Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\202c6770000.dll"
|
 |
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\202c6770000.dll,#1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\202c6770000.dll",#1
|
|
|
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\202c6770000.dll",#1
|
 |
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
17F5E780000
|
unkown
|
page read and write
|
|
|
|
1C288FD0000
|
unkown
|
page read and write
|
|
|
|
7DF46B720000
|
unkown image
|
page readonly
|
|
|
|
7FF55870C000
|
unkown image
|
page readonly
|
|
|
|
1C289285000
|
heap private
|
page read and write
|
|
|
|
1D800E27000
|
unkown
|
page read and write
|
|
|
|
1D800E64000
|
unkown
|
page read and write
|
|
|
|
25E3EC90000
|
unkown
|
page read and write
|
|
|
|
7FF55874E000
|
unkown image
|
page readonly
|
|
|
|
17F5E770000
|
unkown image
|
page readonly
|
|
|
|
EC3E7B000
|
unkown
|
page read and write
|
|
|
|
7FF55867C000
|
unkown image
|
page readonly
|
|
|
|
7FF5566E6000
|
unkown image
|
page readonly
|
|
|
|
1D800E7D000
|
unkown
|
page read and write
|
|
|
|
7FF55864C000
|
unkown image
|
page readonly
|
|
|
|
1C289076000
|
unkown
|
page read and write
|
|
|
|
7FF5566E9000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD760000
|
unkown image
|
page readonly
|
|
|
|
180000000
|
unkown image
|
page readonly
|
|
|
|
7FF55873E000
|
unkown image
|
page readonly
|
|
|
|
EC3EFE000
|
stack
|
page read and write
|
|
|
|
17F5E620000
|
heap default
|
page read and write
|
|
|
|
1C289050000
|
unkown
|
page read and write
|
|
|
|
7FF5C7743000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD770000
|
unkown image
|
page readonly
|
|
|
|
7FF5C78E2000
|
unkown image
|
page readonly
|
|
|
|
7FF5586E2000
|
unkown image
|
page readonly
|
|
|
|
7DF5DC972000
|
unkown image
|
page readonly
|
|
|
|
7FF55660C000
|
unkown image
|
page readonly
|
|
|
|
7DFB69014000
|
unkown image
|
page readonly
|
|
|
|
7FF5C7858000
|
unkown image
|
page readonly
|
|
|
|
7FF5C781F000
|
unkown image
|
page readonly
|
|
|
|
7FF5586EB000
|
unkown image
|
page readonly
|
|
|
|
17F5E500000
|
unkown image
|
page readonly
|
|
|
|
1D800DC0000
|
unkown image
|
page readonly
|
|
|
|
7FF556633000
|
unkown image
|
page readonly
|
|
|
|
17F5E65E000
|
unkown
|
page read and write
|
|
|
|
17F5E520000
|
unkown image
|
page readonly
|
|
|
|
CDF8CFE000
|
stack
|
page read and write
|
|
|
|
1C28AB70000
|
unkown
|
page read and write
|
|
|
|
7FF55667B000
|
unkown image
|
page readonly
|
|
|
|
1C28C3F3000
|
heap private
|
page read and write
|
|
|
|
7FF556675000
|
unkown image
|
page readonly
|
|
|
|
7FF5C75A1000
|
unkown image
|
page readonly
|
|
|
|
17F61940000
|
unkown
|
page read and write
|
|
|
|
1C28C400000
|
unkown
|
page read and write
|
|
|
|
7FF5C785E000
|
unkown image
|
page readonly
|
|
|
|
7FF556670000
|
unkown image
|
page readonly
|
|
|
|
1C28904B000
|
unkown
|
page read and write
|
|
|
|
1D800E3C000
|
unkown
|
page read and write
|
|
|
|
