Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
'C:\Windows\System32\WScript.exe' 'C:\Users\user\Desktop\#U5e94#U4ed8#U5e10#U5355.JS'
|
 |
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
4A4ECFE000
|
unkown
|
page read and write
|
|
|
|
2012426B000
|
unkown
|
page read and write
|
|
|
|
7FF523192000
|
unkown
|
page readonly
|
|
|
|
7FF522B82000
|
unkown
|
page readonly
|
|
|
|
2012429A000
|
unkown
|
page read and write
|
|
|
|
7FF52316C000
|
unkown
|
page readonly
|
|
|
|
7FF523180000
|
unkown
|
page readonly
|
|
|
|
4A4F3FE000
|
unkown
|
page read and write
|
|
|
|
7FF523156000
|
unkown
|
page readonly
|
|
|
|
2012429A000
|
unkown
|
page read and write
|
|
|
|
7FF523125000
|
unkown
|
page readonly
|
|
|
|
20124270000
|
unkown
|
page read and write
|
|
|
|
20124299000
|
unkown
|
page read and write
|
|
|
|
20126010000
|
unkown
|
page read and write
|
|
|
|
20125B90000
|
unkown
|
page readonly
|
|
|
|
7FF5231E9000
|
unkown
|
page readonly
|
|
|
|
7FF523187000
|
unkown
|
page readonly
|
|
|
|
7FF523094000
|
unkown
|
page readonly
|
|
|
|
20124220000
|
unkown
|
page read and write
|
|
|
|
201242A2000
|
unkown
|
page read and write
|
|
|
|
20124250000
|
heap default
|
page read and write
|
|
|
|
201242A2000
|
unkown
|
page read and write
|
|
|
|
7FF523184000
|
unkown
|
page readonly
|
|
|
|
20125CC0000
|
heap private
|
page read and write
|
|
|
|
20124283000
|
unkown
|
page read and write
|
|
|
|
20124200000
|
unkown
|
page read and write
|
|
|
|
201242A4000
|
unkown
|
page read and write
|
|
|
|
4A4EEFE000
|
unkown
|
page read and write
|
|
|
|
201242A4000
|
unkown
|
page read and write
|
|
|
|
7FF52308A000
|
unkown
|
page readonly
|
|
|
|
7FF5230EF000
|
unkown
|
page readonly
|
|
|
|
7FF5231E9000
|
unkown
|
page readonly
|
|
|
|
20124283000
|
unkown
|
page read and write
|
|
|
|
7FF5230E2000
|
unkown
|
page readonly
|
|
|
|
2012428A000
|
unkown
|
page read and write
|
|
|
|
4A4F4FE000
|
unkown
|
page read and write
|
|
|
|
7FF523139000
|
unkown
|
page readonly
|
|
|
|
7FF513BAD000
|
unkown
|
page readonly
|
|
|
|
4A4E9E9000
|
unkown
|
page read and write
|
|
|
|
20124275000
|
unkown
|
page read and write
|
|
|
|
7FF523175000
|
unkown
|
page readonly
|
|
|
|
7FF5230F6000
|
unkown
|
page readonly
|
|
|
|
7FF52312F000
|
unkown
|
page readonly
|
|
|
|
20125CD0000
|
unkown
|
page readonly
|
|
|
|
7FF52299B000
|
unkown
|
page readonly
|
|
|
|
4A4EDFE000
|
unkown
|
page read and write
|
|
|
|
7FF52318D000
|
unkown
|
page readonly
|
|
|
|
201243F0000
|
unkown
|
page readonly
|
|
|
|
20124270000
|
unkown
|
page read and write
|
|
|
|
20124283000
|
unkown
|
page read and write
|
|
|
|
7FF523151000
|
unkown
|
page readonly
|
|
|
|
20124281000
|
unkown
|
page read and write
|
|
|
|
7FF5230F2000
|
unkown
|
page readonly
|
|
|
|
4A4F2FE000
|
unkown
|
page read and write
|
|
|
|
4A4F0FF000
|
unkown
|
page read and write
|
|
|
|
7FF5230F8000
|
unkown
|
page readonly
|
|
|
|
7FF52311E000
|
unkown
|
page readonly
|
|
|
|
7FF5231DE000
|
unkown
|
page readonly
|
|
|
|
7FF52310A000
|
unkown
|
page readonly
|
|
|
|
7FF5231E0000
|
unkown
|
page readonly
|
|
|
|
2012428B000
|
unkown
|
page read and write
|
|
|
|
20124283000
|
unkown
|
page read and write
|
|
|
|
201242A4000
|
unkown
|
page read and write
|
|
|
|
7FF52314D000
|
unkown
|
page readonly
|
|
|
|
20124370000
|
unkown
|
page readonly
|
|
|
|
20124258000
|
heap default
|
page read and write
|
|
|
|
20124277000
|
unkown
|
page read and write
|
|
|
|
7FF5230E0000
|
unkown
|
page readonly
|
|
|
|
20124130000
|
unkown
|
page readonly
|
|
|
|
201243E5000
|
heap private
|
page read and write
|
|
|
|
201243E0000
|
heap private
|
page read and write
|
|
|
|
7FF513BAD000
|
unkown
|
page readonly
|
|
|
|
7FF522995000
|
unkown
|
page readonly
|
|
|
|
7FF52315C000
|
unkown
|
page readonly
|
|
|
|
201242A2000
|
unkown
|
page read and write
|
|
|
|
20124278000
|
unkown
|
page read and write
|
|
|
|
201242A2000
|
unkown
|
page read and write
|
|
|
|
7FF522971000
|
unkown
|
page readonly
|
|
|
|
20124298000
|
unkown
|
page read and write
|
|
|
|
20124276000
|
unkown
|
page read and write
|
|
|
|
201240D0000
|
unkown
|
page readonly
|
|
|
|
201242A2000
|
unkown
|
page read and write
|
|
|
|
4A4F1FF000
|
unkown
|
page read and write
|
|
|
|
201242A4000
|
unkown
|
page read and write
|
|
|
|
20124240000
|
unkown
|
page readonly
|
|
|
|
7FF523166000
|
unkown
|
page readonly
|
|
|
|
201242A4000
|
unkown
|
page read and write
|
|
There are 77 hidden memdumps, click here to show them.