Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\6MiQsgYpCp.dll"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\6MiQsgYpCp.dll",#1
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\6MiQsgYpCp.dll",#1
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
298493F0000
|
heap
|
page read and write
|
||
|
1C1C94A0000
|
heap
|
page read and write
|
||
|
1C1C6263000
|
heap
|
page read and write
|
||
|
29849410000
|
heap
|
page read and write
|
||
|
1C1C627B000
|
heap
|
page read and write
|
||
|
AB4C19A000
|
stack
|
page read and write
|
||
|
1C1C625A000
|
heap
|
page read and write
|
||
|
1C1C60D0000
|
heap
|
page read and write
|
||
|
1C1C93A3000
|
heap
|
page read and write
|
||
|
1C1C6225000
|
heap
|
page read and write
|
||
|
1C1C93A0000
|
heap
|
page read and write
|
||
|
1C1C61B0000
|
heap
|
page read and write
|
||
|
AB4C47E000
|
stack
|
page read and write
|
||
|
1C1C6220000
|
heap
|
page read and write
|
||
|
1C1C6248000
|
heap
|
page read and write
|
||
|
29849419000
|
heap
|
page read and write
|
||
|
2984941D000
|
heap
|
page read and write
|
||
|
1C1C61D0000
|
heap
|
page read and write
|
||
|
1C1C6264000
|
heap
|
page read and write
|
||
|
1C1C6240000
|
heap
|
page read and write
|
||
|
29849310000
|
heap
|
page read and write
|
||
|
9E1716C000
|
stack
|
page read and write
|
There are 12 hidden memdumps, click here to show them.