Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\viYcjIFhBz.dll"
|
 |
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\viYcjIFhBz.dll",#1
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\viYcjIFhBz.dll",#1
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1A119160000
|
heap
|
page read and write
|
||
|
1BA74800000
|
heap
|
page read and write
|
||
|
1BA72FA0000
|
heap
|
page read and write
|
||
|
1BA72F68000
|
heap
|
page read and write
|
||
|
9FFDE7E000
|
stack
|
page read and write
|
||
|
1BA72F8C000
|
heap
|
page read and write
|
||
|
233D5FF000
|
stack
|
page read and write
|
||
|
1BA72EE5000
|
heap
|
page read and write
|
||
|
1BA72F7B000
|
heap
|
page read and write
|
||
|
1BA72FA8000
|
heap
|
page read and write
|
||
|
1BA76090000
|
trusted library allocation
|
page read and write
|
||
|
1BA76060000
|
heap
|
page read and write
|
||
|
1A118E88000
|
heap
|
page read and write
|
||
|
1A119070000
|
heap
|
page read and write
|
||
|
1BA72F91000
|
heap
|
page read and write
|
||
|
9FFDEFE000
|
stack
|
page read and write
|
||
|
1A118E40000
|
heap
|
page read and write
|
||
|
1A118E70000
|
heap
|
page read and write
|
||
|
1BA72EEB000
|
heap
|
page read and write
|
||
|
1BA72F20000
|
trusted library allocation
|
page read and write
|
||
|
1BA72F84000
|
heap
|
page read and write
|
||
|
1BA72EB0000
|
heap
|
page read and write
|
||
|
1BA72F20000
|
unclassified section
|
page read and write
|
||
|
1A118E79000
|
heap
|
page read and write
|
||
|
1BA72DD0000
|
heap
|
page read and write
|
||
|
233D4FF000
|
stack
|
page read and write
|
||
|
233D1BC000
|
stack
|
page read and write
|
||
|
1A119050000
|
unclassified section
|
page read and write
|
||
|
1BA72F8A000
|
heap
|
page read and write
|
||
|
1BA76890000
|
heap
|
page read and write
|
||
|
1BA76063000
|
heap
|
page read and write
|
||
|
1BA72F7F000
|
heap
|
page read and write
|
||
|
1BA72F84000
|
heap
|
page read and write
|
||
|
1BA72F20000
|
trusted library allocation
|
page read and write
|
||
|
1A118E8C000
|
heap
|
page read and write
|
||
|
1BA72EF0000
|
heap
|
page read and write
|
||
|
1BA72F60000
|
heap
|
page read and write
|
||
|
1A119050000
|
trusted library allocation
|
page read and write
|
||
|
1BA72EE0000
|
heap
|
page read and write
|
||
|
1BA72F96000
|
heap
|
page read and write
|
||
|
1A118E7D000
|
heap
|
page read and write
|
||
|
1BA72F7B000
|
heap
|
page read and write
|
||
|
9FFDF7F000
|
stack
|
page read and write
|
||
|
1A119050000
|
trusted library allocation
|
page read and write
|
||
|
9FFDB8A000
|
stack
|
page read and write
|
||
|
1BA72F8A000
|
heap
|
page read and write
|
||
|
1A118E50000
|
heap
|
page read and write
|
There are 37 hidden memdumps, click here to show them.