Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\notepad.exe
|
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\user\Desktop\new 1.txt
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3C6000
|
heap
|
page read and write
|
||
|
1E65000
|
heap
|
page read and write
|
||
|
1FA000
|
stack
|
page read and write
|
||
|
574000
|
heap
|
page read and write
|
||
|
20B0000
|
heap
|
page read and write
|
||
|
2CE000
|
heap
|
page read and write
|
||
|
20CC000
|
heap
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
F0000
|
heap
|
page read and write
|
||
|
290000
|
heap
|
page read and write
|
||
|
20C2000
|
heap
|
page read and write
|
||
|
1E9B000
|
heap
|
page read and write
|
||
|
10000
|
heap
|
page read and write
|
||
|
20C5000
|
heap
|
page read and write
|
||
|
1E60000
|
heap
|
page read and write
|
||
|
297000
|
heap
|
page read and write
|
||
|
20B5000
|
heap
|
page read and write
|
||
|
20B9000
|
heap
|
page read and write
|
||
|
390000
|
heap
|
page read and write
|
||
|
20CA000
|
heap
|
page read and write
|
There are 10 hidden memdumps, click here to show them.