Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\notepad.exe
|
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\user\Desktop\readme.txt
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.nirsoft.net/utils/product_cd_key_viewer.html
|
unknown
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
21BE0599000
|
heap
|
page read and write
|
||
|
21BE3F20000
|
trusted library allocation
|
page read and write
|
||
|
21BE0568000
|
heap
|
page read and write
|
||
|
21BE07B5000
|
heap
|
page read and write
|
||
|
21BE07B0000
|
heap
|
page read and write
|
||
|
CB2E67E000
|
stack
|
page read and write
|
||
|
21BE0520000
|
heap
|
page read and write
|
||
|
CB2E5FD000
|
stack
|
page read and write
|
||
|
21BE0793000
|
heap
|
page read and write
|
||
|
21BE0595000
|
heap
|
page read and write
|
||
|
21BE0770000
|
heap
|
page read and write
|
||
|
21BE05DF000
|
heap
|
page read and write
|
||
|
CB2E1A7000
|
stack
|
page read and write
|
||
|
21BE0490000
|
heap
|
page read and write
|
||
|
21BE059A000
|
heap
|
page read and write
|
||
|
21BE05D8000
|
heap
|
page read and write
|
||
|
21BE07BE000
|
heap
|
page read and write
|
||
|
21BE0591000
|
heap
|
page read and write
|
||
|
21BE3770000
|
heap
|
page read and write
|
||
|
21BE0790000
|
heap
|
page read and write
|
||
|
21BE0560000
|
heap
|
page read and write
|
||
|
21BE0500000
|
heap
|
page read and write
|
There are 12 hidden memdumps, click here to show them.