Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\_psutil_windows.cp311-win_amd64.dll"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\_psutil_windows.cp311-win_amd64.dll",#1
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\_psutil_windows.cp311-win_amd64.dll,PyInit__psutil_windows
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\_psutil_windows.cp311-win_amd64.dll",#1
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1958D983000
|
heap
|
page read and write
|
||
|
1958A7C0000
|
heap
|
page read and write
|
||
|
15B418F0000
|
heap
|
page read and write
|
||
|
254B5B90000
|
heap
|
page read and write
|
||
|
1958A6A8000
|
heap
|
page read and write
|
||
|
15B418DB000
|
heap
|
page read and write
|
||
|
1958A790000
|
heap
|
page read and write
|
||
|
15B418E4000
|
heap
|
page read and write
|
||
|
1958A6C5000
|
heap
|
page read and write
|
||
|
1958A670000
|
heap
|
page read and write
|
||
|
3B34B0A000
|
stack
|
page read and write
|
||
|
254B5C59000
|
heap
|
page read and write
|
||
|
15B418E5000
|
heap
|
page read and write
|
||
|
15B418A0000
|
heap
|
page read and write
|
||
|
3B34EFF000
|
stack
|
page read and write
|
||
|
1958A6AB000
|
heap
|
page read and write
|
||
|
1958C360000
|
heap
|
page read and write
|
||
|
15B41A95000
|
heap
|
page read and write
|
||
|
15B41A9B000
|
heap
|
page read and write
|
||
|
1958A6B4000
|
heap
|
page read and write
|
||
|
1958DCD0000
|
trusted library allocation
|
page read and write
|
||
|
7BD2BEA000
|
stack
|
page read and write
|
||
|
15B418DB000
|
heap
|
page read and write
|
||
|
254B5C50000
|
heap
|
page read and write
|
||
|
9449EFC000
|
stack
|
page read and write
|
||
|
254B5C5D000
|
heap
|
page read and write
|
||
|
15B418E4000
|
heap
|
page read and write
|
||
|
15B44C50000
|
heap
|
page read and write
|
||
|
15B44C53000
|
heap
|
page read and write
|
||
|
15B4190C000
|
heap
|
page read and write
|
||
|
3B34E7D000
|
stack
|
page read and write
|
||
|
3B34B8E000
|
stack
|
page read and write
|
||
|
9449FFF000
|
stack
|
page read and write
|
||
|
1958A7CB000
|
heap
|
page read and write
|
||
|
1958A6AF000
|
heap
|
page read and write
|
||
|
15B450A0000
|
trusted library allocation
|
page read and write
|
||
|
1958A6C0000
|
heap
|
page read and write
|
||
|
1958A6B4000
|
heap
|
page read and write
|
||
|
1958A6B5000
|
heap
|
page read and write
|
||
|
254B5AB0000
|
heap
|
page read and write
|
||
|
1958A698000
|
heap
|
page read and write
|
||
|
1958A590000
|
heap
|
page read and write
|
||
|
1958C1F0000
|
heap
|
page read and write
|
||
|
15B418F6000
|
heap
|
page read and write
|
||
|
15B418C8000
|
heap
|
page read and write
|
||
|
254B5C68000
|
heap
|
page read and write
|
||
|
15B418C0000
|
heap
|
page read and write
|
||
|
15B418E4000
|
heap
|
page read and write
|
||
|
7BD2EFD000
|
stack
|
page read and write
|
||
|
1958A69E000
|
heap
|
page read and write
|
||
|
7BD2E7F000
|
stack
|
page read and write
|
||
|
15B418DF000
|
heap
|
page read and write
|
||
|
1958D980000
|
heap
|
page read and write
|
||
|
1958A6B4000
|
heap
|
page read and write
|
||
|
15B41880000
|
heap
|
page read and write
|
||
|
15B418D8000
|
heap
|
page read and write
|
||
|
944A0FE000
|
stack
|
page read and write
|
||
|
944A1FF000
|
stack
|
page read and write
|
||
|
15B417A0000
|
heap
|
page read and write
|
||
|
1958A6AB000
|
heap
|
page read and write
|
||
|
1958A7C5000
|
heap
|
page read and write
|
||
|
1958A6DC000
|
heap
|
page read and write
|
||
|
15B43380000
|
heap
|
page read and write
|
||
|
1958A690000
|
heap
|
page read and write
|
||
|
15B41A20000
|
heap
|
page read and write
|
||
|
15B41A90000
|
heap
|
page read and write
|
||
|
15B418E1000
|
heap
|
page read and write
|
||
|
15B418E4000
|
heap
|
page read and write
|
There are 58 hidden memdumps, click here to show them.