Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\yjF33u9fqZ.dll"
|
 |
|
|
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\yjF33u9fqZ.dll
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\yjF33u9fqZ.dll,DllRegisterServer
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\yjF33u9fqZ.dll",#1
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\yjF33u9fqZ.dll",#1
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
186B59A1000
|
direct allocation
|
page execute and read and write
|
|
|
|
2AB0BF31000
|
direct allocation
|
page execute and read and write
|
|
|
|
7FFBC31D7000
|
unkown
|
page read and write
|
|
|
|
2711000
|
direct allocation
|
page execute and read and write
|
|
|
|
7FFBC31D7000
|
unkown
|
page read and write
|
|
|
|
7FFBC31D7000
|
unkown
|
page read and write
|
|
|
|
23BEAF21000
|
direct allocation
|
page execute and read and write
|
|
|
|
7FFBC31D7000
|
unkown
|
page read and write
|
|
|
|
27DF000
|
stack
|
page read and write
|
||
|
2AB0A400000
|
heap
|
page read and write
|
||
|
D31E2FF000
|
stack
|
page read and write
|
||
|
2AB0A4D5000
|
heap
|
page read and write
|
||
|
82296FE000
|
stack
|
page read and write
|
||
|
EA6000
|
heap
|
page read and write
|
||
|
7FFBC31D1000
|
unkown
|
page execute read
|
||
|
7FFBC31F6000
|
unkown
|
page readonly
|
||
|
23BEC990000
|
heap
|
page read and write
|
||
|
186B5889000
|
heap
|
page read and write
|
||
|
186B5710000
|
heap
|
page read and write
|
||
|
2AB0A3E0000
|
heap
|
page read and write
|
||
|
B99A28C000
|
stack
|
page read and write
|
||
|
186B5850000
|
heap
|
page read and write
|
||
|
D31E3FB000
|
stack
|
page read and write
|
||
|
2AB0A4CC000
|
heap
|
page read and write
|
||
|
2AB0A4A8000
|
heap
|
page read and write
|
||
|
23BEB027000
|
heap
|
page read and write
|
||
|
E79000
|
heap
|
page read and write
|
||
|
EB3000
|
heap
|
page read and write
|
||
|
23BEB047000
|
heap
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
186B5878000
|
heap
|
page read and write
|
||
|
186B5886000
|
heap
|
page read and write
|
||
|
7FFBC31D6000
|
unkown
|
page readonly
|
||
|
186B5858000
|
heap
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
2AB0A4A0000
|
heap
|
page read and write
|
||
|
186B5889000
|
heap
|
page read and write
|
||
|
186B5885000
|
heap
|
page read and write
|
||
|
7FFBC31D0000
|
unkown
|
page readonly
|
||
|
E87000
|
heap
|
page read and write
|
||
|
2AB0A4D5000
|
heap
|
page read and write
|
||
|
23BEB009000
|
heap
|
page read and write
|
||
|
7FFBC31D6000
|
unkown
|
page readonly
|
||
|
E4E000
|
stack
|
page read and write
|
||
|
2AB0A785000
|
heap
|
page read and write
|
||
|
186B5810000
|
heap
|
page read and write
|
||
|
23BEB022000
|
heap
|
page read and write
|
||
|
23BEB02B000
|
heap
|
page read and write
|
||
|
23BEAE10000
|
heap
|
page read and write
|
||
|
ED5000
|
heap
|
page read and write
|
||
|
D31E4FF000
|
stack
|
page read and write
|
||
|
822967C000
|
stack
|
page read and write
|
||
|
23BEAFF9000
|
heap
|
page read and write
|
||
|
186B5A30000
|
heap
|
page read and write
|
||
|
2AB0A490000
|
heap
|
page read and write
|
||
|
B99A67B000
|
stack
|
page read and write
|
||
|
7FFBC31D0000
|
unkown
|
page readonly
|
||
|
23BEC9D0000
|
heap
|
page read and write
|
||
|
7FFBC31F6000
|
unkown
|
page readonly
