Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\ftFxGrU7W4.exe
|
"C:\Users\user\Desktop\ftFxGrU7W4.exe"
|
 |
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://autohotkey.com
|
unknown
|
||
|
https://autohotkey.comCould
|
unknown
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7DF000
|
stack
|
page read and write
|
||
|
820000
|
trusted library allocation
|
page read and write
|
||
|
140127000
|
unkown
|
page execute
|
||
|
905000
|
heap
|
page read and write
|
||
|
8E8000
|
heap
|
page read and write
|
||
|
14011F000
|
unkown
|
page readonly
|
||
|
820000
|
trusted library allocation
|
page read and write
|
||
|
7E3000
|
stack
|
page read and write
|
||
|
8E5000
|
heap
|
page read and write
|
||
|
2A50000
|
heap
|
page read and write
|
||
|
1400F2000
|
unkown
|
page readonly
|
||
|
140112000
|
unkown
|
page write copy
|
||
|
14012A000
|
unkown
|
page readonly
|
||
|
820000
|
trusted library allocation
|
page read and write
|
||
|
90D000
|
heap
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
820000
|
trusted library allocation
|
page read and write
|
||
|
8E8000
|
heap
|
page read and write
|
||
|
2CD3000
|
heap
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
1400F2000
|
unkown
|
page readonly
|
||
|
12A5000
|
heap
|
page read and write
|
||
|
820000
|
trusted library allocation
|
page read and write
|
||
|
1400E0000
|
unkown
|
page readonly
|
||
|
8E9000
|
heap
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
14011F000
|
unkown
|
page readonly
|
||
|
140127000
|
unkown
|
page execute
|
||
|
8B7000
|
heap
|
page read and write
|
||
|
7FB000
|
stack
|
page read and write
|
||
|
90000
|
heap
|
page read and write
|
||
|
7CF000
|
stack
|
page read and write
|
||
|
2A60000
|
heap
|
page read and write
|
||
|
190000
|
heap
|
page read and write
|
||
|
140000000
|
unkown
|
page readonly
|
||
|
4B7F000
|
stack
|
page read and write
|
||
|
140001000
|
unkown
|
page execute read
|
||
|
2AC1000
|
heap
|
page read and write
|
||
|
140001000
|
unkown
|
page execute read
|
||
|
2B88000
|
heap
|
page read and write
|
||
|
12A0000
|
heap
|
page read and write
|
||
|
8EF000
|
heap
|
page read and write
|
||
|
820000
|
trusted library allocation
|
page read and write
|
||
|
140112000
|
unkown
|
page read and write
|
||
|
7D2000
|
stack
|
page read and write
|
||
|
14012A000
|
unkown
|
page readonly
|
||
|
820000
|
trusted library allocation
|
page read and write
|
||
|
2B80000
|
heap
|
page read and write
|
||
|
170000
|
heap
|
page read and write
|
||
|
820000
|
trusted library allocation
|
page read and write
|
||
|
8E0000
|
heap
|
page read and write
|
||
|
140000000
|
unkown
|
page readonly
|
||
|
1400E0000
|
unkown
|
page readonly
|
||
|
14011B000
|
unkown
|
page read and write
|
||
|
820000
|
trusted library allocation
|
page read and write
|
||
|
820000
|
trusted library allocation
|
page read and write
|
||
|
8C5000
|
heap
|
page read and write
|
||
|
7EF000
|
stack
|
page read and write
|
||
|
2CD0000
|
heap
|
page read and write
|
There are 49 hidden memdumps, click here to show them.