7DF5DC962000
|
unkown image
|
page readonly
|
|
|
|
7FF5C7641000
|
unkown image
|
page readonly
|
|
|
|
7FF5587D2000
|
unkown image
|
page readonly
|
|
|
|
7DF5DC970000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD772000
|
unkown image
|
page readonly
|
|
|
|
17F5E7D0000
|
unkown
|
page read and write
|
|
|
|
7FF55675A000
|
unkown image
|
page readonly
|
|
|
|
1C288F80000
|
unkown image
|
page readonly
|
|
|
|
1D800F08000
|
unkown
|
page read and write
|
|
|
|
7FF5566BA000
|
unkown image
|
page readonly
|
|
|
|
7FF5C77EE000
|
unkown image
|
page readonly
|
|
|
|
1C289054000
|
unkown
|
page read and write
|
|
|
|
7FF5BD772000
|
unkown image
|
page readonly
|
|
|
|
7E7D47F000
|
stack
|
page read and write
|
|
|
|
7FF5C7844000
|
unkown image
|
page readonly
|
|
|
|
1D800D60000
|
unkown image
|
page readonly
|
|
|
|
7E7D17F000
|
stack
|
page read and write
|
|
|
|
7FF55669C000
|
unkown image
|
page readonly
|
|
|
|
1C288F60000
|
unkown image
|
page read and write
|
|
|
|
1C28906F000
|
unkown
|
page read and write
|
|
|
|
7FF558718000
|
unkown image
|
page readonly
|
|
|
|
7FF5C78DA000
|
unkown image
|
page readonly
|
|
|
|
1D800DB0000
|
heap default
|
page read and write
|
|
|
|
7DF5DC980000
|
unkown image
|
page readonly
|
|
|
|
7FF5566CE000
|
unkown image
|
page readonly
|
|
|
|
1C28905E000
|
unkown
|
page read and write
|
|
|
|
1C2893D0000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD780000
|
unkown image
|
page readonly
|
|
|
|
17F5E666000
|
unkown
|
page read and write
|
|
|
|
7E7D0FB000
|
stack
|
page read and write
|
|
|
|
17F5E63A000
|
unkown
|
page read and write
|
|
|
|
1D801450000
|
unkown image
|
page readonly
|
|
|
|
7FF5587CA000
|
unkown image
|
page readonly
|
|
|
|
1C288F80000
|
unkown image
|
page readonly
|
|
|
|
17F5E62B000
|
heap default
|
page read and write
|
|
|
|
1D800E13000
|
unkown
|
page read and write
|
|
|
|
17F5E64D000
|
unkown
|
page read and write
|
|
|
|
7FF556578000
|
unkown image
|
page readonly
|
|
|
|
25E3ECF3000
|
heap default
|
page read and write
|
|
|
|
7FF5566DE000
|
unkown image
|
page readonly
|
|
|
|
7DF56B7F2000
|
unkown image
|
page readonly
|
|
|
|
7FF5C76B1000
|
unkown image
|
page readonly
|
|
|
|
7FF5566D8000
|
unkown image
|
page readonly
|
|
|
|
7FF558728000
|
unkown image
|
page readonly
|
|
|
|
17F5E637000
|
unkown
|
page read and write
|
|
|
|
17F5E530000
|
unkown image
|
page readonly
|
|
|
|
7FF556602000
|
unkown image
|
page readonly
|
|
|
|
7FF558724000
|
unkown image
|
page readonly
|
|
|
|
7FF5C7754000
|
unkown image
|
page readonly
|
|
|
|
7FF5C78E1000
|
unkown image
|
page readonly
|
|
|
|
7DFC77BA1000
|
unkown image
|
page readonly
|
|
|
|
1D800DE0000
|
unkown
|
page read and write
|
|
|
|
1C289750000
|
unkown image
|
page readonly
|
|
|
|
7FF558759000
|
unkown image
|
page readonly
|
|
|
|
7FF5C77FB000
|
unkown image
|
page readonly
|
|
|
|
1D800D40000
|
unkown image
|
page read and write
|
|
|
|
17F5E7A0000
|
unkown image
|
page readonly
|
