Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\DK3LmU4Xkl.dll"
|
 |
|
|
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\DK3LmU4Xkl.dll
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\DK3LmU4Xkl.dll",#1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\DK3LmU4Xkl.dll,DllRegisterServer
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\DK3LmU4Xkl.dll",#1
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7FF8B8F77000
|
unkown
|
page read and write
|
|
|
|
1D30FFC1000
|
direct allocation
|
page execute and read and write
|
|
|
|
7FF8B8F77000
|
unkown
|
page read and write
|
|
|
|
7FF8B8F77000
|
unkown
|
page read and write
|
|
|
|
20810AE1000
|
direct allocation
|
page execute and read and write
|
|
|
|
17D3F451000
|
direct allocation
|
page execute and read and write
|
|
|
|
7FF8B8F77000
|
unkown
|
page read and write
|
|
|
|
2311000
|
direct allocation
|
page execute and read and write
|
|
|
|
17D3F495000
|
heap
|
page read and write
|
||
|
8DB000
|
heap
|
page read and write
|
||
|
2080F209000
|
heap
|
page read and write
|
||
|
1D310059000
|
heap
|
page read and write
|
||
|
17D3F296000
|
heap
|
page read and write
|
||
|
17D3F1B0000
|
heap
|
page read and write
|
||
|
906000
|
heap
|
page read and write
|
||
|
2080F206000
|
heap
|
page read and write
|
||
|
17D3F295000
|
heap
|
page read and write
|
||
|
2080F1FB000
|
heap
|
page read and write
|
||
|
2080F1D8000
|
heap
|
page read and write
|
||
|
D0246FB000
|
stack
|
page read and write
|
||
|
20811E80000
|
heap
|
page read and write
|
||
|
17D3F28C000
|
heap
|
page read and write
|
||
|
1D30FF80000
|
heap
|
page read and write
|
||
|
1D30FF90000
|
heap
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
2080F201000
|
heap
|
page read and write
|
||
|
17D3F484000
|
heap
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
17D3F268000
|
heap
|
page read and write
|
||
|
20812B00000
|
heap
|
page read and write
|
||
|
921000
|
heap
|
page read and write
|
||
|
7FF8B8F96000
|
unkown
|
page readonly
|
||
|
2080F210000
|
heap
|
page read and write
|
||
|
2080F315000
|
heap
|
page read and write
|
||
|
17D3F29A000
|
heap
|
page read and write
|
||
|
1D311BA0000
|
heap
|
page read and write
|
||
|
2080F204000
|
heap
|
page read and write
|
||
|
20810B20000
|
heap
|
page read and write
|
||
|
7FF8B8F96000
|
unkown
|
page readonly
|
||
|
17D3F28C000
|
heap
|
page read and write
|
||
|
20810B24000
|
heap
|
page read and write
|
||
|
7FF8B8F76000
|
unkown
|
page readonly
|
||
|
23BB000
|
stack
|
page read and write
|
||
|
2080F1D0000
|
heap
|
page read and write
|
||
|
2080F1F7000
|
heap
|
page read and write
|
||
|
906000
|
heap
|
page read and write
|
||
|
7FF8B8F71000
|
unkown
|
page execute read
|
||
|
1D31005D000
|
heap
|
page read and write
|
||
|
17D3F2AC000
|
heap
|
page read and write
|
||
|
1D3100AF000
|
heap
|
page read and write
|
||
|
8D9000
|
heap
|
page read and write
|
||
|
1D311BA5000
|
heap
|
page read and write
|
||
|
2080F180000
|
heap
|
page read and write
|
||
|
228E000
|
stack
|
page read and write
|
||
|
911000
|
heap
|
page read and write
|
||
|
1D311A43000
|
heap
|
page read and write
|
||
|
D0249FB000
|
stack
|
page read and write
|
||
|
2080F204000
|
heap
|
page read and write
|
||
|
19836FF000
|
stack
|
page read and write
|
||
|
77888FF000
|
stack
|
page read and write
|
||
|
17D3F0D0000
|
heap
|
page read and write
|
||
|
