Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\OpenWith.exe
|
C:\Windows\system32\OpenWith.exe -Embedding
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1F2CB500000
|
heap
|
page read and write
|
||
|
6AC417C000
|
stack
|
page read and write
|
||
|
1F2CB550000
|
heap
|
page read and write
|
||
|
6AC41FE000
|
stack
|
page read and write
|
||
|
1F2CB4D0000
|
heap
|
page read and write
|
||
|
6AC3DBF000
|
stack
|
page read and write
|
||
|
1F2CB563000
|
heap
|
page read and write
|
||
|
1F2CB558000
|
heap
|
page read and write
|
||
|
6AC40FE000
|
stack
|
page read and write
|
||
|
6AC3D3A000
|
stack
|
page read and write
|
||
|
1F2CCE90000
|
heap
|
page read and write
|
||
|
1F2CCE30000
|
heap
|
page read and write
|
||
|
1F2CCE95000
|
heap
|
page read and write
|
||
|
6AC407F000
|
stack
|
page read and write
|
||
|
1F2CB57C000
|
heap
|
page read and write
|
||
|
1F2CB390000
|
heap
|
page read and write
|
There are 6 hidden memdumps, click here to show them.