Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\YmAxTGvrQk.dll"
|
 |
|
|
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\YmAxTGvrQk.dll
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\YmAxTGvrQk.dll",#1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\YmAxTGvrQk.dll,DllRegisterServer
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\YmAxTGvrQk.dll",#1
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1A3CA651000
|
direct allocation
|
page execute and read and write
|
|
|
|
7FFE13246000
|
unkown
|
page read and write
|
|
|
|
7FFE13246000
|
unkown
|
page read and write
|
|
|
|
26C1000
|
direct allocation
|
page execute and read and write
|
|
|
|
21509031000
|
direct allocation
|
page execute and read and write
|
|
|
|
7FFE13246000
|
unkown
|
page read and write
|
|
|
|
7FFE13246000
|
unkown
|
page read and write
|
|
|
|
1F3AEBA1000
|
direct allocation
|
page execute and read and write
|
|
|
|
1A3CA6D9000
|
heap
|
page read and write
|
||
|
1A3CA4C0000
|
heap
|
page read and write
|
||
|
1A3CA6C8000
|
heap
|
page read and write
|
||
|
1A3CA6ED000
|
heap
|
page read and write
|
||
|
7FFE13240000
|
unkown
|
page readonly
|
||
|
21507603000
|
heap
|
page read and write
|
||
|
D51000
|
heap
|
page read and write
|
||
|
1A3CA6D5000
|
heap
|
page read and write
|
||
|
7FFE13245000
|
unkown
|
page readonly
|
||
|
7FFE13245000
|
unkown
|
page readonly
|
||
|
96B000
|
stack
|
page read and write
|
||
|
1F3AEC28000
|
heap
|
page read and write
|
||
|
D46000
|
heap
|
page read and write
|
||
|
FAC000
|
heap
|
page read and write
|
||
|
1F3AEC3D000
|
heap
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
7FFE13265000
|
unkown
|
page readonly
|
||
|
2CEF000
|
stack
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
1F3AEBE0000
|
heap
|
page read and write
|
||
|
D75000
|
heap
|
page read and write
|
||
|
1F3AEC59000
|
heap
|
page read and write
|
||
|
D27000
|
heap
|
page read and write
|
||
|
1F3B0770000
|
heap
|
page read and write
|
||
|
D6F000
|
heap
|
page read and write
|
||
|
D53000
|
heap
|
page read and write
|
||
|
215076F0000
|
heap
|
page read and write
|
||
|
2150762F000
|
heap
|
page read and write
|
||
|
1F3AEC4A000
|
heap
|
page read and write
|
||
|
B2AF4FF000
|
stack
|
page read and write
|
||
|
215075F0000
|
heap
|
page read and write
|
||
|
7FFE13241000
|
unkown
|
page execute read
|
||
|
1F3B077B000
|
heap
|
page read and write
|
||
|
5C50000
|
heap
|
page read and write
|
||
|
1F3B1EE0000
|
trusted library allocation
|
page read and write
|
||
|
D4D000
|
heap
|
page read and write
|
||
|
D75000
|
heap
|
page read and write
|
||
|
B2AF3FF000
|
stack
|
page read and write
|
||
|
7FFE13245000
|
unkown
|
page readonly
|
||
|
D51000
|
heap
|
page read and write
|
||
|
CACAF7B000
|
stack
|
page read and write
|
||
|
1F3AEC38000
|
heap
|
page read and write
|
||
|
215075F8000
|
heap
|
page read and write
|
||
|
1F3B06D0000
|
heap
|
page read and write
|
||
|
CACABFC000
|
stack
|
page read and write
|
||
|
21507627000
|
heap
|
page read and write
|
||
|
21507710000
|
heap
|
page read and write
|
||
|
26BE000
|
stack
|
page read and write
|
||
|
1F3B0775000
|
heap
|
page read and write
|
||
|
1F3AEC55000
|
heap
|
page read and write
|
||
|
1A3CA905000
|
heap
|
page read and write
|
||
|
7FFE13240000
|
unkown
|
page readonly
|
||
|
D57000
|
heap
|
page read and write
|
||
|
1A3CA6D9000
|
heap
|
page read and write
|
||
|
7FFE13241000
|
unkown
|
page execute read
|
||
|
2150762D000
|
heap
|
page read and write
|
||
|
21509094000
|
heap
|
page read and write
