Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\app.js"
|
Registry
Path
|
Value
|
Malicious
|
|
---|---|---|---|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Script\Settings\Telemetry\wscript.exe
|
JScriptSetScriptStateStarted
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
1BF3462C000
|
heap
|
page read and write
|
||
1BF328A1000
|
heap
|
page read and write
|
||
1BF328FC000
|
heap
|
page read and write
|
||
1BF328EC000
|
heap
|
page read and write
|
||
1BF3462C000
|
heap
|
page read and write
|
||
B1315FF000
|
stack
|
page read and write
|
||
7FFB0C460000
|
unkown
|
page readonly
|
||
B1313FE000
|
stack
|
page read and write
|
||
B1312FE000
|
stack
|
page read and write
|
||
1BF328A5000
|
heap
|
page read and write
|
||
1BF328B3000
|
heap
|
page read and write
|
||
1BF328C0000
|
heap
|
page read and write
|
||
1BF3463B000
|
heap
|
page read and write
|
||
1BF34636000
|
heap
|
page read and write
|
||
1BF328EC000
|
heap
|
page read and write
|
||
1BF3290F000
|
heap
|
page read and write
|
||
1BF3462C000
|
heap
|
page read and write
|
||
1BF328C4000
|
heap
|
page read and write
|
||
1BF328A1000
|
heap
|
page read and write
|
||
1BF328F0000
|
heap
|
page read and write
|
||
1BF328FF000
|
heap
|
page read and write
|
||
1BF32860000
|
heap
|
page read and write
|
||
1BF3285D000
|
heap
|
page read and write
|
||
1BF34636000
|
heap
|
page read and write
|
||
1BF328C2000
|
heap
|
page read and write
|
||
1BF328F5000
|
heap
|
page read and write
|
||
1BF3462C000
|
heap
|
page read and write
|
||
1BF328FB000
|
heap
|
page read and write
|
||
1BF35F30000
|
heap
|
page read and write
|
||
1BF328BA000
|
heap
|
page read and write
|
||
1BF342D0000
|
heap
|
page read and write
|
||
1BF328D7000
|
heap
|
page read and write
|
||
1BF328B0000
|
heap
|
page read and write
|
||
B1319FD000
|
stack
|
page read and write
|
||
1BF3285E000
|
heap
|
page read and write
|
||
1BF328C4000
|
heap
|
page read and write
|
||
1BF328B9000
|
heap
|
page read and write
|
||
B1317FF000
|
stack
|
page read and write
|
||
1BF3463B000
|
heap
|
page read and write
|
||
1BF328BB000
|
heap
|
page read and write
|
||
1BF328B9000
|
heap
|
page read and write
|
||
1BF34636000
|
heap
|
page read and write
|
||
1BF328C7000
|
heap
|
page read and write
|
||
1BF3287D000
|
heap
|
page read and write
|
||
1BF328E9000
|
heap
|
page read and write
|
||
1BF328D6000
|
heap
|
page read and write
|
||
B130FE9000
|
stack
|
page read and write
|
||
1BF328C3000
|
heap
|
page read and write
|
||
1BF3285C000
|
heap
|
page read and write
|
||
7FFB0C480000
|
unkown
|
page read and write
|
||
1BF3288B000
|
heap
|
page read and write
|
||
1BF3288A000
|
heap
|
page read and write
|
||
1BF328CB000
|
heap
|
page read and write
|
||
1BF328EC000
|
heap
|
page read and write
|
||
1BF328C2000
|
heap
|
page read and write
|
||
1BF328C0000
|
heap
|
page read and write
|
||
1BF32960000
|
heap
|
page read and write
|
||
1BF34639000
|
heap
|
page read and write
|
||
1BF34636000
|
heap
|
page read and write
|
||
7FFB0C476000
|
unkown
|
page readonly
|
||
1BF32980000
|
heap
|
page read and write
|
||
B1318FE000
|
stack
|
page read and write
|
||
1BF328CE000
|
heap
|
page read and write
|
||
1BF328A1000
|
heap
|
page read and write
|
||
1BF328D4000
|
heap
|
page read and write
|
||
1BF342D4000
|
heap
|
page read and write
|
||
1BF328CE000
|
heap
|
page read and write
|
||
7FFB0C482000
|
unkown
|
page readonly
|
||
1BF328CE000
|
heap
|
page read and write
|
||
1BF32850000
|
heap
|
page read and write
|
||
1BF328D9000
|
heap
|
page read and write
|
||
1BF328F1000
|
heap
|
page read and write
|
||
1BF3463A000
|
heap
|
page read and write
|
||
B1316FF000
|
stack
|
page read and write
|
||
1BF328F5000
|
heap
|
page read and write
|
||
1BF328A3000
|
heap
|
page read and write
|
||
1BF328BF000
|
heap
|
page read and write
|
||
1BF328C2000
|
heap
|
page read and write
|
||
1BF32855000
|
heap
|
page read and write
|
||
7FFB0C485000
|
unkown
|
page readonly
|
||
1BF328B9000
|
heap
|
page read and write
|
||
1BF34627000
|
heap
|
page read and write
|
||
1BF328EC000
|
heap
|
page read and write
|
||
1BF328CE000
|
heap
|
page read and write
|
||
1BF34620000
|
heap
|
page read and write
|
||
1BF328C6000
|
heap
|
page read and write
|
||
1BF3463B000
|
heap
|
page read and write
|
||
1BF32770000
|
heap
|
page read and write
|
||
1BF32882000
|
heap
|
page read and write
|
||
1BF32882000
|
heap
|
page read and write
|
||
1BF36050000
|
trusted library allocation
|
page read and write
|
||
7FFB0C461000
|
unkown
|
page execute read
|
There are 82 hidden memdumps, click here to show them.