Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\notepad.exe
|
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\user\Desktop\headers-a51f28ac-e6e5-4ee6-8e80-768300c954d7.txt
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
13099820000
|
heap
|
page read and write
|
||
|
13097E98000
|
heap
|
page read and write
|
||
|
13097EF8000
|
heap
|
page read and write
|
||
|
13097EB5000
|
heap
|
page read and write
|
||
|
13097EF1000
|
heap
|
page read and write
|
||
|
13097E99000
|
heap
|
page read and write
|
||
|
13097E98000
|
heap
|
page read and write
|
||
|
3E2B7F000
|
stack
|
page read and write
|
||
|
13097EF1000
|
heap
|
page read and write
|
||
|
3E2688000
|
stack
|
page read and write
|
||
|
3E2A7E000
|
stack
|
page read and write
|
||
|
130999D3000
|
heap
|
page read and write
|
||
|
13097EE2000
|
heap
|
page read and write
|
||
|
13097EF2000
|
heap
|
page read and write
|
||
|
13097EF9000
|
heap
|
page read and write
|
||
|
13099A10000
|
heap
|
page read and write
|
||
|
13097EF2000
|
heap
|
page read and write
|
||
|
13099A1C000
|
heap
|
page read and write
|
||
|
13097EF3000
|
heap
|
page read and write
|
||
|
13097EFA000
|
heap
|
page read and write
|
||
|
13097EF6000
|
heap
|
page read and write
|
||
|
13097EEE000
|
heap
|
page read and write
|
||
|
13097E70000
|
heap
|
page read and write
|
||
|
13097EB8000
|
heap
|
page read and write
|
||
|
13097EF3000
|
heap
|
page read and write
|
||
|
13097EF6000
|
heap
|
page read and write
|
||
|
13097EF1000
|
heap
|
page read and write
|
||
|
13097EF3000
|
heap
|
page read and write
|
||
|
13099900000
|
trusted library allocation
|
page read and write
|
||
|
13098040000
|
heap
|
page read and write
|
||
|
13097E68000
|
heap
|
page read and write
|
||
|
13097EF6000
|
heap
|
page read and write
|
||
|
13097EE2000
|
heap
|
page read and write
|
||
|
13097E8F000
|
heap
|
page read and write
|
||
|
13097EF6000
|
heap
|
page read and write
|
||
|
13097EF0000
|
heap
|
page read and write
|
||
|
13097EBD000
|
heap
|
page read and write
|
||
|
1309C160000
|
heap
|
page read and write
|
||
|
13097EFA000
|
heap
|
page read and write
|
||
|
13099A15000
|
heap
|
page read and write
|
||
|
13097E60000
|
heap
|
page read and write
|
||
|
1309B960000
|
trusted library allocation
|
page read and write
|
||
|
13097EF8000
|
heap
|
page read and write
|
||
|
13097EEF000
|
heap
|
page read and write
|
||
|
13097ED8000
|
heap
|
page read and write
|
||
|
13097EA0000
|
heap
|
page read and write
|
||
|
13097EEF000
|
heap
|
page read and write
|
||
|
130999D0000
|
heap
|
page read and write
|
||
|
13099920000
|
heap
|
page read and write
|
||
|
13097F60000
|
heap
|
page read and write
|
||
|
13097E95000
|
heap
|
page read and write
|
||
|
13097EF1000
|
heap
|
page read and write
|
There are 42 hidden memdumps, click here to show them.