonly
|
||
6C629000
|
unkown
|
page readonly
|
||
2BEC000
|
stack
|
page read and write
|
||
2E50000
|
heap
|
page read and write
|
||
2FB4000
|
heap
|
page read and write
|
||
2FEF000
|
stack
|
page read and write
|
||
2BAC000
|
stack
|
page read and write
|
||
27C0000
|
heap
|
page read and write
|
||
6C260000
|
unkown
|
page readonly
|
||
9DF000
|
heap
|
page read and write
|
||
27B4000
|
heap
|
page read and write
|
||
6C4CA000
|
unkown
|
page readonly
|
||
9DB000
|
heap
|
page read and write
|
||
6C1A4000
|
unkown
|
page readonly
|
||
2A10000
|
trusted library allocation
|
page read and write
|
||
2CA4000
|
heap
|
page read and write
|
||
6C4CA000
|
unkown
|
page readonly
|
||
322E000
|
stack
|
page read and write
|
||
6C4DF000
|
unkown
|
page readonly
|
||
6C674000
|
unkown
|
page readonly
|
||
4A71000
|
heap
|
page read and write
|
||
6C6E0000
|
unkown
|
page execute read
|
||
D6F000
|
stack
|
page read and write
|
||
2F30000
|
heap
|
page read and write
|
||
2F30000
|
heap
|
page read and write
|
||
6C261000
|
unkown
|
page execute read
|
||
980000
|
heap
|
page read and write
|
||
42E1000
|
heap
|
page read and write
|
||
E70000
|
trusted library allocation
|
page read and write
|
||
3050000
|
heap
|
page read and write
|
||
2AF0000
|
heap
|
page read and write
|
||
2FB0000
|
heap
|
page read and write
|
||
6BF30000
|
unkown
|
page readonly
|
||
6C4DF000
|
unkown
|
page readonly
|
||
984000
|
heap
|
page read and write
|
||
6C62F000
|
unkown
|
page readonly
|
||
6C629000
|
unkown
|
page readonly
|
||
2CA4000
|
heap
|
page read and write
|
||
6C6DA000
|
unkown
|
page read and write
|
||
6C69F000
|
unkown
|
page read and write
|
||
304E000
|
stack
|
page read and write
|
||
2CA0000
|
heap
|
page read and write
|
||
2FB4000
|
heap
|
page read and write
|
||
2E0E000
|
stack
|
page read and write
|
||
42E1000
|
heap
|
page read and write
|
||
6C4D4000
|
unkown
|
page readonly
|
||
4AE1000
|
heap
|
page read and write
|
||
2F54000
|
heap
|
page read and write
|
||
9A0000
|
heap
|
page read and write
|
||
6C69F000
|
unkown
|
page read and write
|
||
2F50000
|
heap
|
page read and write
|
||
263C000
|
stack
|
page read and write
|
||
6C674000
|
unkown
|
page readonly
|
||
6C261000
|
unkown
|
page execute read
|
||
6C3AA000
|
unkown
|
page read and write
|
||
2A0F000
|
stack
|
page read and write
|
||
6C6AB000
|
unkown
|
page read and write
|
||
4AE0000
|
heap
|
page read and write
|
||
2FFF000
|
stack
|
page read and write
|
||
984000
|
heap
|
page read and write
|
||
6C2FF000
|
unkown
|
page readonly
|
||
9D0000
|
heap
|
page read and write
|
||
2E4E000
|
stack
|
page read and write
|
||
26D0000
|
heap
|
page read and write
|
||
6C4CA000
|
unkown
|
page readonly
|
||
6C6AF000
|
unkown
|
page execute read
|
||
2D90000
|
heap
|
page read and write
|
||
2FF0000
|
trusted library allocation
|
page read and write
|
||
6C19A000
|
unkown
|
page readonly
|
||
6C4EA000
|
unkown
|
page readonly
|
||
6C344000
|
unkown
|
page readonly
|
||
6D0AB000
|
unkown
|
page readonly
|
||
2FE0000
|
heap
|
page read and write
|
||
6C33C000
|
unkown
|
page readonly
|
||
6C260000
|
unkown
|
page readonly
|
||
30E0000
|
heap
|
page read and write
|
||
B4E000
|
stack
|
page read and write
|
||
2FBE000
|
stack
|
page read and write
|
||
6C37F000
|
unkown
|
page execute read
|
||
6C4D4000
|
unkown
|
page readonly
|
||
93D000
|
stack
|
page read and write
