Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\libpkcs11-helper-1.dll.dll"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\libpkcs11-helper-1.dll.dll",#1
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\libpkcs11-helper-1.dll.dll,DTLS_get_data_mtu
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\libpkcs11-helper-1.dll.dll",#1
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\libpkcs11-helper-1.dll.dll,DTLSv1_client_method
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\libpkcs11-helper-1.dll.dll,DTLSv1_listen
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
24C25535000
|
heap
|
page read and write
|
||
|
7FF8A8D88000
|
unkown
|
page readonly
|
||
|
1A099618000
|
heap
|
page read and write
|
||
|
7FF8A8D82000
|
unkown
|
page read and write
|
||
|
7FF8A8D09000
|
unkown
|
page read and write
|
||
|
1A099965000
|
heap
|
page read and write
|
||
|
7FF8A8C51000
|
unkown
|
page execute read
|
||
|
24C25420000
|
heap
|
page read and write
|
||
|
7FF8A8D09000
|
unkown
|
page read and write
|
||
|
2B881D15000
|
heap
|
page read and write
|
||
|
246BB260000
|
heap
|
page read and write
|
||
|
246B98CA000
|
heap
|
page execute and read and write
|
||
|
1A09961F000
|
heap
|
page read and write
|
||
|
2B8819C1000
|
heap
|
page read and write
|
||
|
2172A795000
|
heap
|
page read and write
|
||
|
7FF8A8C50000
|
unkown
|
page readonly
|
||
|
24C25428000
|
heap
|
page read and write
|
||
|
3916CFE000
|
stack
|
page read and write
|
||
|
7FF8A8C51000
|
unkown
|
page execute read
|
||
|
246B98A0000
|
heap
|
page read and write
|
||
|
CBB06FE000
|
stack
|
page read and write
|
||
|
1A099800000
|
heap
|
page read and write
|
||
|
24C25477000
|
heap
|
page read and write
|
||
|
246B98CB000
|
heap
|
page read and write
|
||
|
24C25443000
|
heap
|
page execute and read and write
|
||
|
7FF8A8C51000
|
unkown
|
page execute read
|
||
|
691EBFE000
|
stack
|
page read and write
|
||
|
3916D7E000
|
stack
|
page read and write
|
||
|
7FF8A8D88000
|
unkown
|
page readonly
|
||
|
2B881B80000
|
heap
|
page read and write
|
||
|
24C25540000
|
heap
|
page read and write
|
||
|
1A099960000
|
heap
|
page read and write
|
||
|
246BB3D0000
|
heap
|
page read and write
|
||
|
24C25530000
|
heap
|
page read and write
|
||
|
CDC967C000
|
stack
|
page read and write
|
||
|
2172A572000
|
heap
|
page read and write
|
||
|
7FF8A8C51000
|
unkown
|
page execute read
|
||
|
691EAFB000
|
stack
|
page read and write
|
||
|
7FF8A8C50000
|
unkown
|
page readonly
|
||
|
1A099632000
|
heap
|
page execute and read and write
|
||
|
2172A720000
|
heap
|
page read and write
|
||
|
2B881D10000
|
heap
|
page read and write
|
||
|
7FF8A8D0A000
|
unkown
|
page write copy
|
||
|
2B881990000
|
heap
|
page read and write
|
||
|
1A099668000
|
heap
|
page read and write
|
||
|
24C25444000
|
heap
|
page read and write
|
||
|
7FF8A8C50000
|
unkown
|
page readonly
|
||
|
1A099610000
|
heap
|
page read and write
|
||
|
24C253F0000
|
heap
|
page read and write
|
||
|
7FF8A8D09000
|
unkown
|
page read and write
|
||
|
7FF8A8D88000
|
unkown
|
page readonly
|
||
|
7FF8A8D0A000
|
unkown
|
page write copy
|
||
|
246B99B0000
|
heap
|
page read and write
|
||
|
7FF8A8D0A000
|
unkown
|
page write copy
|
||
|
2172A582000
|
heap
|
page read and write
|
||
|
2B881970000
|
heap
|
page read and write
|
||
|
2172A790000
|
heap
|
page read and write
|
||
|
2172A558000
|
heap
|
page read and write
|
||
|
CBB039B000
|
stack
|
page read and write
|
||
|
1A099633000
|
heap
|
page read and write
|
||
|
2B881B60000
|
heap
|
page read and write
|
||
|
2172A540000
|
heap
|
page read and write
|
||
|
2B881998000
|
heap
|
page read and write
|
||
|
246B98D0000
|
heap
|
page read and write
|
||
|
2172A550000
|
heap
|
page read and write
|
||
|
246B98AD000
|
heap
|
page read and write
|
||
|
24C25310000
|
heap
|
page read and write
|
||
|
1A099600000
|
heap
|
page read and write
|
||
|
691ECFF000
|
stack
|
page read and write
|
||
|
24C25442000
|
heap
|
page read and write
|
||
|
2172A573000
|
heap
|
page execute and read and write
|
||
|
2172A740000
|
heap
|
page read and write
|
||
|
1A0997E0000
|
heap
|
page read and write
|
||
|
7FF8A8D0A000
|
unkown
|
page write copy
|
||
|
BFD267E000
|
stack
|
page read and write
|
||
|
7FF8A8C50000
|
unkown
|
page readonly
|
||
|
7FF8A8D82000
|
unkown
|
page read and write
|
||
|
7FF8A8D88000
|
unkown
|
page readonly
|
||
|
3916C7B000
|
stack
|
page read and write
|
||
|
CDC96FE000
|
stack
|
page read and write
|
||
|
2B8819B7000
|
heap
|
page read and write
|
||
|
24C2542F000
|
heap
|
page read and write
|
||
|
246B9A90000
|
heap
|
page read and write
|
||
|
7FF8A8D82000
|
unkown
|
page read and write
|
||
|
7FF8A8C51000
|
unkown
|
page execute read
|
||
|
246B98BB000
|
heap
|
page read and write
|
||
|
7FF8A8C50000
|
unkown
|
page readonly
|
||
|
7FF8A8D0A000
|
unkown
|
page write copy
|
||
|
7FF8A8D09000
|
unkown
|
page read and write
|
||
|
7FF8A8D82000
|
unkown
|
page read and write
|
||
|
7FF8A8D88000
|
unkown
|
page readonly
|
||
|
CDC977E000
|
stack
|
page read and write
|
||
|
2172A55F000
|
heap
|
page read and write
|
||
|
CBB067F000
|
stack
|
page read and write
|
||
|
BFD23CB000
|
stack
|
page read and write
|
||
|
2172A578000
|
heap
|
page read and write
|
||
|
7FF8A8D82000
|
unkown
|
page read and write
|
||
|
BFD26FF000
|
stack
|
page read and write
|
||
|
7FF8A8D09000
|
unkown
|
page read and write
|
||
|
2B8819B2000
|
heap
|
page execute and read and write
|
There are 90 hidden memdumps, click here to show them.