Introduction to Process Threads View by Nirsoft

L

LabZero

Thread author
Hello to all

I want to introduce another process monitor tool :

Process Threads View by Nirsoft http://www.nirsoft.net/utils/process_threads_view.html

Now I will try to analyse the process created by av.exe malware from Hub (thanks Kram7750).

It is a rogue downloader, which connects to download main application.

Cattura.PNG



Select the malicious process and open the second screen of the software

Here we can find all the information about the process and threads

Cattura1.PNG


The selection of a thread in the upper half of the window displays its stack data information in the lower half.

Displayed in particular are strings found in the stack,stack modules adress, call stack and processor registers.

This is a simplification, but it is useful to see what is actually a malware in the background.:)
 
Last edited by a moderator:
S

Sr. Normal

Thread author
Thanks amico. :)

It seems a very interesting tool . Thanks for sharing it with everyone.:)
 
  • Like
Reactions: LabZero
T

TheSuperGeek

Thread author
I'll add this soft to my "malware analysing toolbox".
Thanks for sharing.
 
  • Like
Reactions: LabZero

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top