Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\notepad.exe
|
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\user\Desktop\test.ini
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1C393AB8000
|
heap
|
page read and write
|
||
|
1C393A6C000
|
heap
|
page read and write
|
||
|
1C397130000
|
trusted library allocation
|
page read and write
|
||
|
1C393ABB000
|
heap
|
page read and write
|
||
|
1C393ABB000
|
heap
|
page read and write
|
||
|
1C393A7D000
|
heap
|
page read and write
|
||
|
1C393AB8000
|
heap
|
page read and write
|
||
|
1C393A88000
|
heap
|
page read and write
|
||
|
1C395D80000
|
heap
|
page read and write
|
||
|
1C393AB1000
|
heap
|
page read and write
|
||
|
1C393ABE000
|
heap
|
page read and write
|
||
|
1C393AAE000
|
heap
|
page read and write
|
||
|
1C393AAE000
|
heap
|
page read and write
|
||
|
9C905FE000
|
stack
|
page read and write
|
||
|
1C393AB8000
|
heap
|
page read and write
|
||
|
1C393AB1000
|
heap
|
page read and write
|
||
|
1C393AC2000
|
heap
|
page read and write
|
||
|
1C3953C0000
|
heap
|
page read and write
|
||
|
1C393A62000
|
heap
|
page read and write
|
||
|
1C393AAE000
|
heap
|
page read and write
|
||
|
1C393AB1000
|
heap
|
page read and write
|
||
|
9C906FE000
|
stack
|
page read and write
|
||
|
1C393AAE000
|
heap
|
page read and write
|
||
|
1C393A38000
|
heap
|
page read and write
|
||
|
1C393AC2000
|
heap
|
page read and write
|
||
|
1C393AC2000
|
heap
|
page read and write
|
||
|
1C393AB1000
|
heap
|
page read and write
|
||
|
1C393A68000
|
heap
|
page read and write
|
||
|
1C393AB8000
|
heap
|
page read and write
|
||
|
1C393AB8000
|
heap
|
page read and write
|
||
|
1C393A6B000
|
heap
|
page read and write
|
||
|
1C393AC2000
|
heap
|
page read and write
|
||
|
1C393AC2000
|
heap
|
page read and write
|
||
|
1C3955C0000
|
heap
|
page read and write
|
||
|
1C393AAC000
|
heap
|
page read and write
|
||
|
1C393AB8000
|
heap
|
page read and write
|
||
|
1C393AB1000
|
heap
|
page read and write
|
||
|
1C393AB1000
|
heap
|
page read and write
|
||
|
1C393AB8000
|
heap
|
page read and write
|
||
|
1C39548C000
|
heap
|
page read and write
|
||
|
1C393AAC000
|
heap
|
page read and write
|
||
|
1C393AAE000
|
heap
|
page read and write
|
||
|
1C393AC2000
|
heap
|
page read and write
|
||
|
1C393A00000
|
heap
|
page read and write
|
||
|
1C393A6B000
|
heap
|
page read and write
|
||
|
1C393AB1000
|
heap
|
page read and write
|
||
|
1C393AB8000
|
heap
|
page read and write
|
||
|
1C393A10000
|
heap
|
page read and write
|
||
|
1C393A30000
|
heap
|
page read and write
|
||
|
1C395480000
|
heap
|
page read and write
|
||
|
1C393AC2000
|
heap
|
page read and write
|
||
|
1C393AB8000
|
heap
|
page read and write
|
||
|
1C395680000
|
heap
|
page read and write
|
||
|
1C393AB1000
|
heap
|
page read and write
|
||
|
1C393AB8000
|
heap
|
page read and write
|
||
|
1C393AB1000
|
heap
|
page read and write
|
||
|
1C393AAE000
|
heap
|
page read and write
|
||
|
1C393A40000
|
heap
|
page read and write
|
||
|
1C395683000
|
heap
|
page read and write
|
||
|
1C393ABB000
|
heap
|
page read and write
|
||
|
1C395485000
|
heap
|
page read and write
|
||
|
9C90479000
|
stack
|
page read and write
|
||
|
1C393AAE000
|
heap
|
page read and write
|
||
|
1C393AC2000
|
heap
|
page read and write
|
||
|
1C3954B0000
|
trusted library allocation
|
page read and write
|
||
|
1C393AAE000
|
heap
|
page read and write
|
||
|
1C393AB8000
|
heap
|
page read and write
|
||
|
1C393ABE000
|
heap
|
page read and write
|
There are 58 hidden memdumps, click here to show them.