Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\RtJvzroKSq.dll"
|
 |
|
|
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\RtJvzroKSq.dll
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\RtJvzroKSq.dll",#1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\RtJvzroKSq.dll,DllRegisterServer
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\RtJvzroKSq.dll",#1
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7FFBBCA06000
|
unkown
|
page read and write
|
|
|
|
7FFBBCA06000
|
unkown
|
page read and write
|
|
|
|
2093FD11000
|
direct allocation
|
page execute and read and write
|
|
|
|
260C5271000
|
direct allocation
|
page execute and read and write
|
|
|
|
7FFBBCA06000
|
unkown
|
page read and write
|
|
|
|
591000
|
direct allocation
|
page execute and read and write
|
|
|
|
7FFBBCA06000
|
unkown
|
page read and write
|
|
|
|
2B6D1451000
|
direct allocation
|
page execute and read and write
|
|
|
|
260C3750000
|
heap
|
page read and write
|
||
|
7FFBBCA00000
|
unkown
|
page readonly
|
||
|
830000
|
heap
|
page read and write
|
||
|
7FFBBCA05000
|
unkown
|
page readonly
|
||
|
20941795000
|
heap
|
page read and write
|
||
|
2B6D12B2000
|
heap
|
page read and write
|
||
|
260C37A5000
|
heap
|
page read and write
|
||
|
5DB000
|
heap
|
page read and write
|
||
|
7FFBBCA00000
|
unkown
|
page readonly
|
||
|
2083000
|
heap
|
page read and write
|
||
|
2B6D1284000
|
heap
|
page read and write
|
||
|
34EE000
|
stack
|
page read and write
|
||
|
7FFBBCA05000
|
unkown
|
page readonly
|
||
|
260C5260000
|
heap
|
page read and write
|
||
|
260C3720000
|
heap
|
page read and write
|
||
|
7FFBBCA01000
|
unkown
|
page execute read
|
||
|
62D000
|
heap
|
page read and write
|
||
|
2093FDAD000
|
heap
|
page read and write
|
||
|
2080000
|
heap
|
page read and write
|
||
|
209416C0000
|
heap
|
page read and write
|
||
|
260C37A4000
|
heap
|
page read and write
|
||
|
E04B3FB000
|
stack
|
page read and write
|
||
|
5E7000
|
heap
|
page read and write
|
||
|
6091AFD000
|
stack
|
page read and write
|
||
|
83C000
|
heap
|
page read and write
|
||
|
E04B27C000
|
stack
|
page read and write
|
||
|
2B6D10C0000
|
heap
|
page read and write
|
||
|
E04B2FE000
|
stack
|
page read and write
|
||
|
2B6D12AC000
|
heap
|
page read and write
|
||
|
51B0000
|
trusted library allocation
|
page read and write
|
||
|
2093FDFF000
|
heap
|
page read and write
|
||
|
260C37A4000
|
heap
|
page read and write
|
||
|
2B6D1296000
|
heap
|
page read and write
|
||
|
2B6D1495000
|
heap
|
page read and write
|
||
|
2093FDD1000
|
heap
|
page read and write
|
||
|
260C52A0000
|
heap
|
page read and write
|
||
|
356F000
|
stack
|
page read and write
|
||
|
2093FDDA000
|
heap
|
page read and write
|
||
|
2093FDFF000
|
heap
|
page read and write
|
||
|
2093FDD1000
|
heap
|
page read and write
|
||
|
260C5264000
|
heap
|
page read and write
|
||
|
ED436FB000
|
stack
|
page read and write
|
||
|
260C3730000
|
heap
|
page read and write
|
||
|
7FFBBCA25000
|
unkown
|
page readonly
|
||
|
60D000
|
heap
|
page read and write
|
||
|
260C37A1000
|
heap
|
page read and write
|
||
|
2093FC00000
|
heap
|
page read and write
|
||
|
2093FDF7000
|
heap
|
page read and write
|
||
|
4BB000
|
stack
|
page read and write
|
||
|
3370000
|
heap
|
page read and write
|
||
|
7FFBBCA00000
|
unkown
|
page readonly
|
||
