Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\uCLkYbZQoA.exe
|
"C:\Users\user\Desktop\uCLkYbZQoA.exe"
|
 |
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://47.110.247.171/login/login.php
|
47.110.247.171
|
||
|
http://www.eyuyan.com)DVarFileInfo$
|
unknown
|
||
|
https://pan.baidu.com/s/1D28osmCWE-A_Oote3X5wsg?pwd=985d
|
unknown
|
||
|
http://47.110.247.171/chdyz/chdyz.7z.tmpSuper-EC
|
unknown
|
||
|
http://47.110.247.171/login/login.phpl_
|
unknown
|
||
|
http://47.110.247.171/login/verup.php0-1
|
unknown
|
||
|
http://47.110.247.171/chdyz/chdyz.7z
|
unknown
|
||
|
http://47.110.247.171/wR
|
unknown
|
||
|
http://47.110.247.171/login/verup.php
|
47.110.247.171
|
||
|
http://47.110.247.171/chdyz/chdyz.dll
|
unknown
|
||
|
http://47.110.247.171/
|
unknown
|
||
|
http://47.110.247.171/chdyz/chdyz.exe
|
unknown
|
There are 2 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
47.110.247.171
|
unknown
|
China
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
56A000
|
heap
|
page read and write
|
||
|
AB0000
|
heap
|
page read and write
|
||
|
4E5000
|
unkown
|
page write copy
|
||
|
5E9000
|
heap
|
page read and write
|
||
|
245E000
|
stack
|
page read and write
|
||
|
5A1000
|
heap
|
page read and write
|
||
|
506000
|
unkown
|
page read and write
|
||
|
4FA000
|
unkown
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
5D9000
|
heap
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
700000
|
heap
|
page read and write
|
||
|
4EF000
|
unkown
|
page write copy
|
||
|
B16000
|
heap
|
page read and write
|
||
|
43B0000
|
remote allocation
|
page read and write
|
||
|
707000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
5D3000
|
heap
|
page read and write
|
||
|
5FC000
|
heap
|
page read and write
|
||
|
5FC000
|
heap
|
page read and write
|
||
|
5A8000
|
heap
|
page read and write
|
||
|
2A30000
|
trusted library allocation
|
page read and write
|
||
|
5C80000
|
trusted library allocation
|
page read and write
|
||
|
606000
|
heap
|
page read and write
|
||
|
595000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
23B0000
|
heap
|
page read and write
|
||
|
2921000
|
heap
|
page read and write
|
||
|
56E000
|
heap
|
page read and write
|
||
|
2465000
|
heap
|
page read and write
|
||
|
414E000
|
stack
|
page read and write
|
||
|
5C6000
|
heap
|
page read and write
|
||
|
B10000
|
heap
|
page read and write
|
||
|
4E3000
|
unkown
|
page read and write
|
||
|
2460000
|
heap
|
page read and write
|
||
|
5BB000
|
heap
|
page read and write
|
||
|
5E8000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
43B0000
|
remote allocation
|
page read and write
|
||
|
5D9000
|
heap
|
page read and write
|
||
|
4E1000
|
unkown
|
page write copy
|
||
|
5D3000
|
heap
|
page read and write
|
||
|
5A4000
|
heap
|
page read and write
|
||
|
5B4000
|
heap
|
page read and write
|
||
|
5AB000
|
heap
|
page read and write
|
||
|
410E000
|
stack
|
page read and write
|
||
|
400D000
|
stack
|
page read and write
|
||
|
438F000
|
stack
|
page read and write
|
||
|
5A1000
|
heap
|
page read and write
|
||
|
5D9000
|
heap
|
page read and write
|
||
|
4C5000
|
unkown
|
page readonly
|
||
|
428E000
|
stack
|
page read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
4FA000
|
unkown
|
page write copy
|
||
|
537000
|
unkown
|
page read and write
|
||
|
5D3000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
424F000
|
stack
|
page read and write
|
||
|
4F6000
|
unkown
|
page read and write
|
||
|
240E000
|
stack
|
page read and write
|
||
|
4EE000
|
unkown
|
page read and write
|
||
|
5E3000
|
heap
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
5B2000
|
heap
|
page read and write
|
||
|
5D9000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2414000
|
heap
|
page read and write
|
||
|
60A000
|
heap
|
page read and write
|
||
|
5C6000
|
heap
|
page read and write
|
||
|
90000
|
stack
|
page read and write
|
||
|
53A000
|
unkown
|
page readonly
|
||
|
660000
|
heap
|
page read and write
|
||
|
2A40000
|
heap
|
page read and write
|
||
|
5BB000
|
heap
|
page read and write
|
||
|
2BCF000
|
stack
|
page read and write
|
||
|
B1A000
|
heap
|
page read and write
|
||
|
5DA000
|
heap
|
page read and write
|
||
|
5E2000
|
heap
|
page read and write
|
||
|
2920000
|
heap
|
page read and write
|
||
|
601000
|
heap
|
page read and write
|
||
|
5C6000
|
heap
|
page read and write
|
||
|
705000
|
heap
|
page read and write
|
||
|
5B6000
|
heap
|
page read and write
|
||
|
43B0000
|
remote allocation
|
page read and write
|
||
|
5BE000
|
heap
|
page read and write
|
||
|
4E1000
|
unkown
|
page write copy
|
||
|
60A000
|
heap
|
page read and write
|
||
|
5D5000
|
heap
|
page read and write
|
||
|
5A8000
|
heap
|
page read and write
|
||
|
2ACE000
|
stack
|
page read and write
|
||
|
53A000
|
unkown
|
page readonly
|
||
|
4C5000
|
unkown
|
page readonly
|
||
|
2410000
|
heap
|
page read and write
|
||
|
5D4000
|
heap
|
page read and write
|
||
|
5C9000
|
heap
|
page read and write
|
||
|
532000
|
unkown
|
page read and write
|
||
|
5DF000
|
heap
|
page read and write
|
There are 89 hidden memdumps, click here to show them.