Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll32.exe
|
loaddll32.exe "C:\Users\user\Desktop\AB5tAhygtM.dll"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\AB5tAhygtM.dll",#1
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\AB5tAhygtM.dll,ModuleMain
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\AB5tAhygtM.dll",#1
|
||
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\AB5tAhygtM.dll",ModuleMain
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
6D051000
|
unkown
|
page execute read
|
||
|
AAF000
|
stack
|
page read and write
|
||
|
CAF000
|
heap
|
page read and write
|
||
|
287B000
|
stack
|
page read and write
|
||
|
2A60000
|
heap
|
page read and write
|
||
|
6CDF6000
|
unkown
|
page readonly
|
||
|
288F000
|
stack
|
page read and write
|
||
|
28D0000
|
heap
|
page read and write
|
||
|
28BC000
|
stack
|
page read and write
|
||
|
24CB000
|
stack
|
page read and write
|
||
|
2890000
|
heap
|
page read and write
|
||
|
6CE06000
|
unkown
|
page readonly
|
||
|
2D60000
|
heap
|
page read and write
|
||
|
2580000
|
heap
|
page read and write
|
||
|
6D093000
|
unkown
|
page read and write
|
||
|
25B0000
|
heap
|
page read and write
|
||
|
423E000
|
stack
|
page read and write
|
||
|
6CDC1000
|
unkown
|
page execute read
|
||
|
CB8000
|
heap
|
page read and write
|
||
|
6CDC0000
|
unkown
|
page readonly
|
||
|
253C000
|
stack
|
page read and write
|
||
|
2920000
|
heap
|
page read and write
|
||
|
424E000
|
stack
|
page read and write
|
||
|
29AE000
|
stack
|
page read and write
|
||
|
6D086000
|
unkown
|
page readonly
|
||
|
2A6A000
|
heap
|
page read and write
|
||
|
6D050000
|
unkown
|
page readonly
|
||
|
2C6F000
|
stack
|
page read and write
|
||
|
6D096000
|
unkown
|
page readonly
|
||
|
427F000
|
stack
|
page read and write
|
||
|
6CDC0000
|
unkown
|
page readonly
|
||
|
CA0000
|
heap
|
page read and write
|
||
|
25C0000
|
heap
|
page read and write
|
||
|
B3E000
|
stack
|
page read and write
|
||
|
4640000
|
heap
|
page read and write
|
||
|
2B60000
|
heap
|
page read and write
|
||
|
880000
|
heap
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
5DC000
|
stack
|
page read and write
|
||
|
2A3E000
|
stack
|
page read and write
|
||
|
6CDC1000
|
unkown
|
page execute read
|
||
|
25F0000
|
heap
|
page read and write
|
||
|
CCB000
|
heap
|
page read and write
|
||
|
25A0000
|
heap
|
page read and write
|
||
|
6CE03000
|
unkown
|
page read and write
|
||
|
CAB000
|
heap
|
page read and write
|
||
|
29FF000
|
stack
|
page read and write
|
||
|
C3E000
|
stack
|
page read and write
|
||
|
24FB000
|
stack
|
page read and write
|
||
|
4320000
|
heap
|
page read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
2570000
|
heap
|
page read and write
|
||
|
284E000
|
stack
|
page read and write
|
||
|
250C000
|
stack
|
page read and write
|
||
|
6CE03000
|
unkown
|
page read and write
|
||
|
CBD000
|
heap
|
page read and write
|
||
|
9AE000
|
stack
|
page read and write
|
||
|
6CE06000
|
unkown
|
page readonly
|
||
|
25B0000
|
heap
|
page read and write
|
||
|
850000
|
heap
|
page read and write
|
||
|
4470000
|
heap
|
page read and write
|
||
|
42AF000
|
stack
|
page read and write
|
||
|
6CDF6000
|
unkown
|
page readonly
|
||
|
28DA000
|
heap
|
page read and write
|
||
|
2930000
|
heap
|
page read and write
|
||
|
29B0000
|
heap
|
page read and write
|
||
|
41BE000
|
stack
|
page read and write
|
||
|
289A000
|
heap
|
page read and write
|
||
|
41FF000
|
stack
|
page read and write
|
||
|
4DC000
|
stack
|
page read and write
|
||
|
26A0000
|
heap
|
page read and write
|
There are 61 hidden memdumps, click here to show them.