Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Windows\System32\wscript.exe
|
"C:\Windows\System32\WScript.exe" "D:\logo\parcel_002.vbs"
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
215DAFA7000
|
heap
|
page read and write
|
||
215DAFBB000
|
heap
|
page read and write
|
||
215DE550000
|
heap
|
page read and write
|
||
215DAF9F000
|
heap
|
page read and write
|
||
215DAFAB000
|
heap
|
page read and write
|
||
215DAF98000
|
heap
|
page read and write
|
||
215DAF99000
|
heap
|
page read and write
|
||
215DC964000
|
heap
|
page read and write
|
||
215DAFAC000
|
heap
|
page read and write
|
||
215DB175000
|
heap
|
page read and write
|
||
215DB170000
|
heap
|
page read and write
|
||
215DC960000
|
heap
|
page read and write
|
||
215DB17C000
|
heap
|
page read and write
|
||
215DB140000
|
heap
|
page read and write
|
||
215DAFD8000
|
heap
|
page read and write
|
||
1F160FF000
|
stack
|
page read and write
|
||
215DAF50000
|
heap
|
page read and write
|
||
215DAFD6000
|
heap
|
page read and write
|
||
215DAF8C000
|
heap
|
page read and write
|
||
215DEE70000
|
heap
|
page read and write
|
||
215DAF78000
|
heap
|
page read and write
|
||
215DAF91000
|
heap
|
page read and write
|
||
215DAFB2000
|
heap
|
page read and write
|
||
215DAFAF000
|
heap
|
page read and write
|
||
215DE670000
|
trusted library allocation
|
page read and write
|
||
215DAF40000
|
heap
|
page read and write
|
||
215DAFB2000
|
heap
|
page read and write
|
||
215DAF70000
|
heap
|
page read and write
|
||
215DAFB2000
|
heap
|
page read and write
|
||
1F15CFA000
|
stack
|
page read and write
|
||
215DAFA7000
|
heap
|
page read and write
|
||
215DAFD8000
|
heap
|
page read and write
|
||
215DAFA7000
|
heap
|
page read and write
|
||
1F15EFE000
|
stack
|
page read and write
|
||
215DAFB2000
|
heap
|
page read and write
|
||
215DAFD8000
|
heap
|
page read and write
|
||
1F15DFE000
|
stack
|
page read and write
|
There are 27 hidden memdumps, click here to show them.