|
|
|
17F5E990000
|
unkown image
|
page readonly
|
|
|
|
7FF5C76EE000
|
unkown image
|
page readonly
|
|
|
|
1C28905E000
|
unkown
|
page read and write
|
|
|
|
17F5E740000
|
unkown
|
page read and write
|
|
|
|
7FF5C77F0000
|
unkown image
|
page readonly
|
|
|
|
7FF558748000
|
unkown image
|
page readonly
|
|
|
|
7DF56D850000
|
unkown image
|
page readonly
|
|
|
|
7DF56D862000
|
unkown image
|
page readonly
|
|
|
|
7FF556754000
|
unkown image
|
page readonly
|
|
|
|
7FF5587D1000
|
unkown image
|
page readonly
|
|
|
|
7FF5C703C000
|
unkown image
|
page readonly
|
|
|
|
1C288FB0000
|
unkown image
|
page readonly
|
|
|
|
7FF558672000
|
unkown image
|
page readonly
|
|
|
|
7FF55844E000
|
unkown image
|
page readonly
|
|
|
|
17F60130000
|
unkown
|
page read and write
|
|
|
|
7DF56B800000
|
unkown image
|
page readonly
|
|
|
|
17F5E652000
|
unkown
|
page read and write
|
|
|
|
25E3EB90000
|
unkown image
|
page readonly
|
|
|
|
7FF5C73C5000
|
unkown image
|
page readonly
|
|
|
|
1C289280000
|
heap private
|
page read and write
|
|
|
|
17F5E84B000
|
heap private
|
page read and write
|
|
|
|
17F5E840000
|
heap private
|
page read and write
|
|
|
|
1D8010D0000
|
unkown image
|
page readonly
|
|
|
|
17F5E63E000
|
unkown
|
page read and write
|
|
|
|
7FF5566B4000
|
unkown image
|
page readonly
|
|
|
|
1C28C3F0000
|
heap private
|
page read and write
|
|
|
|
7FF5C76EB000
|
unkown image
|
page readonly
|
|
|
|
7FF5C77EA000
|
unkown image
|
page readonly
|
|
|
|
7FF556761000
|
unkown image
|
page readonly
|
|
|
|
7FF556573000
|
unkown image
|
page readonly
|
|
|
|
7DF5DC960000
|
unkown image
|
page readonly
|
|
|
|
7DF5DC972000
|
unkown image
|
page readonly
|
|
|
|
7FF5C73B6000
|
unkown image
|
page readonly
|
|
|
|
180000000
|
unkown image
|
page readonly
|
|
|
|
7FF5566A8000
|
unkown image
|
page readonly
|
|
|
|
7FF5C7807000
|
unkown image
|
page readonly
|
|
|
|
7FF5565DC000
|
unkown image
|
page readonly
|
|
|
|
1C289054000
|
unkown
|
page read and write
|
|
|
|
1C28C2C0000
|
unkown image
|
page readonly
|
|
|
|
1D800E6F000
|
unkown
|
page read and write
|
|
|
|
7FF5C7834000
|
unkown image
|
page readonly
|
|
|
|
1C289200000
|
unkown
|
page read and write
|
|
|
|
7FF5C7693000
|
unkown image
|
page readonly
|
|
|
|
1D800E29000
|
unkown
|
page read and write
|
|
|
|
1D800E00000
|
unkown
|
page read and write
|
|
|
|
7FF5563DE000
|
unkown image
|
page readonly
|
|
|
|
1D8012D0000
|
unkown image
|
page readonly
|
|
|
|
CDF89ED000
|
unkown
|
page read and write
|
|
|
|
7FF5566B8000
|
unkown image
|
page readonly
|
|
|
|
7DF5DC970000
|
unkown image
|
page readonly
|
|
|
|
17F5E7B3000
|
heap private
|
page read and write
|
|
|
|
7FF5C77DC000
|
unkown image
|
page readonly
|
|
|
|
17F61D80000
|
unkown
|
page read and write
|
|
|
|
CDF8DFF000
|
stack
|
page read and write
|
|
|
|
7FF5C781C000
|
unkown image
|
page readonly
|
|
|
|
17F5E720000
|
unkown
|
page read and write
|
|
|
|
7E7D277000
|
stack
|
page read and write
|
|
|
|
