Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\ZxndP8S9k7.exe
|
"C:\Users\user\Desktop\ZxndP8S9k7.exe"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
316FF000
|
stack
|
page read and write
|
||
|
1140C000
|
direct allocation
|
page read and write
|
||
|
315FF000
|
stack
|
page read and write
|
||
|
11492000
|
direct allocation
|
page read and write
|
||
|
11494000
|
direct allocation
|
page read and write
|
||
|
AE0000
|
heap
|
page read and write
|
||
|
111DE000
|
stack
|
page read and write
|
||
|
114A0000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1147C000
|
direct allocation
|
page read and write
|
||
|
1147E000
|
direct allocation
|
page read and write
|
||
|
114A6000
|
direct allocation
|
page read and write
|
||
|
1148E000
|
direct allocation
|
page read and write
|
||
|
11460000
|
direct allocation
|
page read and write
|
||
|
FA9000
|
direct allocation
|
page read and write
|
||
|
11404000
|
direct allocation
|
page read and write
|
||
|
A96000
|
unkown
|
page execute and write copy
|
||
|
11431000
|
direct allocation
|
page read and write
|
||
|
F69000
|
direct allocation
|
page read and write
|
||
|
1145E000
|
direct allocation
|
page read and write
|
||
|
1149E000
|
direct allocation
|
page read and write
|
||
|
11400000
|
direct allocation
|
page read and write
|
||
|
11440000
|
direct allocation
|
page read and write
|
||
|
AEE000
|
heap
|
page read and write
|
||
|
114B6000
|
direct allocation
|
page read and write
|
||
|
1149C000
|
direct allocation
|
page read and write
|
||
|
DFF000
|
stack
|
page read and write
|
||
|
11462000
|
direct allocation
|
page read and write
|
||
|
F50000
|
heap
|
page read and write
|
||
|
1144E000
|
direct allocation
|
page read and write
|
||
|
1143C000
|
direct allocation
|
page read and write
|
||
|
AEA000
|
heap
|
page read and write
|
||
|
7DD000
|
unkown
|
page execute and write copy
|
||
|
1146E000
|
direct allocation
|
page read and write
|
||
|
113A0000
|
heap
|
page read and write
|
||
|
11456000
|
direct allocation
|
page read and write
|
||
|
114AC000
|
direct allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
114B8000
|
direct allocation
|
page read and write
|
||
|
112DF000
|
stack
|
page read and write
|
||
|
1145C000
|
direct allocation
|
page read and write
|
||
|
114AE000
|
direct allocation
|
page read and write
|
||
|
11410000
|
direct allocation
|
page read and write
|
||
|
114BC000
|
direct allocation
|
page read and write
|
||
|
1140E000
|
direct allocation
|
page read and write
|
||
|
A80000
|
unkown
|
page execute and read and write
|
||
|
11442000
|
direct allocation
|
page read and write
|
||
|
BE5000
|
heap
|
page read and write
|
||
|
A95000
|
unkown
|
page execute and read and write
|
||
|
314FF000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
11496000
|
direct allocation
|
page read and write
|
||
|
AB0000
|
direct allocation
|
page read and write
|
||
|
1146C000
|
direct allocation
|
page read and write
|
||
|
11498000
|
direct allocation
|
page read and write
|
||
|
A8F000
|
unkown
|
page execute and read and write
|
||
|
11468000
|
direct allocation
|
page read and write
|
||
|
11414000
|
direct allocation
|
page read and write
|
||
|
A97000
|
unkown
|
page write copy
|
||
|
400000
|
unkown
|
page readonly
|
||
|
11426000
|
direct allocation
|
page read and write
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
FA0000
|
direct allocation
|
page read and write
|
||
|
FE0000
|
direct allocation
|
page read and write
|
||
|
1146A000
|
direct allocation
|
page read and write
|
||
|
A97000
|
unkown
|
page read and write
|
||
|
1144B000
|
direct allocation
|
page read and write
|
||
|
11416000
|
direct allocation
|
page read and write
|
||
|
1131E000
|
stack
|
page read and write
|
||
|
11406000
|
direct allocation
|
page read and write
|
||
|
11412000
|
direct allocation
|
page read and write
|
||
|
11408000
|
direct allocation
|
page read and write
|
||
|
114BA000
|
direct allocation
|
page read and write
|
||
|
114A4000
|
direct allocation
|
page read and write
|
||
|
A92000
|
unkown
|
page execute and read and write
|
||
|
11402000
|
direct allocation
|
page read and write
|
||
|
1139E000
|
stack
|
page read and write
|
||
|
11418000
|
direct allocation
|
page read and write
|
||
|
114B2000
|
direct allocation
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
E3E000
|
stack
|
page read and write
|
||
|
1140A000
|
direct allocation
|
page read and write
|
||
|
1141E000
|
direct allocation
|
page read and write
|
||
|
1135E000
|
stack
|
page read and write
|
||
|
11458000
|
direct allocation
|
page read and write
|
||
|
F60000
|
direct allocation
|
page read and write
|
||
|
F71000
|
direct allocation
|
page read and write
|
||
|
1143E000
|
direct allocation
|
page read and write
|
||
|
9D000
|
stack
|
page read and write
|
||
|
F3F000
|
stack
|
page read and write
|
||
|
11474000
|
direct allocation
|
page read and write
|
||
|
11424000
|
direct allocation
|
page read and write
|
||
|
11453000
|
direct allocation
|
page read and write
|
||
|
CFE000
|
stack
|
page read and write
|
There are 85 hidden memdumps, click here to show them.