|
||
6C6DA000
|
unkown
|
page read and write
|
||
6C644000
|
unkown
|
page readonly
|
||
6C1B6000
|
unkown
|
page readonly
|
||
6C684000
|
unkown
|
page readonly
|
||
3300000
|
heap
|
page read and write
|
||
4A71000
|
heap
|
page read and write
|
||
2680000
|
heap
|
page read and write
|
||
267C000
|
stack
|
page read and write
|
||
E6F000
|
stack
|
page read and write
|
||
6C9B2000
|
unkown
|
page execute read
|
||
6C62F000
|
unkown
|
page readonly
|
||
6C644000
|
unkown
|
page readonly
|
||
6C6AB000
|
unkown
|
page read and write
|
||
4A70000
|
heap
|
page read and write
|
||
2CA4000
|
heap
|
page read and write
|
||
6C4EA000
|
unkown
|
page readonly
|
||
6C6AB000
|
unkown
|
page read and write
|
||
31EF000
|
stack
|
page read and write
|
||
9B0000
|
heap
|
page read and write
|
||
6C684000
|
unkown
|
page readonly
|
||
6CD7B000
|
unkown
|
page readonly
|
||
2F54000
|
heap
|
page read and write
|
||
6C6E0000
|
unkown
|
page execute read
|
||
3190000
|
trusted library allocation
|
page read and write
|
||
3270000
|
trusted library allocation
|
page read and write
|
||
318F000
|
stack
|
page read and write
|
||
2C3C000
|
stack
|
page read and write
|
||
6C36F000
|
unkown
|
page read and write
|
||
28DA000
|
heap
|
page read and write
|
||
6C69F000
|
unkown
|
page read and write
|
||
4A40000
|
heap
|
page read and write
|
||
B0E000
|
stack
|
page read and write
|
||
6BF31000
|
unkown
|
page execute read
|
||
2F20000
|
heap
|
page read and write
|
||
6C62F000
|
unkown
|
page readonly
|
||
2FB4000
|
heap
|
page read and write
|
||
2B30000
|
heap
|
page read and write
|
||
305A000
|
heap
|
page read and write
|
||
6C261000
|
unkown
|
page execute read
|
||
2681000
|
heap
|
page read and write
|
||
283E000
|
stack
|
page read and write
|
||
2E7A000
|
heap
|
page read and write
|
||
6C4E6000
|
unkown
|
page readonly
|
||
6C6AF000
|
unkown
|
page execute read
|
||
6C4E6000
|
unkown
|
page readonly
|
||
2E70000
|
heap
|
page read and write
|
||
6C66C000
|
unkown
|
page readonly
|
||
326F000
|
stack
|
page read and write
|
||
6C629000
|
unkown
|
page readonly
|
||
6C66C000
|
unkown
|
page readonly
|
||
6C6AF000
|
unkown
|
page execute read
|
||
6C62F000
|
unkown
|
page readonly
|
||
6C261000
|
unkown
|
page execute read
|
||
6D0AB000
|
unkown
|
page readonly
|
||
6C674000
|
unkown
|
page readonly
|
||
27B4000
|
heap
|
page read and write
|
||
2FAE000
|
stack
|
page read and write
|
||
4891000
|
heap
|
page read and write
|
||
2FEA000
|
heap
|
page read and write
|
||
2870000
|
heap
|
page read and write
|
||
6C37B000
|
unkown
|
page read and write
|
||
6C4DF000
|
unkown
|
page readonly
|
||
6C684000
|
unkown
|
page readonly
|
||
287F000
|
stack
|
page read and write
|
||
6C1AF000
|
unkown
|
page readonly
|
||
2EBC000
|
stack
|
page read and write
|
||
3230000
|
heap
|
page read and write
|
||
984000
|
heap
|
page read and write
|
||
83C000
|
stack
|
page read and write
|
||
6C684000
|
unkown
|
page readonly
|
||
2681000
|
heap
|
page read and write
|
||
6C66C000
|
unkown
|
page readonly
|
||
6C69F000
|
unkown
|
page read and write
|
||
2F54000
|
heap
|
page read and write
|
||
2E7C000
|
stack
|
page read and write
|
||
6C629000
|
unkown
|
page readonly
|
||
2FAE000
|
stack
|
page read and write
|
||
4AE1000
|
heap
|
page read and write
|
||
6C1BA000
|
unkown
|
page readonly
|
There are 195 hidden memdumps, click here to show them.