Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Zpevdo.14269.7346.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.BScope.Trojan.Zpevdo.14269.7346.exe"
|
 |
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://tomseditor.com/blog/Projector.exe
|
unknown
|
||
|
http://tomseditor.com/blog/youtube_thumb.php?url=
|
unknown
|
||
|
http://tomseditor.com/blog/vieweropen
|
unknown
|
||
|
http://tomseditor.com/blog/viewer_update.php?v=
|
unknown
|
||
|
http://nitton.pl/tomseditor/index.php
|
unknown
|
||
|
http://tomseditor.com/blog/viewer
|
unknown
|
||
|
http://tomseditor.com/blog/vieweropenS
|
unknown
|
||
|
http://tomseditor.com/blog/vieweropenSV
|
unknown
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2540000
|
trusted library allocation
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
5A5000
|
unkown
|
page write copy
|
||
|
8D7000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
760000
|
heap
|
page read and write
|
||
|
2C9F000
|
stack
|
page read and write
|
||
|
BE5000
|
heap
|
page read and write
|
||
|
24F3000
|
heap
|
page read and write
|
||
|
2B9E000
|
stack
|
page read and write
|
||
|
593000
|
unkown
|
page execute and read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
57A000
|
unkown
|
page execute and read and write
|
||
|
880000
|
direct allocation
|
page execute and read and write
|
||
|
401000
|
unkown
|
page execute and read and write
|
||
|
55F000
|
unkown
|
page execute and read and write
|
||
|
589000
|
unkown
|
page execute and read and write
|
||
|
532000
|
unkown
|
page execute and write copy
|
||
|
2CDE000
|
stack
|
page read and write
|
||
|
8AE000
|
heap
|
page read and write
|
||
|
8DA000
|
heap
|
page read and write
|
||
|
6DE000
|
stack
|
page read and write
|
||
|
8DC000
|
heap
|
page read and write
|
||
|
8C9000
|
heap
|
page read and write
|
||
|
597000
|
unkown
|
page execute and read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
533000
|
unkown
|
page execute and read and write
|
||
|
8CD000
|
heap
|
page read and write
|
||
|
561000
|
unkown
|
page execute and read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2DDF000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
AA0000
|
direct allocation
|
page read and write
|
||
|
2550000
|
heap
|
page read and write
|
||
|
8AA000
|
heap
|
page read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
8D1000
|
heap
|
page read and write
|
||
|
99000
|
stack
|
page read and write
|
||
|
24F0000
|
heap
|
page read and write
|
||
|
87F000
|
stack
|
page read and write
|
||
|
5B2000
|
unkown
|
page read and write
|
||
|
BE9000
|
heap
|
page read and write
|
||
|
4570000
|
trusted library allocation
|
page read and write
|
||
|
8A0000
|
heap
|
page read and write
|
There are 34 hidden memdumps, click here to show them.