Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\shootthemessenger.exe
|
"C:\Users\user\Desktop\shootthemessenger.exe"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://grc.com/mail.htm
|
unknown
|
||
|
http://grc.com/mail.htmhttp://grc.com/stm/ShootTheMessenger.htmYou
|
unknown
|
||
|
http://grc.comD
|
unknown
|
||
|
http://grc.com
|
unknown
|
||
|
http://grc.com/stm/ShootTheMessenger.htm
|
unknown
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
44AE000
|
stack
|
page read and write
|
||
|
45AF000
|
stack
|
page read and write
|
||
|
40E000
|
unkown
|
page write copy
|
||
|
661000
|
heap
|
page read and write
|
||
|
657000
|
heap
|
page read and write
|
||
|
49D0000
|
trusted library allocation
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
49B0000
|
trusted library allocation
|
page read and write
|
||
|
661000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
279E000
|
stack
|
page read and write
|
||
|
40E000
|
unkown
|
page read and write
|
||
|
45EE000
|
stack
|
page read and write
|
||
|
974000
|
heap
|
page read and write
|
||
|
9C5000
|
heap
|
page read and write
|
||
|
436E000
|
stack
|
page read and write
|
||
|
657000
|
heap
|
page read and write
|
||
|
28D0000
|
trusted library allocation
|
page read and write
|
||
|
618000
|
heap
|
page read and write
|
||
|
657000
|
heap
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
446F000
|
stack
|
page read and write
|
||
|
661000
|
heap
|
page read and write
|
||
|
26A0000
|
trusted library allocation
|
page read and write
|
||
|
96C000
|
stack
|
page read and write
|
||
|
618000
|
heap
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
480000
|
heap
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
657000
|
heap
|
page read and write
|
||
|
661000
|
heap
|
page read and write
|
||
|
61F000
|
heap
|
page read and write
|
||
|
9C9000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
40C000
|
unkown
|
page execute and read and write
|
||
|
410000
|
heap
|
page read and write
|
||
|
5DA000
|
heap
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
46EF000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
9B0000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
40A000
|
unkown
|
page execute and write copy
|
||
|
61F000
|
heap
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
40D000
|
unkown
|
page execute and write copy
|
||
|
5DE000
|
heap
|
page read and write
|
||
|
66B000
|
heap
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
There are 41 hidden memdumps, click here to show them.