25E3ECED000
|
heap default
|
page read and write
|
|
|
|
70C0DEE000
|
stack
|
page read and write
|
|
|
|
7FF5566C4000
|
unkown image
|
page readonly
|
|
|
|
7FF5586E5000
|
unkown image
|
page readonly
|
|
|
|
17F5E643000
|
unkown
|
page read and write
|
|
|
|
7DF56B7E0000
|
unkown image
|
page readonly
|
|
|
|
7FF5C7866000
|
unkown image
|
page readonly
|
|
|
|
180000000
|
unkown image
|
page readonly
|
|
|
|
1C28905A000
|
unkown
|
page read and write
|
|
|
|
1C289230000
|
unkown
|
page read and write
|
|
|
|
17F5EB90000
|
unkown image
|
page readonly
|
|
|
|
7FF5586A3000
|
unkown image
|
page readonly
|
|
|
|
7DF4DA830000
|
unkown image
|
page readonly
|
|
|
|
1C28904F000
|
unkown
|
page read and write
|
|
|
|
7E7CEFE000
|
stack
|
page read and write
|
|
|
|
7DF56B7E2000
|
unkown image
|
page readonly
|
|
|
|
1D800D60000
|
unkown image
|
page readonly
|
|
|
|
1C28C840000
|
unkown
|
page read and write
|
|
|
|
1D800E9B000
|
unkown
|
page read and write
|
|
|
|
7DF5DC980000
|
unkown image
|
page readonly
|
|
|
|
7FF55872A000
|
unkown image
|
page readonly
|
|
|
|
7FF5566ED000
|
unkown image
|
page readonly
|
|
|
|
7DF5DC960000
|
unkown image
|
page readonly
|
|
|
|
7DF56B7E2000
|
unkown image
|
page readonly
|
|
|
|
1D800F02000
|
unkown
|
page read and write
|
|
|
|
7FF556762000
|
unkown image
|
page readonly
|
|
|
|
7FF5586E0000
|
unkown image
|
page readonly
|
|
|
|
7FF556672000
|
unkown image
|
page readonly
|
|
|
|
7E7CBDB000
|
unkown
|
page read and write
|
|
|
|
1D800F00000
|
unkown
|
page read and write
|
|
|
|
1C28904B000
|
unkown
|
page read and write
|
|
|
|
17F5E649000
|
unkown
|
page read and write
|
|
|
|
1D800D50000
|
heap private
|
page read and write
|
|
|
|
1D801602000
|
unkown
|
page read and write
|
|
|
|
7FF5C77DA000
|
unkown image
|
page readonly
|
|
|
|
7DF56D860000
|
unkown image
|
page readonly
|
|
|
|
7FF5585E3000
|
unkown image
|
page readonly
|
|
|
|
1D800D80000
|
unkown image
|
page readonly
|
|
|
|
7DF56D870000
|
unkown image
|
page readonly
|
|
|
|
7DF56D852000
|
unkown image
|
page readonly
|
|
|
|
1C288F70000
|
unkown image
|
page readonly
|
|
|
|
7FF5C783A000
|
unkown image
|
page readonly
|
|
|
|
7FF5585E8000
|
unkown image
|
page readonly
|
|
|
|
1C2895D0000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD780000
|
unkown image
|
page readonly
|
|
|
|
7FF5C7827000
|
unkown image
|
page readonly
|
|
|
|
7FF5C73B0000
|
unkown image
|
page readonly
|
|
|
|
7DF5DC962000
|
unkown image
|
page readonly
|
|
|
|
1D800F13000
|
unkown
|
page read and write
|
|
|
|
1D800D90000
|
unkown image
|
page readonly
|
|
|
|
7FF5C76D1000
|
unkown image
|
page readonly
|
|
|
|
7FF5C77F5000
|
unkown image
|
page readonly
|
|
|
|
1C289020000
|
unkown image
|
page readonly
|
|
|
|
7FF5C784F000
|
unkown image
|
page readonly
|
|
|
|
17F5E7B0000
|
heap private
|
page read and write
|
|
|
|
1D800E6F000
|
unkown
|
page read and write
|
|
|
|
17F61880000
|
unkown image
|
page readonly
|
|
|
|
7DF56D862000