|
260C37A4000
|
heap
|
page read and write
|
||
|
260C3B10000
|
heap
|
page read and write
|
||
|
617000
|
heap
|
page read and write
|
||
|
635000
|
heap
|
page read and write
|
||
|
835000
|
heap
|
page read and write
|
||
|
2093FDA9000
|
heap
|
page read and write
|
||
|
2B6D2D70000
|
heap
|
page read and write
|
||
|
613000
|
heap
|
page read and write
|
||
|
2B6D1490000
|
heap
|
page read and write
|
||
|
209416C3000
|
heap
|
page read and write
|
||
|
618000
|
heap
|
page read and write
|
||
|
260C3770000
|
heap
|
page read and write
|
||
|
606000
|
heap
|
page read and write
|
||
|
20941640000
|
heap
|
page read and write
|
||
|
2B6D128D000
|
heap
|
page read and write
|
||
|
260C3797000
|
heap
|
page read and write
|
||
|
7FFBBCA00000
|
unkown
|
page readonly
|
||
|
6091BFE000
|
stack
|
page read and write
|
||
|
611000
|
heap
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
2B6D2C40000
|
heap
|
page read and write
|
||
|
260C379B000
|
heap
|
page read and write
|
||
|
2B6D11C0000
|
heap
|
page read and write
|
||
|
ED4367E000
|
stack
|
page read and write
|
||
|
ED4338E000
|
stack
|
page read and write
|
||
|
609170C000
|
stack
|
page read and write
|
||
|
260C37BA000
|
heap
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
205F000
|
stack
|
page read and write
|
||
|
260C3778000
|
heap
|
page read and write
|
||
|
611000
|
heap
|
page read and write
|
||
|
7FFBBCA05000
|
unkown
|
page readonly
|
||
|
7FFBBCA25000
|
unkown
|
page readonly
|
||
|
615000
|
heap
|
page read and write
|
||
|
3CB0000
|
heap
|
page read and write
|
||
|
2093FDA0000
|
heap
|
page read and write
|
||
|
2B6D1260000
|
heap
|
page read and write
|
||
|
7FFBBCA01000
|
unkown
|
page execute read
|
||
|
20941790000
|
heap
|
page read and write
|
||
|
2093FD50000
|
heap
|
page read and write
|
||
|
2093FDF3000
|
heap
|
page read and write
|
||
|
7FFBBCA01000
|
unkown
|
page execute read
|
||
|
614000
|
heap
|
page read and write
|
||
|
E04B37E000
|
stack
|
page read and write
|
||
|
2093FDC8000
|
heap
|
page read and write
|
||
|
7FFBBCA25000
|
unkown
|
page readonly
|
||
|
260C379B000
|
heap
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
5D9000
|
heap
|
page read and write
|
||
|
2B6D1292000
|
heap
|
page read and write
|
||
|
613000
|
heap
|
page read and write
|
||
|
2B6D1268000
|
heap
|
page read and write
|
||
|
2B6D128D000
|
heap
|
page read and write
|
||
|
ED4330C000
|
stack
|
page read and write
|
||
|
2B6D12BA000
|
heap
|
page read and write
|
||
|
2093FDE2000
|
heap
|
page read and write
|
||
|
2B6D129E000
|
heap
|
page read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
7FFBBCA01000
|
unkown
|
page execute read
|
||
|
81E000
|
stack
|
page read and write
|
||
|
2B6D2D74000
|
heap
|
page read and write
|
||
|
2093FCE0000
|
heap
|
page read and write
|
||
|
7FFBBCA25000
|
unkown
|
page readonly
|
||
|
7FFBBCA05000
|
unkown
|
page readonly
|
||
|
2B6D11A0000
|
heap
|
page read and write
|
||
|
2093FDB8000
|
heap
|
page read and write
|
||
|
635000
|
heap
|
page read and write
|
||
|
2093FDFE000
|
heap
|
page read and write
|
||
|
62F000
|
heap
|
page read and write
|
||
|
260C3B15000
|
heap
|
page read and write
|
||
|
6091CFB000
|
stack
|
page read and write
|
||
|
606000
|
heap
|
page read and write
|
There are 121 hidden memdumps, click here to show them.