Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Windows\System32\OpenWith.exe
|
C:\Windows\system32\OpenWith.exe -Embedding
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
1F2CB500000
|
heap
|
page read and write
|
||
6AC417C000
|
stack
|
page read and write
|
||
1F2CB550000
|
heap
|
page read and write
|
||
6AC41FE000
|
stack
|
page read and write
|
||
1F2CB4D0000
|
heap
|
page read and write
|
||
6AC3DBF000
|
stack
|
page read and write
|
||
1F2CB563000
|
heap
|
page read and write
|
||
1F2CB558000
|
heap
|
page read and write
|
||
6AC40FE000
|
stack
|
page read and write
|
||
6AC3D3A000
|
stack
|
page read and write
|
||
1F2CCE90000
|
heap
|
page read and write
|
||
1F2CCE30000
|
heap
|
page read and write
|
||
1F2CCE95000
|
heap
|
page read and write
|
||
6AC407F000
|
stack
|
page read and write
|
||
1F2CB57C000
|
heap
|
page read and write
|
||
1F2CB390000
|
heap
|
page read and write
|
There are 6 hidden memdumps, click here to show them.