Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Users\user\Desktop\file.bin.exe
|
"C:\Users\user\Desktop\file.bin.exe"
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
92.118.112.89
|
unknown
|
Russian Federation
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
14012D000
|
unkown
|
page readonly
|
||
1400C0000
|
unkown
|
page readonly
|
||
140000000
|
unkown
|
page readonly
|
||
1C0000
|
heap
|
page read and write
|
||
510000
|
direct allocation
|
page read and write
|
||
190000
|
heap
|
page read and write
|
||
DCE000
|
direct allocation
|
page execute and read and write
|
||
140000000
|
unkown
|
page readonly
|
||
5A7000
|
heap
|
page read and write
|
||
140117000
|
unkown
|
page write copy
|
||
140001000
|
unkown
|
page execute read
|
||
1A0000
|
heap
|
page read and write
|
||
14012D000
|
unkown
|
page readonly
|
||
D70000
|
direct allocation
|
page execute and read and write
|
||
140117000
|
unkown
|
page read and write
|
||
5BF000
|
heap
|
page read and write
|
||
140118000
|
unkown
|
page write copy
|
||
5A0000
|
heap
|
page read and write
|
||
14C000
|
stack
|
page read and write
|
||
140001000
|
unkown
|
page execute read
|
||
E30000
|
heap
|
page read and write
|
||
1400C0000
|
unkown
|
page readonly
|
There are 12 hidden memdumps, click here to show them.