|
||
|
7FFBC31D0000
|
unkown
|
page readonly
|
||
|
D60000
|
heap
|
page read and write
|
||
|
2AB0A4D6000
|
heap
|
page read and write
|
||
|
7FFBC31D6000
|
unkown
|
page readonly
|
||
|
23BEAF60000
|
heap
|
page read and write
|
||
|
EA6000
|
heap
|
page read and write
|
||
|
186B5885000
|
heap
|
page read and write
|
||
|
23BEB033000
|
heap
|
page read and write
|
||
|
EC1000
|
heap
|
page read and write
|
||
|
EB1000
|
heap
|
page read and write
|
||
|
7FFBC31D1000
|
unkown
|
page execute read
|
||
|
B99A38F000
|
stack
|
page read and write
|
||
|
186B59E0000
|
heap
|
page read and write
|
||
|
2AB0A3D0000
|
heap
|
page read and write
|
||
|
7FFBC31D1000
|
unkown
|
page execute read
|
||
|
2AB0A4EC000
|
heap
|
page read and write
|
||
|
2750000
|
heap
|
page read and write
|
||
|
ED5000
|
heap
|
page read and write
|
||
|
23BEB04F000
|
heap
|
page read and write
|
||
|
23BEB019000
|
heap
|
page read and write
|
||
|
7FFBC31D1000
|
unkown
|
page execute read
|
||
|
822977E000
|
stack
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
2AB0A780000
|
heap
|
page read and write
|
||
|
7FFBC31F6000
|
unkown
|
page readonly
|
||
|
C7B000
|
stack
|
page read and write
|
||
|
23BEAFF0000
|
heap
|
page read and write
|
||
|
186B588A000
|
heap
|
page read and write
|
||
|
82297FB000
|
stack
|
page read and write
|
||
|
285B000
|
stack
|
page read and write
|
||
|
2AB0A494000
|
heap
|
page read and write
|
||
|
7FFBC31D0000
|
unkown
|
page readonly
|
||
|
186B587C000
|
heap
|
page read and write
|
||
|
186B57F0000
|
heap
|
page read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
ECD000
|
heap
|
page read and write
|
||
|
EAD000
|
heap
|
page read and write
|
||
|
186B5A85000
|
heap
|
page read and write
|
||
|
2AB0A4C3000
|
heap
|
page read and write
|
||
|
E7B000
|
heap
|
page read and write
|
||
|
23BEAFB0000
|
heap
|
page read and write
|
||
|
23BEC993000
|
heap
|
page read and write
|
||
|
2AB0A4D5000
|
heap
|
page read and write
|
||
|
186B5A34000
|
heap
|
page read and write
|
||
|
E65000
|
heap
|
page read and write
|
||
|
186B5885000
|
heap
|
page read and write
|
||
|
186B587C000
|
heap
|
page read and write
|
||
|
EB7000
|
heap
|
page read and write
|
||
|
23BEB046000
|
heap
|
page read and write
|
||
|
B99A30F000
|
stack
|
page read and write
|
||
|
D31E1FD000
|
stack
|
page read and write
|
||
|
23BEC9D5000
|
heap
|
page read and write
|
||
|
2753000
|
heap
|
page read and write
|
||
|
7FFBC31D6000
|
unkown
|
page readonly
|
||
|
186B5A80000
|
heap
|
page read and write
|
||
|
2AB0A760000
|
heap
|
page read and write
|
||
|
EB1000
|
heap
|
page read and write
|
||
|
7FFBC31F6000
|
unkown
|
page readonly
|
||
|
23BEAFFD000
|
heap
|
page read and write
|
||
|
2AB0A4D2000
|
heap
|
page read and write
|
||
|
2AB0A4CC000
|
heap
|
page read and write
|
||
|
23BEB031000
|
heap
|
page read and write
|
||
|
186B589C000
|
heap
|
page read and write
|
||
|
D31E0FC000
|
stack
|
page read and write
|
||
|
EB8000
|
heap
|
page read and write
|
||
|
186B5882000
|
heap
|
page read and write
|
||
|
23BEB022000
|
heap
|
page read and write
|
||
|
2CC0000
|
heap
|
page read and write
|
||
|
EB3000
|
heap
|
page read and write
|
||
|
23BEAEF0000
|
heap
|
page read and write
|
There are 119 hidden memdumps, click here to show them.