Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\6f2b0a1890381cd7f98f920e2ecca11d2cc54f0e50c85.exe
|
"C:\Users\user\Desktop\6f2b0a1890381cd7f98f920e2ecca11d2cc54f0e50c85.exe"
|
 |
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
googledocs.duckdns.org:1316
|
|
||
|
http://crl.thawte.com/ThawteTimestampingCA.crl0
|
unknown
|
||
|
http://www.videolan.org/0
|
unknown
|
||
|
http://ocsp.thawte.com0
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
googledocs.duckdns.org
|
192.169.69.25
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.169.69.25
|
googledocs.duckdns.org
|
United States
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
5810000
|
trusted library section
|
page read and write
|
|
|
|
31D1000
|
trusted library allocation
|
page read and write
|
|
|
|
3259000
|
trusted library allocation
|
page read and write
|
|
|
|
AF2000
|
unkown
|
page readonly
|
||
|
EF6000
|
stack
|
page read and write
|
||
|
41D1000
|
trusted library allocation
|
page read and write
|
||
|
10C6000
|
trusted library allocation
|
page read and write
|
||
|
5A20000
|
heap
|
page read and write
|
||
|
3235000
|
trusted library allocation
|
page read and write
|
||
|
6000000
|
unclassified section
|
page read and write
|
||
|
3210000
|
trusted library allocation
|
page read and write
|
||
|
1117000
|
trusted library allocation
|
page execute and read and write
|
||
|
598D000
|
stack
|
page read and write
|
||
|
1020000
|
heap
|
page read and write
|
||
|
35F4000
|
trusted library allocation
|
page read and write
|
||
|
164E000
|
stack
|
page read and write
|
||
|
116E000
|
heap
|
page read and write
|
||
|
5A10000
|
trusted library allocation
|
page execute and read and write
|
||
|
57F0000
|
trusted library section
|
page read and write
|
||
|
558F000
|
stack
|
page read and write
|
||
|
5A48000
|
heap
|
page read and write
|
||
|
57E0000
|
trusted library section
|
page read and write
|
||
|
145E000
|
stack
|
page read and write
|
||
|
10FA000
|
trusted library allocation
|
page execute and read and write
|
||
|
5360000
|
trusted library allocation
|
page read and write
|
||
|
1112000
|
trusted library allocation
|
page read and write
|
||
|
1546000
|
heap
|
page read and write
|
||
|
EF9000
|
stack
|
page read and write
|
||
|
119F000
|
heap
|
page read and write
|
||
|
10EA000
|
trusted library allocation
|
page execute and read and write
|
||
|
115E000
|
stack
|
page read and write
|
||
|
10F7000
|
trusted library allocation
|
page execute and read and write
|
||
|
106E000
|
stack
|
page read and write
|
||
|
5690000
|
trusted library allocation
|
page read and write
|
||
|
52CE000
|
stack
|
page read and write
|
||
|
116A000
|
heap
|
page read and write
|
||
|
10E0000
|
trusted library allocation
|
page read and write
|
||
|
5F50000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A30000
|
heap
|
page read and write
|
||
|
1110000
|
trusted library allocation
|
page read and write
|
||
|
1160000
|
heap
|
page read and write
|
||
|
1100000
|
trusted library allocation
|
page read and write
|
||
|
10DA000
|
trusted library allocation
|
page execute and read and write
|
||
|
1268000
|
heap
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
10F0000
|
trusted library allocation
|
page read and write
|
||
|
1258000
|
heap
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
1540000
|
heap
|
page read and write
|
||
|
154B000
|
heap
|
page read and write
|
||
|
5A88000
|
heap
|
page read and write
|
||
|
57BB000
|
stack
|
page read and write
|
||
|
5880000
|
heap
|
page read and write
|
||
|
1260000
|
heap
|
page read and write
|
||
|
1478000
|
trusted library allocation
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
5FBC000
|
stack
|
page read and write
|
||
|
111B000
|
trusted library allocation
|
page execute and read and write
|
||
|
AD0000
|
unkown
|
page readonly
|
||
|
5370000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A94000
|
heap
|
page read and write
|
||
|
1185000
|
heap
|
page read and write
|
||
|
586E000
|
stack
|
page read and write
|
||
|
110A000
|
trusted library allocation
|
page execute and read and write
|
||
|
3490000
|
trusted library allocation
|
page read and write
|
||
|
5FF8000
|
stack
|
page read and write
|
||
|
10C0000
|
trusted library allocation
|
page read and write
|
||
|
530E000
|
stack
|
page read and write
|
||
|
57D0000
|
heap
|
page read and write
|
||
|
1870000
|
heap
|
page read and write
|
||
|
5696000
|
trusted library allocation
|
page read and write
|
||
|
16D0000
|
heap
|
page execute and read and write
|
||
|
AD2000
|
unkown
|
page readonly
|
||
|
1236000
|
heap
|
page read and write
|
||
|
168C000
|
stack
|
page read and write
|
||
|
1223000
|
heap
|
page read and write
|
||
|
5380000
|
heap
|
page read and write
|
||
|
B89000
|
stack
|
page read and write
|
||
|
7F930000
|
trusted library allocation
|
page execute and read and write
|
||
|
1230000
|
heap
|
page read and write
|
||
|
5D2E000
|
stack
|
page read and write
|
||
|
57C0000
|
trusted library allocation
|
page read and write
|
||
|
5B30000
|
heap
|
page read and write
|
||
|
1102000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A64000
|
heap
|
page read and write
|
||
|
10D2000
|
trusted library allocation
|
page execute and read and write
|
||
|
10E2000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A3A000
|
heap
|
page read and write
|
There are 78 hidden memdumps, click here to show them.