Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Scan.exe
|
"C:\Users\user\Desktop\Scan.exe"
|
 |
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1232976D000
|
trusted library allocation
|
page read and write
|
|
|
|
7FF849010000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E22000
|
trusted library allocation
|
page read and write
|
||
|
12327E45000
|
heap
|
page read and write
|
||
|
12327F50000
|
trusted library section
|
page read and write
|
||
|
12327BC0000
|
heap
|
page read and write
|
||
|
123279D8000
|
unkown
|
page readonly
|
||
|
7FF849000000
|
trusted library allocation
|
page execute and read and write
|
||
|
12341F20000
|
heap
|
page read and write
|
||
|
12341ACF000
|
heap
|
page read and write
|
||
|
7FF848E34000
|
trusted library allocation
|
page read and write
|
||
|
12328015000
|
heap
|
page read and write
|
||
|
7FF848E6C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E2D000
|
trusted library allocation
|
page execute and read and write
|
||
|
12327A60000
|
heap
|
page read and write
|
||
|
17175FB000
|
stack
|
page read and write
|
||
|
12339741000
|
trusted library allocation
|
page read and write
|
||
|
1716CFD000
|
stack
|
page read and write
|
||
|
7FF848FCA000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FF0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F30000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848EC6000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FE0000
|
trusted library allocation
|
page read and write
|
||
|
123399C1000
|
trusted library allocation
|
page read and write
|
||
|
12327E70000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FC5000
|
trusted library allocation
|
page read and write
|
||
|
12329730000
|
heap
|
page execute and read and write
|
||
|
123420E0000
|
heap
|
page execute and read and write
|
||
|
123279D0000
|
unkown
|
page readonly
|
||
|
7FF848ECC000
|
trusted library allocation
|
page execute and read and write
|
||
|
12327F40000
|
heap
|
page read and write
|
||
|
7FF848E1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848E14000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E13000
|
trusted library allocation
|
page execute and read and write
|
||
|
17169D3000
|
stack
|
page read and write
|
||
|
12327C50000
|
heap
|
page read and write
|
||
|
7FF848FEF000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E3D000
|
trusted library allocation
|
page execute and read and write
|
||
|
12341770000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E3B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1716FFB000
|
stack
|
page read and write
|
||
|
12327B94000
|
heap
|
page read and write
|
||
|
12327BC4000
|
heap
|
page read and write
|
||
|
12327B50000
|
heap
|
page read and write
|
||
|
7FF848E20000
|
trusted library allocation
|
page read and write
|
||
|
12327B96000
|
heap
|
page read and write
|
||
|
12327E40000
|
heap
|
page read and write
|
||
|
7FF848FB0000
|
trusted library allocation
|
page read and write
|
||
|
12327B5C000
|
heap
|
page read and write
|
||
|
12339747000
|
trusted library allocation
|
page read and write
|
||
|
12327B7F000
|
heap
|
page read and write
|
||
|
12329D5E000
|
trusted library allocation
|
page read and write
|
||
|
12329D62000
|
trusted library allocation
|
page read and write
|
||
|
12327B56000
|
heap
|
page read and write
|
||
|
7FF848EC0000
|
trusted library allocation
|
page read and write
|
||
|
1233B90D000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FC0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848ED0000
|
trusted library allocation
|
page execute and read and write
|
||
|
12327C90000
|
heap
|
page read and write
|
||
|
12327BBD000
|
heap
|
page read and write
|
||
|
1716DFE000
|
stack
|
page read and write
|
||
|
12327EA0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EF6000
|
trusted library allocation
|
page execute and read and write
|
||
|
12327C0A000
|
heap
|
page read and write
|
||
|
1716EFE000
|
stack
|
page read and write
|
||
|
7FF848E12000
|
trusted library allocation
|
page read and write
|
||
|
12327C40000
|
heap
|
page read and write
|
||
|
17174FA000
|
stack
|
page read and write
|
||
|
7FF848E30000
|
trusted library allocation
|
page read and write
|
||
|
123279D2000
|
unkown
|
page readonly
|
||
|
12329741000
|
trusted library allocation
|
page read and write
|
||
|
12327EA3000
|
trusted library allocation
|
page read and write
|
||
|
12327E90000
|
trusted library allocation
|
page read and write
|
||
|
7FF848FD0000
|
trusted library allocation
|
page read and write
|
||
|
1233B254000
|
trusted library allocation
|
page read and write
|
||
|
12327C70000
|
heap
|
page read and write
|
||
|
7FF848E10000
|
trusted library allocation
|
page read and write
|
||
|
12328010000
|
heap
|
page read and write
|
||
|
7FF45EF50000
|
trusted library allocation
|
page execute and read and write
|
There are 69 hidden memdumps, click here to show them.