|
||
|
263E000
|
stack
|
page read and write
|
||
|
CACAE7E000
|
stack
|
page read and write
|
||
|
D55000
|
heap
|
page read and write
|
||
|
27C0000
|
heap
|
page read and write
|
||
|
21507750000
|
heap
|
page read and write
|
||
|
7FFE13241000
|
unkown
|
page execute read
|
||
|
21507615000
|
heap
|
page read and write
|
||
|
B2AF2FC000
|
stack
|
page read and write
|
||
|
21507627000
|
heap
|
page read and write
|
||
|
1F3AEC10000
|
heap
|
page read and write
|
||
|
1A3CA890000
|
heap
|
page read and write
|
||
|
1F3AEC41000
|
heap
|
page read and write
|
||
|
1A3CA6DA000
|
heap
|
page read and write
|
||
|
2150763D000
|
heap
|
page read and write
|
||
|
1F3B26E0000
|
heap
|
page read and write
|
||
|
7FFE13241000
|
unkown
|
page execute read
|
||
|
1A3CA5A0000
|
heap
|
page read and write
|
||
|
21507755000
|
heap
|
page read and write
|
||
|
D46000
|
heap
|
page read and write
|
||
|
D19000
|
heap
|
page read and write
|
||
|
FA5000
|
heap
|
page read and write
|
||
|
B2AF6FE000
|
stack
|
page read and write
|
||
|
21507500000
|
heap
|
page read and write
|
||
|
1A3CA6D0000
|
heap
|
page read and write
|
||
|
D53000
|
heap
|
page read and write
|
||
|
1A3CA5C0000
|
heap
|
page read and write
|
||
|
2833000
|
heap
|
page read and write
|
||
|
D54000
|
heap
|
page read and write
|
||
|
1F3AEB70000
|
heap
|
page read and write
|
||
|
7FFE13265000
|
unkown
|
page readonly
|
||
|
1A3CC230000
|
heap
|
page read and write
|
||
|
1A3CA6CC000
|
heap
|
page read and write
|
||
|
44A0D6F000
|
stack
|
page read and write
|
||
|
1F3AEC1D000
|
heap
|
page read and write
|
||
|
1F3AEC4A000
|
heap
|
page read and write
|
||
|
7FFE13245000
|
unkown
|
page readonly
|
||
|
1F3AEC6E000
|
heap
|
page read and write
|
||
|
1F3AEC52000
|
heap
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
7FFE13240000
|
unkown
|
page readonly
|
||
|
D6D000
|
heap
|
page read and write
|
||
|
1A3CA6D6000
|
heap
|
page read and write
|
||
|
2150761E000
|
heap
|
page read and write
|
||
|
44A0DEE000
|
stack
|
page read and write
|
||
|
2150764B000
|
heap
|
page read and write
|
||
|
1A3CA6A8000
|
heap
|
page read and write
|
||
|
21507643000
|
heap
|
page read and write
|
||
|
CACAEFE000
|
stack
|
page read and write
|
||
|
2830000
|
heap
|
page read and write
|
||
|
44A0CEC000
|
stack
|
page read and write
|
||
|
5450000
|
trusted library allocation
|
page read and write
|
||
|
1A3CA6D5000
|
heap
|
page read and write
|
||
|
1A3CA6A0000
|
heap
|
page read and write
|
||
|
1A3CA6D5000
|
heap
|
page read and write
|
||
|
1A3CA6D2000
|
heap
|
page read and write
|
||
|
2150762D000
|
heap
|
page read and write
|
||
|
1F3AEC67000
|
heap
|
page read and write
|
||
|
21509090000
|
heap
|
page read and write
|
||
|
D58000
|
heap
|
page read and write
|
||
|
1A3CC234000
|
heap
|
page read and write
|
||
|
2150761E000
|
heap
|
page read and write
|
||
|
1F3AEC41000
|
heap
|
page read and write
|
||
|
7FFE13240000
|
unkown
|
page readonly
|
||
|
1F3B06D3000
|
heap
|
page read and write
|
||
|
1F3AEB60000
|
heap
|
page read and write
|
||
|
1F3AEC4A000
|
heap
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
D1B000
|
heap
|
page read and write
|
||
|
CD0000
|
heap
|
page read and write
|
||
|
21509060000
|
heap
|
page read and write
|
||
|
1F3B0690000
|
heap
|
page read and write
|
||
|
44A107B000
|
stack
|
page read and write
|
||
|
7FFE13265000
|
unkown
|
page readonly
|
||
|
1A3CA900000
|
heap
|
page read and write
|
||
|
7FFE13265000
|
unkown
|
page readonly
|
There are 130 hidden memdumps, click here to show them.