Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\b4f0000.dll"
|
 |
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\b4f0000.dll,#1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\b4f0000.dll",#1
|
|
|
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\b4f0000.dll",#1
|
 |
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7DF540A42000
|
unkown image
|
page readonly
|
|
|
|
C9948FE000
|
stack
|
page read and write
|
|
|
|
28D4FB7E000
|
unkown
|
page read and write
|
|
|
|
7FF53C085000
|
unkown image
|
page readonly
|
|
|
|
1E434EE0000
|
unkown image
|
page readonly
|
|
|
|
28D4FB5A000
|
heap default
|
page read and write
|
|
|
|
7FF53C3E7000
|
unkown image
|
page readonly
|
|
|
|
1E434EF5000
|
heap private
|
page read and write
|
|
|
|
7DF540A40000
|
unkown image
|
page readonly
|
|
|
|
7DF540A50000
|
unkown image
|
page readonly
|
|
|
|
7FF53C2F7000
|
unkown image
|
page readonly
|
|
|
|
1E4380D3000
|
heap private
|
page read and write
|
|
|
|
7FF5487D2000
|
unkown image
|
page readonly
|
|
|
|
180000000
|
unkown image
|
page readonly
|
|
|
|
7FF536C47000
|
unkown image
|
page readonly
|
|
|
|
7FF5487C2000
|
unkown image
|
page readonly
|
|
|
|
7FF536BD6000
|
unkown image
|
page readonly
|
|
|
|
7FF53C416000
|
unkown image
|
page readonly
|
|
|
|
7DF5461D0000
|
unkown image
|
page readonly
|
|
|
|
7DF540A32000
|
unkown image
|
page readonly
|
|
|
|
7FF536B41000
|
unkown image
|
page readonly
|
|
|
|
7FF53C366000
|
unkown image
|
page readonly
|
|
|
|
1E434CB0000
|
unkown image
|
page readonly
|
|
|
|
1626025D000
|
heap default
|
page read and write
|
|
|
|
7FF53C3EB000
|
unkown image
|
page readonly
|
|
|
|
7FF53C379000
|
unkown image
|
page readonly
|
|
|
|
28D50280000
|
unkown image
|
page readonly
|
|
|
|
7FF536C86000
|
unkown image
|
page readonly
|
|
|
|
16260263000
|
heap default
|
page read and write
|
|
|
|
1E436820000
|
unkown
|
page read and write
|
|
|
|
B772FF000
|
stack
|
page read and write
|
|
|
|
16260080000
|
unkown image
|
page read and write
|
|
|
|
28D4FAD0000
|
unkown image
|
page readonly
|
|
|
|
7FF53C335000
|
unkown image
|
page readonly
|
|
|
|
28D4FDB0000
|
heap private
|
page read and write
|
|
|
|
1E434EF0000
|
heap private
|
page read and write
|
|
|
|
1E434DE0000
|
heap default
|
page read and write
|
|
|
|
1E435400000
|
unkown image
|
page readonly
|
|
|
|
7FF53C24A000
|
unkown image
|
page readonly
|
|
|
|
7FF536C4D000
|
unkown image
|
page readonly
|
|
|
|
28D4FB6F000
|
unkown
|
page read and write
|
|
|
|
7FF53C3DD000
|
unkown image
|
page readonly
|
|
|
|
1E434DFF000
|
unkown
|
page read and write
|
|
|
|
28D4FB74000
|
unkown
|
page read and write
|
|
|
|
7FF5487E0000
|
unkown image
|
page readonly
|
|
|
|
28D50100000
|
unkown image
|
page readonly
|
|
|
|
7FF536BA5000
|
unkown image
|
page readonly
|
|
|
|
28D4FB71000
|
unkown
|
page read and write
|
|
|
|
28D4FB6B000
|
unkown
|
page read and write
|
|
|
|
1E438050000
|
unkown image
|
page readonly
|
|
|
|
28D4FB7A000
|
unkown
|
page read and write
|
|
|
|
1E434E03000
|
unkown
|
page read and write
|
|
|
|
7DF5461E0000
|
unkown image
|
page readonly
|
|
|
|
7FF53C3D4000
|
unkown image
|
page readonly
|
|
|
|
1E434DFB000
|
unkown
|
page read and write
|
|
|
|
7DF5461C0000
|
unkown image
|
page readonly
|
|
|
|
C99455B000
|
unkown
|
page read and write
|
|
|
|
28D4FD20000
|
unkown
|
page read and write
|
|
|
|
1E434DEE000
