Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\clip64.dll",#1
|
 |
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\clip64.dll,??4CClipperDLL@@QAEAAV0@$$QAV0@@Z
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\clip64.dll,??4CClipperDLL@@QAEAAV0@ABV0@@Z
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\clip64.dll,Main
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\clip64.dll",??4CClipperDLL@@QAEAAV0@$$QAV0@@Z
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\clip64.dll",??4CClipperDLL@@QAEAAV0@ABV0@@Z
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\clip64.dll",Main
|
|
|
|
C:\Windows\System32\loaddll32.exe
|
loaddll32.exe "C:\Users\user\Desktop\clip64.dll"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\clip64.dll",#1
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
738F1000
|
unkown
|
page execute read
|
|
|
|
738F1000
|
unkown
|
page execute read
|
|
|
|
A8E000
|
stack
|
page read and write
|
||
|
17CF000
|
stack
|
page read and write
|
||
|
2C9A000
|
heap
|
page read and write
|
||
|
3350000
|
heap
|
page read and write
|
||
|
4410000
|
heap
|
page read and write
|
||
|
73908000
|
unkown
|
page readonly
|
||
|
738FF000
|
unkown
|
page readonly
|
||
|
560000
|
heap
|
page read and write
|
||
|
3710000
|
heap
|
page read and write
|
||
|
2FC0000
|
heap
|
page read and write
|
||
|
14CE000
|
stack
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
4AA0000
|
heap
|
page read and write
|
||
|
738F0000
|
unkown
|
page readonly
|
||
|
AE0000
|
heap
|
page read and write
|
||
|
2FA0000
|
heap
|
page read and write
|
||
|
341E000
|
stack
|
page read and write
|
||
|
73906000
|
unkown
|
page read and write
|
||
|
4FC000
|
stack
|
page read and write
|
||
|
2ECA000
|
heap
|
page read and write
|
||
|
14DF000
|
heap
|
page read and write
|
||
|
348A000
|
heap
|
page read and write
|
||
|
73906000
|
unkown
|
page read and write
|
||
|
A7B000
|
stack
|
page read and write
|
||
|
A6C000
|
stack
|
page read and write
|
||
|
4BB000
|
stack
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
2F4F000
|
stack
|
page read and write
|
||
|
2B9E000
|
stack
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
90F000
|
stack
|
page read and write
|
||
|
2BDF000
|
stack
|
page read and write
|
||
|
16CF000
|
stack
|
page read and write
|
||
|
46C0000
|
heap
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
4EC000
|
stack
|
page read and write
|
||
|
3480000
|
heap
|
page read and write
|
||
|
2B9E000
|
stack
|
page read and write
|
||
|
4B60000
|
heap
|
page read and write
|
||
|
A90000
|
heap
|
page read and write
|
||
|
30C0000
|
heap
|
page read and write
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
30CA000
|
heap
|
page read and write
|
||
|
2BDF000
|
stack
|
page read and write
|
||
|
2DB0000
|
heap
|
page read and write
|
||
|
B1F000
|
stack
|
page read and write
|
||
|
148E000
|
stack
|
page read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
930000
|
heap
|
page read and write
|
||
|
14D0000
|
heap
|
page read and write
|
||
|
2F90000
|
heap
|
page read and write
|
||
|
339E000
|
stack
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
2D0B000
|
stack
|
page read and write
|
||
|
33DF000
|
stack
|
page read and write
|
||
|
73908000
|
unkown
|
page readonly
|
||
|
9EA000
|
heap
|
page read and write
|
||
|
2B60000
|
heap
|
page read and write
|
||
|
2D4C000
|
stack
|
page read and write
|
||
|
8CC000
|
stack
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
B30000
|
heap
|
page read and write
|
||
|
2EC0000
|
heap
|
page read and write
|
||
|
A10000
|
heap
|
page read and write
|
||
|
2DC0000
|
heap
|
page read and write
|
||
|
32E0000
|
heap
|
page read and write
|
||
|
31B0000
|
heap
|
page read and write
|
||
|
2FBC000
|
stack
|
page read and write
|
||
|
2C90000
|
heap
|
page read and write
|
||
|
2F0E000
|
stack
|
page read and write
|
||
|
ACF000
|
stack
|
page read and write
|
||
|
ABC000
|
stack
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
A2B000
|
stack
|
page read and write
|
||
|
5FE000
|
stack
|
page read and write
|
||
|
A4F000
|
stack
|
page read and write
|
||
|
1350000
|
heap
|
page read and write
|
||
|
3300000
|
heap
|
page read and write
|
||
|
ADE000
|
stack
|
page read and write
|
||
|
738F0000
|
unkown
|
page readonly
|
||
|
3200000
|
heap
|
page read and write
|
||
|
1430000
|
heap
|
page read and write
|
||
|
12FC000
|
stack
|
page read and write
|
||
|
2D30000
|
heap
|
page read and write
|
||
|
738FF000
|
unkown
|
page readonly
|
||
|
B20000
|
heap
|
page read and write
|
||
|
5DE000
|
stack
|
page read and write
|
||
|
930000
|
heap
|
page read and write
|
||
|
4E30000
|
heap
|
page read and write
|
||
|
4AB000
|
stack
|
page read and write
|
||
|
88B000
|
stack
|
page read and write
|
||
|
FEC000
|
stack
|
page read and write
|
||
|
14DB000
|
heap
|
page read and write
|
||
|
345F000
|
stack
|
page read and write
|
||
|
2F7B000
|
stack
|
page read and write
|
||
|
3220000
|
heap
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
1440000
|
heap
|
page read and write
|
||
|
31BA000
|
heap
|
page read and write
|
||
|
80A000
|
heap
|
page read and write
|
||
|
33E0000
|
heap
|
page read and write
|
There are 94 hidden memdumps, click here to show them.