Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\flupdate.exe
|
"C:\Users\user\Desktop\flupdate.exe"
|
 |
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://crl.g
|
unknown
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
4CE000
|
stack
|
page read and write
|
||
|
2400000
|
heap
|
page read and write
|
||
|
2480000
|
heap
|
page read and write
|
||
|
22C0000
|
heap
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
470000
|
unkown
|
page read and write
|
||
|
22C8000
|
heap
|
page read and write
|
||
|
438000
|
unkown
|
page write copy
|
||
|
22C5000
|
heap
|
page read and write
|
||
|
553000
|
heap
|
page read and write
|
||
|
92E000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
52A000
|
heap
|
page read and write
|
||
|
437000
|
unkown
|
page execute and write copy
|
||
|
99000
|
stack
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
7EF000
|
stack
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
438000
|
unkown
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page execute and write copy
|
||
|
419000
|
unkown
|
page execute and read and write
|
||
|
50E000
|
stack
|
page read and write
|
||
|
431000
|
unkown
|
page execute and read and write
|
||
|
510000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
27D0000
|
trusted library allocation
|
page read and write
|
||
|
52E000
|
heap
|
page read and write
|
||
|
8EE000
|
stack
|
page read and write
|
||
|
A2F000
|
stack
|
page read and write
|
||
|
55A000
|
heap
|
page read and write
|
||
|
55A000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page execute and read and write
|
||
|
450000
|
heap
|
page read and write
|
There are 25 hidden memdumps, click here to show them.