|
heap default
|
page read and write
|
|
|
|
1E434CB0000
|
unkown image
|
page readonly
|
|
|
|
7DF540A30000
|
unkown image
|
page readonly
|
|
|
|
7FF536C83000
|
unkown image
|
page readonly
|
|
|
|
7FF5487C0000
|
unkown image
|
page readonly
|
|
|
|
7FF536B37000
|
unkown image
|
page readonly
|
|
|
|
1E438420000
|
unkown
|
page read and write
|
|
|
|
28D4FF00000
|
unkown image
|
page readonly
|
|
|
|
28D4FD40000
|
unkown image
|
page readonly
|
|
|
|
7FF53C427000
|
unkown image
|
page readonly
|
|
|
|
7FF536B67000
|
unkown image
|
page readonly
|
|
|
|
7FF536C8B000
|
unkown image
|
page readonly
|
|
|
|
1E434CA0000
|
unkown image
|
page readonly
|
|
|
|
7FF53C346000
|
unkown image
|
page readonly
|
|
|
|
7FF536ABA000
|
unkown image
|
page readonly
|
|
|
|
7FF536BB6000
|
unkown image
|
page readonly
|
|
|
|
7FF536BDD000
|
unkown image
|
page readonly
|
|
|
|
1E434E0B000
|
unkown
|
page read and write
|
|
|
|
1E434F00000
|
unkown
|
page read and write
|
|
|
|
28D4FDB5000
|
heap private
|
page read and write
|
|
|
|
7FF536C54000
|
unkown image
|
page readonly
|
|
|
|
7FF536C63000
|
unkown image
|
page readonly
|
|
|
|
7FF53C413000
|
unkown image
|
page readonly
|
|
|
|
4281B7E000
|
stack
|
page read and write
|
|
|
|
C99487E000
|
stack
|
page read and write
|
|
|
|
28D4FB7E000
|
unkown
|
page read and write
|
|
|
|
28D4FAF0000
|
unkown image
|
page readonly
|
|
|
|
162600A0000
|
unkown image
|
page readonly
|
|
|
|
1E438520000
|
unkown
|
page read and write
|
|
|
|
28D4FAD0000
|
unkown image
|
page readonly
|
|
|
|
7FF53C3E4000
|
unkown image
|
page readonly
|
|
|
|
28D53330000
|
unkown
|
page read and write
|
|
|
|
7DF540A32000
|
unkown image
|
page readonly
|
|
|
|
7FF53C23E000
|
unkown image
|
page readonly
|
|
|
|
1E434E03000
|
unkown
|
page read and write
|
|
|
|
7FF536C44000
|
unkown image
|
page readonly
|
|
|
|
7FF536C97000
|
unkown image
|
page readonly
|
|
|
|
C9945DE000
|
stack
|
page read and write
|
|
|
|
1E434C90000
|
unkown image
|
page read and write
|
|
|
|
1E438070000
|
unkown
|
page read and write
|
|
|
|
7DF540A42000
|
unkown image
|
page readonly
|
|
|
|
7FF536AAE000
|
unkown image
|
page readonly
|
|
|
|
7FF536BE7000
|
unkown image
|
page readonly
|
|
|
|
7DF540A30000
|
unkown image
|
page readonly
|
|
|
|
7FF5487D0000
|
unkown image
|
page readonly
|
|
|
|
7DF5461C2000
|
unkown image
|
page readonly
|
|
|
|
1E435080000
|
unkown image
|
page readonly
|
|
|
|
7DF444090000
|
unkown image
|
page readonly
|
|
|
|
28D4FB6B000
|
unkown
|
page read and write
|
|
|
|
162600A0000
|
unkown image
|
page readonly
|
|
|
|
28D4FD80000
|
heap private
|
page read and write
|
|
|
|
28D4FB83000
|
unkown
|
page read and write
|
|
|
|
7DF5461D2000
|
unkown image
|
page readonly
|
|
|
|
7FF536B15000
|
unkown image
|
page readonly
|
|
|
|
1E435280000
|
unkown image
|
page readonly
|
|
|
|
4281A7B000
|
unkown
|
page read and write
|
|
|
|
1E436830000
|
unkown
|
page read and write
|
|
|
|
28D4FAC0000
|
unkown image
|
page readonly
|
|
|
|
7FF536BEE000
|
unkown image
|
page readonly
|
|
|
|
4281AFE000
|
stack
|
page read and write
|
|
|
|
1E434E04000
|
unkown
|
page read and write
|
|
|
|
1E434E10000
|
unkown
|
page read and write
|
|
|
|
28D4FB74000
|
unkown
|
page read and write
|
|
|
|
7FF536C57000
|
unkown image
|
page readonly
|
|
|
|
1E4380D0000
|
heap private
|
page read and write
|
|
|
|
7FF53C36D000
|
unkown image
|
