IOC Report
F3dll.exe.dll

loading gif

Processes

Path
Cmdline
Malicious
C:\Windows\System32\loaddll32.exe
loaddll32.exe "C:\Users\user\Desktop\F3dll.exe.dll"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\cmd.exe
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\F3dll.exe.dll",#1
C:\Windows\SysWOW64\rundll32.exe
rundll32.exe "C:\Users\user\Desktop\F3dll.exe.dll",#1

Memdumps

Base Address
Regiontype
Protect
Malicious
5854000
heap
page read and write
270E000
stack
page read and write
274000
heap
page read and write
720000
heap
page read and write
283000
heap
page read and write
1C0000
heap
page read and write
1D0000
heap
page read and write
273000
heap
page read and write
25A000
heap
page read and write
294000
heap
page read and write
1C0000
heap
page read and write
284000
heap
page read and write
23E0000
heap
page read and write
8FF000
stack
page read and write
2826000
heap
page read and write
26F000
heap
page read and write
283000
heap
page read and write
278000
heap
page read and write
5F0000
heap
page read and write
27F000
heap
page read and write
26C000
heap
page read and write
15D000
stack
page read and write
5FF000
heap
page read and write
5FB000
heap
page read and write
2820000
heap
page read and write
285000
heap
page read and write
4FD000
stack
page read and write
283000
heap
page read and write
1D0000
heap
page read and write
282A000
heap
page read and write
278E000
stack
page read and write
5850000
heap
page read and write
5BE0000
trusted library allocation
page read and write
23F0000
heap
page read and write
26F000
heap
page read and write
119000
stack
page read and write
23CE000
stack
page read and write
274D000
stack
page read and write
29C000
heap
page read and write
250000
heap
page read and write
53E000
stack
page read and write
980000
heap
page read and write
15C000
stack
page read and write
200000
heap
page read and write
293000
heap
page read and write
There are 35 hidden memdumps, click here to show them.