17D3F1D0000
|
heap
|
page read and write
|
||
|
2710000
|
heap
|
page read and write
|
||
|
1D3100A7000
|
heap
|
page read and write
|
||
|
7FF8B8F71000
|
unkown
|
page execute read
|
||
|
7FF8B8F76000
|
unkown
|
page readonly
|
||
|
5AB000
|
stack
|
page read and write
|
||
|
7FF8B8F70000
|
unkown
|
page readonly
|
||
|
7FF8B8F76000
|
unkown
|
page readonly
|
||
|
90D000
|
heap
|
page read and write
|
||
|
1D3100A3000
|
heap
|
page read and write
|
||
|
7FF8B8F96000
|
unkown
|
page readonly
|
||
|
7FF8B8F76000
|
unkown
|
page readonly
|
||
|
1D3119C0000
|
heap
|
page read and write
|
||
|
7FF8B8F71000
|
unkown
|
page execute read
|
||
|
17D3F490000
|
heap
|
page read and write
|
||
|
1D31008A000
|
heap
|
page read and write
|
||
|
17D3F295000
|
heap
|
page read and write
|
||
|
198367E000
|
stack
|
page read and write
|
||
|
17D3F292000
|
heap
|
page read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
1D310050000
|
heap
|
page read and write
|
||
|
1D310081000
|
heap
|
page read and write
|
||
|
2080F205000
|
heap
|
page read and write
|
||
|
7FF8B8F71000
|
unkown
|
page execute read
|
||
|
198377B000
|
stack
|
page read and write
|
||
|
1D311A40000
|
heap
|
page read and write
|
||
|
8E7000
|
heap
|
page read and write
|
||
|
2080F310000
|
heap
|
page read and write
|
||
|
92D000
|
heap
|
page read and write
|
||
|
7FF8B8F70000
|
unkown
|
page readonly
|
||
|
BF5000
|
heap
|
page read and write
|
||
|
778887F000
|
stack
|
page read and write
|
||
|
7FF8B8F70000
|
unkown
|
page readonly
|
||
|
2080F1F7000
|
heap
|
page read and write
|
||
|
919000
|
heap
|
page read and write
|
||
|
1D3100AE000
|
heap
|
page read and write
|
||
|
2080F20C000
|
heap
|
page read and write
|
||
|
2080F208000
|
heap
|
page read and write
|
||
|
935000
|
heap
|
page read and write
|
||
|
2080F204000
|
heap
|
page read and write
|
||
|
17D3F480000
|
heap
|
page read and write
|
||
|
2080F1A0000
|
heap
|
page read and write
|
||
|
17D423A0000
|
heap
|
page read and write
|
||
|
7FF8B8F96000
|
unkown
|
page readonly
|
||
|
7FF8B8F70000
|
unkown
|
page readonly
|
||
|
1D310081000
|
heap
|
page read and write
|
||
|
1D310000000
|
heap
|
page read and write
|
||
|
2080F205000
|
heap
|
page read and write
|
||
|
D0248FE000
|
stack
|
page read and write
|
||
|
17D3F299000
|
heap
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
17D3F260000
|
heap
|
page read and write
|
||
|
2080F208000
|
heap
|
page read and write
|
||
|
D0247FE000
|
stack
|
page read and write
|
||
|
1D310078000
|
heap
|
page read and write
|
||
|
198338C000
|
stack
|
page read and write
|
||
|
1D3100AF000
|
heap
|
page read and write
|
||
|
2080F226000
|
heap
|
page read and write
|
||
|
2080F0A0000
|
heap
|
page read and write
|
||
|
2080F31C000
|
heap
|
page read and write
|
||
|
17D3F288000
|
heap
|
page read and write
|
||
|
230E000
|
stack
|
page read and write
|
||
|
1D310068000
|
heap
|
page read and write
|
||
|
17D3F295000
|
heap
|
page read and write
|
||
|
1D310092000
|
heap
|
page read and write
|
||
|
20812300000
|
trusted library allocation
|
page read and write
|
||
|
77885CC000
|
stack
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
2080F1FB000
|
heap
|
page read and write
|
||
|
BE3000
|
heap
|
page read and write
|
||
|
935000
|
heap
|
page read and write
|
||
|
17D3F299000
|
heap
|
page read and write
|
There are 124 hidden memdumps, click here to show them.