Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\run.js"
|
 |
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
bg.microsoft.map.fastly.net
|
199.232.210.172
|
||
|
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Script\Settings\Telemetry\wscript.exe
|
JScriptSetScriptStateStarted
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2294D46E000
|
heap
|
page read and write
|
||
|
2294D3D0000
|
heap
|
page read and write
|
||
|
2294D3F0000
|
heap
|
page read and write
|
||
|
2294D785000
|
heap
|
page read and write
|
||
|
2294D480000
|
heap
|
page read and write
|
||
|
2294D3C0000
|
heap
|
page read and write
|
||
|
2294D480000
|
heap
|
page read and write
|
||
|
2294D47E000
|
heap
|
page read and write
|
||
|
2294D450000
|
heap
|
page read and write
|
||
|
2294D4A2000
|
heap
|
page read and write
|
||
|
2294D4B6000
|
heap
|
page read and write
|
||
|
2294D43E000
|
heap
|
page read and write
|
||
|
2294D450000
|
heap
|
page read and write
|
||
|
2294D479000
|
heap
|
page read and write
|
||
|
22950C30000
|
trusted library allocation
|
page read and write
|
||
|
2294D4BD000
|
heap
|
page read and write
|
||
|
69B76FF000
|
stack
|
page read and write
|
||
|
2294D493000
|
heap
|
page read and write
|
||
|
2294D47E000
|
heap
|
page read and write
|
||
|
2294D450000
|
heap
|
page read and write
|
||
|
2294D477000
|
heap
|
page read and write
|
||
|
2294D49F000
|
heap
|
page read and write
|
||
|
2294D48F000
|
heap
|
page read and write
|
||
|
2294D477000
|
heap
|
page read and write
|
||
|
2294D485000
|
heap
|
page read and write
|
||
|
22950B10000
|
heap
|
page read and write
|
||
|
69B72FE000
|
stack
|
page read and write
|
||
|
2294D420000
|
heap
|
page read and write
|
||
|
2294D780000
|
heap
|
page read and write
|
||
|
69B79FE000
|
stack
|
page read and write
|
||
|
69B77FE000
|
stack
|
page read and write
|
||
|
69B73FE000
|
stack
|
page read and write
|
||
|
69B75FE000
|
stack
|
page read and write
|
||
|
69B6F4A000
|
stack
|
page read and write
|
||
|
2294F2B0000
|
heap
|
page read and write
|
||
|
2294D48F000
|
heap
|
page read and write
|
||
|
2294D484000
|
heap
|
page read and write
|
||
|
2294D45F000
|
heap
|
page read and write
|
||
|
2294D48F000
|
heap
|
page read and write
|
||
|
2294D471000
|
heap
|
page read and write
|
||
|
2294D494000
|
heap
|
page read and write
|
||
|
2294D485000
|
heap
|
page read and write
|
||
|
2294D480000
|
heap
|
page read and write
|
||
|
2294D49E000
|
heap
|
page read and write
|
||
|
2294D4BD000
|
heap
|
page read and write
|
||
|
2294D485000
|
heap
|
page read and write
|
||
|
2294F2B3000
|
heap
|
page read and write
|
||
|
2294D443000
|
heap
|
page read and write
|
||
|
2294D44F000
|
heap
|
page read and write
|
||
|
2294D480000
|
heap
|
page read and write
|
||
|
2294D48F000
|
heap
|
page read and write
|
||
|
2294D48F000
|
heap
|
page read and write
|
||
|
2294D479000
|
heap
|
page read and write
|
||
|
2294D45E000
|
heap
|
page read and write
|
||
|
2294EF60000
|
heap
|
page read and write
|
||
|
2294D499000
|
heap
|
page read and write
|
||
|
2294D463000
|
heap
|
page read and write
|
||
|
2294EF64000
|
heap
|
page read and write
|
||
|
69B7AFF000
|
stack
|
page read and write
|
||
|
2294D443000
|
heap
|
page read and write
|
||
|
2294D498000
|
heap
|
page read and write
|
||
|
2294D464000
|
heap
|
page read and write
|
||
|
2294D47E000
|
heap
|
page read and write
|
||
|
69B78FF000
|
stack
|
page read and write
|
||
|
2294D47E000
|
heap
|
page read and write
|
There are 55 hidden memdumps, click here to show them.