Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\oj5IqW8pvv.dll"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\oj5IqW8pvv.dll",#1
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\oj5IqW8pvv.dll",#1
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
21E810D3000
|
heap
|
page read and write
|
||
|
21E81040000
|
heap
|
page read and write
|
||
|
21E810B0000
|
heap
|
page read and write
|
||
|
21E810CA000
|
heap
|
page read and write
|
||
|
21E810D3000
|
heap
|
page read and write
|
||
|
21E812C0000
|
heap
|
page read and write
|
||
|
1599F35D000
|
heap
|
page read and write
|
||
|
21E810D0000
|
heap
|
page read and write
|
||
|
21E810EC000
|
heap
|
page read and write
|
||
|
1599F359000
|
heap
|
page read and write
|
||
|
712EAFF000
|
stack
|
page read and write
|
||
|
1599F270000
|
heap
|
page read and write
|
||
|
1599F190000
|
heap
|
page read and write
|
||
|
15A7AFC000
|
stack
|
page read and write
|
||
|
21E812E0000
|
heap
|
page read and write
|
||
|
21E812E3000
|
heap
|
page read and write
|
||
|
21E81300000
|
heap
|
page read and write
|
||
|
712EA7A000
|
stack
|
page read and write
|
||
|
21E81050000
|
heap
|
page read and write
|
||
|
21E810D4000
|
heap
|
page read and write
|
||
|
21E81070000
|
heap
|
page read and write
|
||
|
21E810B8000
|
heap
|
page read and write
|
||
|
21E81305000
|
heap
|
page read and write
|
||
|
1599F350000
|
heap
|
page read and write
|
There are 14 hidden memdumps, click here to show them.