page readonly
|
|
|
|
7FF5487D0000
|
unkown image
|
page readonly
|
|
|
|
7FF53C37E000
|
unkown image
|
page readonly
|
|
|
|
1E434CD0000
|
unkown image
|
page readonly
|
|
|
|
7DF5461C2000
|
unkown image
|
page readonly
|
|
|
|
B770FD000
|
unkown
|
page read and write
|
|
|
|
1E437F90000
|
unkown image
|
page readonly
|
|
|
|
28D4FD70000
|
unkown image
|
page readonly
|
|
|
|
28D4FB50000
|
heap default
|
page read and write
|
|
|
|
7DF5461E0000
|
unkown image
|
page readonly
|
|
|
|
7DF540A40000
|
unkown image
|
page readonly
|
|
|
|
28D4FB70000
|
unkown
|
page read and write
|
|
|
|
162601C0000
|
unkown
|
page read and write
|
|
|
|
7FF53C2D1000
|
unkown image
|
page readonly
|
|
|
|
7FF5487D2000
|
unkown image
|
page readonly
|
|
|
|
180000000
|
unkown image
|
page readonly
|
|
|
|
28D4FB8F000
|
unkown
|
page read and write
|
|
|
|
7FF53C41B000
|
unkown image
|
page readonly
|
|
|
|
7DF540A50000
|
unkown image
|
page readonly
|
|
|
|
180000000
|
unkown image
|
page readonly
|
|
|
|
28D52DF0000
|
unkown image
|
page readonly
|
|
|
|
1E434DFF000
|
unkown
|
page read and write
|
|
|
|
28D4FD83000
|
heap private
|
page read and write
|
|
|
|
28D4FD90000
|
unkown
|
page read and write
|
|
|
|
7FF53C377000
|
unkown image
|
page readonly
|
|
|
|
28D4FB00000
|
unkown image
|
page readonly
|
|
|
|
7FF536AA8000
|
unkown image
|
page readonly
|
|
|
|
162600D0000
|
unkown image
|
page readonly
|
|
|
|
7FF5487E0000
|
unkown image
|
page readonly
|
|
|
|
7FF53C3D7000
|
unkown image
|
page readonly
|
|
|
|
7DF5461D0000
|
unkown image
|
page readonly
|
|
|
|
7FF5487C2000
|
unkown image
|
page readonly
|
|
|
|
7DF5461C0000
|
unkown image
|
page readonly
|
|
|
|
7FF536C97000
|
unkown image
|
page readonly
|
|
|
|
7FF536C6A000
|
unkown image
|
page readonly
|
|
|
|
1E434DFB000
|
unkown
|
page read and write
|
|
|
|
7FF53C2A5000
|
unkown image
|
page readonly
|
|
|
|
28D516A0000
|
unkown
|
page read and write
|
|
|
|
7FF53C427000
|
unkown image
|
page readonly
|
|
|
|
7FF53C3FA000
|
unkown image
|
page readonly
|
|
|
|
7DF43E900000
|
unkown image
|
page readonly
|
|
|
|
B771FF000
|
stack
|
page read and write
|
|
|
|
28D4FAB0000
|
unkown image
|
page read and write
|
|
|
|
7DF5461D2000
|
unkown image
|
page readonly
|
|
|
|
7FF5487C0000
|
unkown image
|
page readonly
|
|
|
|
28D4FDBB000
|
heap private
|
page read and write
|
|
|
|
1E434F20000
|
unkown
|
page read and write
|
|
|
|
28D4FB20000
|
unkown
|
page read and write
|
|
|
|
16260250000
|
heap default
|
page read and write
|
|
|
|
180000000
|
unkown image
|
page readonly
|
|
|
|
7FF446690000
|
unkown image
|
page readonly
|
|
|
|
7FF53C2C7000
|
unkown image
|
page readonly
|
|
|
|
1E434E03000
|
unkown
|
page read and write
|
|
|
|
7FF536C5B000
|
unkown image
|
page readonly
|
|
|
|
7FF536BE9000
|
unkown image
|
page readonly
|
|
|
|
28D531F0000
|
unkown
|
page read and write
|
|
|
|
1E434CE0000
|
unkown image
|
page readonly
|
|
|
|
28D4FD50000
|
unkown
|
page read and write
|
|
|
|
7FF5368F5000
|
unkown image
|
page readonly
|
|
|
|
7FF53C3F3000
|
unkown image
|
page readonly
|
|
|
|
1E434DFF000
|
unkown
|
page read and write
|
|
|
|
28D4FB96000
|
unkown
|
page read and write
|
|
|
|
1E434EFB000
|
heap private
|
page read and write
|
|
|
|
7FF53C238000
|
unkown image
|
page readonly
|
|
|
|
162600C0000
|
unkown image
|
page readonly
|
|
There are 178 hidden memdumps, click here to show them.