Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\pgsql.exe
|
"C:\Users\user\Desktop\pgsql.exe"
|
 |
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\partmgr
|
EnableCounterForIoctl
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7FF6B5883000
|
unkown
|
page write copy
|
||
|
C000078000
|
direct allocation
|
page read and write
|
||
|
C000064000
|
direct allocation
|
page read and write
|
||
|
C000068000
|
direct allocation
|
page read and write
|
||
|
C00006C000
|
direct allocation
|
page read and write
|
||
|
264D6210000
|
direct allocation
|
page read and write
|
||
|
7FF6B5180000
|
unkown
|
page readonly
|
||
|
7FF6B5522000
|
unkown
|
page write copy
|
||
|
7FF6B581B000
|
unkown
|
page read and write
|
||
|
C000106000
|
direct allocation
|
page read and write
|
||
|
7FF6B5886000
|
unkown
|
page write copy
|
||
|
B8027FD000
|
stack
|
page read and write
|
||
|
264D5FB8000
|
heap
|
page read and write
|
||
|
264D5F90000
|
heap
|
page read and write
|
||
|
7FF6B5525000
|
unkown
|
page readonly
|
||
|
C00010E000
|
direct allocation
|
page read and write
|
||
|
7FF6B550F000
|
unkown
|
page read and write
|
||
|
7FF6B5871000
|
unkown
|
page read and write
|
||
|
264D62F0000
|
heap
|
page read and write
|
||
|
B802FFE000
|
stack
|
page read and write
|
||
|
C000000000
|
direct allocation
|
page read and write
|
||
|
7FF6B5843000
|
unkown
|
page read and write
|
||
|
7FF6B5886000
|
unkown
|
page write copy
|
||
|
C000006000
|
direct allocation
|
page read and write
|
||
|
C00016E000
|
direct allocation
|
page read and write
|
||
|
7FF6B5523000
|
unkown
|
page read and write
|
||
|
7FF6B5181000
|
unkown
|
page execute read
|
||
|
B8029FE000
|
stack
|
page read and write
|
||
|
B802DFF000
|
stack
|
page read and write
|
||
|
264D61A0000
|
direct allocation
|
page read and write
|
||
|
264D61A4000
|
direct allocation
|
page read and write
|
||
|
7FF6B5180000
|
unkown
|
page readonly
|
||
|
C000160000
|
direct allocation
|
page read and write
|
||
|
C000110000
|
direct allocation
|
page read and write
|
||
|
C00013A000
|
direct allocation
|
page read and write
|
||
|
264D5FC3000
|
heap
|
page read and write
|
||
|
C000142000
|
direct allocation
|
page read and write
|
||
|
C00004A000
|
direct allocation
|
page read and write
|
||
|
C000002000
|
direct allocation
|
page read and write
|
||
|
C000025000
|
direct allocation
|
page read and write
|
||
|
C00000C000
|
direct allocation
|
page read and write
|
||
|
264D5FB0000
|
heap
|
page read and write
|
||
|
B8035FF000
|
stack
|
page read and write
|
||
|
7FF6B54E4000
|
unkown
|
page write copy
|
||
|
C000116000
|
direct allocation
|
page read and write
|
||
|
C00007A000
|
direct allocation
|
page read and write
|
||
|
C000140000
|
direct allocation
|
page read and write
|
||
|
264D6220000
|
direct allocation
|
page read and write
|
||
|
7FF6B5882000
|
unkown
|
page read and write
|
||
|
7FF6B5521000
|
unkown
|
page read and write
|
||
|
7FF6B551D000
|
unkown
|
page write copy
|
||
|
C000020000
|
direct allocation
|
page read and write
|
||
|
C00007C000
|
direct allocation
|
page read and write
|
||
|
264D5F80000
|
heap
|
page read and write
|
||
|
C00003A000
|
direct allocation
|
page read and write
|
||
|
C000070000
|
direct allocation
|
page read and write
|
||
|
7FF6B5181000
|
unkown
|
page execute read
|
||
|
C000166000
|
direct allocation
|
page read and write
|
||
|
C00001C000
|
direct allocation
|
page read and write
|
||
|
264D61A9000
|
direct allocation
|
page read and write
|
||
|
7FF6B5882000
|
unkown
|
page write copy
|
||
|
C00004E000
|
direct allocation
|
page read and write
|
||
|
C00003E000
|
direct allocation
|
page read and write
|
||
|
C000004000
|
direct allocation
|
page read and write
|
||
|
B802BFF000
|
stack
|
page read and write
|
||
|
264D6180000
|
heap
|
page read and write
|
||
|
7FF6B5525000
|
unkown
|
page readonly
|
||
|
264D6241000
|
direct allocation
|
page read and write
|
||
|
C000050000
|
direct allocation
|
page read and write
|
||
|
C000030000
|
direct allocation
|
page read and write
|
||
|
264D62F5000
|
heap
|
page read and write
|
||
|
C000022000
|
direct allocation
|
page read and write
|
||
|
C00001A000
|
direct allocation
|
page read and write
|
||
|
7FF6B54D7000
|
unkown
|
page read and write
|
||
|
C000048000
|
direct allocation
|
page read and write
|
||
|
C00015E000
|
direct allocation
|
page read and write
|
||
|
C000008000
|
direct allocation
|
page read and write
|
||
|
C00011C000
|
direct allocation
|
page read and write
|
||
|
264D6200000
|
direct allocation
|
page read and write
|
||
|
C000056000
|
direct allocation
|
page read and write
|
||
|
C000052000
|
direct allocation
|
page read and write
|
||
|
C00016A000
|
direct allocation
|
page read and write
|
||
|
7FF6B54D7000
|
unkown
|
page write copy
|
||
|
C000037000
|
direct allocation
|
page read and write
|
||
|
C000102000
|
direct allocation
|
page read and write
|
||
|
C00007E000
|
direct allocation
|
page read and write
|
||
|
C000045000
|
direct allocation
|
page read and write
|
||
|
C000108000
|
direct allocation
|
page read and write
|
||
|
C000016000
|
direct allocation
|
page read and write
|
||
|
C000035000
|
direct allocation
|
page read and write
|
||
|
7FF6B584A000
|
unkown
|
page read and write
|
||
|
C000074000
|
direct allocation
|
page read and write
|
||
|
C000118000
|
direct allocation
|
page read and write
|
||
|
B8033FE000
|
stack
|
page read and write
|
||
|
7FF6B5887000
|
unkown
|
page readonly
|
||
|
264D6280000
|
direct allocation
|
page read and write
|
||
|
7FF6B5887000
|
unkown
|
page readonly
|
||
|
C000100000
|
direct allocation
|
page read and write
|
||
|
264D6204000
|
direct allocation
|
page read and write
|
||
|
B8031FF000
|
stack
|
page read and write
|
There are 90 hidden memdumps, click here to show them.