|
unkown image
|
page readonly
|
|
|
|
7FF558734000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD762000
|
unkown image
|
page readonly
|
|
|
|
25E3EB70000
|
unkown image
|
page readonly
|
|
|
|
1C288FA0000
|
unkown image
|
page readonly
|
|
|
|
1C289048000
|
unkown
|
page read and write
|
|
|
|
7DF56B800000
|
unkown image
|
page readonly
|
|
|
|
7FF5C78D4000
|
unkown image
|
page readonly
|
|
|
|
25E3EB70000
|
unkown image
|
page readonly
|
|
|
|
1D800E5E000
|
unkown
|
page read and write
|
|
|
|
70C107E000
|
stack
|
page read and write
|
|
|
|
70C0D6B000
|
unkown
|
page read and write
|
|
|
|
25E3EB50000
|
unkown image
|
page read and write
|
|
|
|
7DF56B7F2000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD770000
|
unkown image
|
page readonly
|
|
|
|
25E3ECE0000
|
heap default
|
page read and write
|
|
|
|
17F5E63A000
|
unkown
|
page read and write
|
|
|
|
7DF56B7F0000
|
unkown image
|
page readonly
|
|
|
|
17F5E643000
|
unkown
|
page read and write
|
|
|
|
7DF4696B0000
|
unkown image
|
page readonly
|
|
|
|
17F5E4F0000
|
unkown image
|
page readonly
|
|
|
|
1C289220000
|
unkown image
|
page readonly
|
|
|
|
7E7D37F000
|
stack
|
page read and write
|
|
|
|
7FF55875D000
|
unkown image
|
page readonly
|
|
|
|
1C289063000
|
unkown
|
page read and write
|
|
|
|
1C289030000
|
heap default
|
page read and write
|
|
|
|
17F5E500000
|
unkown image
|
page readonly
|
|
|
|
7DF56D860000
|
unkown image
|
page readonly
|
|
|
|
7FF4BB630000
|
unkown image
|
page readonly
|
|
|
|
7FF558756000
|
unkown image
|
page readonly
|
|
|
|
17F5E845000
|
heap private
|
page read and write
|
|
|
|
7FF5C775C000
|
unkown image
|
page readonly
|
|
|
|
EC3F7E000
|
stack
|
page read and write
|
|
|
|
7FF5BD762000
|
unkown image
|
page readonly
|
|
|
|
7FF5BD760000
|
unkown image
|
page readonly
|
|
|
|
17F5E4E0000
|
unkown image
|
page read and write
|
|
|
|
7FF5C773D000
|
unkown image
|
page readonly
|
|
|
|
1D800E55000
|
unkown
|
page read and write
|
|
|
|
7DF56D852000
|
unkown image
|
page readonly
|
|
|
|
1C289039000
|
heap default
|
page read and write
|
|
|
|
7FF5C7567000
|
unkown image
|
page readonly
|
|
|
|
7FF5C786D000
|
unkown image
|
page readonly
|
|
|
|
7DF56B7F0000
|
unkown image
|
page readonly
|
|
|
|
180000000
|
unkown image
|
page readonly
|
|
|
|
7DF56B7E0000
|
unkown image
|
page readonly
|
|
|
|
7FF5C7869000
|
unkown image
|
page readonly
|
|
|
|
17F5E64D000
|
unkown
|
page read and write
|
|
|
|
7E7CE7D000
|
stack
|
page read and write
|
|
|
|
1C288FF0000
|
unkown
|
page read and write
|
|
|
|
7DF56D870000
|
unkown image
|
page readonly
|
|
|
|
7E7CFFC000
|
stack
|
page read and write
|
|
|
|
7FF5587C4000
|
unkown image
|
page readonly
|
|
|
|
1C28928B000
|
heap private
|
page read and write
|
|
|
|
25E3EBA0000
|
unkown image
|
page readonly
|
|
|
|
7DF56D850000
|
unkown image
|
page readonly
|
|
|
|
17F5ED10000
|
unkown image
|
page readonly
|
|
There are 267 hidden memdumps, click here to show them.