Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
qkEiY0zdm4.exe
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
||
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\qkEiY0zdm4.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Users\user\Desktop\qkEiY0zdm4.exe
|
"C:\Users\user\Desktop\qkEiY0zdm4.exe"
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
http://www.fontbureau.com
|
unknown
|
||
http://www.fontbureau.com/designersG
|
unknown
|
||
https://api.ip.sb/ip
|
unknown
|
||
http://www.fontbureau.com/designers/?
|
unknown
|
||
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
http://www.fontbureau.com/designers?
|
unknown
|
||
http://www.tiro.com
|
unknown
|
||
https://api.ip.s
|
unknown
|
||
http://www.fontbureau.com/designers
|
unknown
|
||
http://www.goodfont.co.kr
|
unknown
|
||
http://www.carterandcone.coml
|
unknown
|
||
http://www.sajatypeworks.com
|
unknown
|
||
http://www.typography.netD
|
unknown
|
||
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
http://www.founder.com.cn/cn
|
unknown
|
||
https://api.ip.sb/ip(
|
unknown
|
||
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
https://discord.com/api/v9/users/
|
unknown
|
||
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
http://www.fontbureau.com/designers8
|
unknown
|
||
http://www.fonts.com
|
unknown
|
||
http://www.sandoll.co.kr
|
unknown
|
||
http://www.urwpp.deDPlease
|
unknown
|
||
http://www.zhongyicts.com.cn
|
unknown
|
||
http://www.sakkal.com
|
unknown
|
There are 19 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
171.39.242.20.in-addr.arpa
|
unknown
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
2B21000
|
trusted library allocation
|
page read and write
|
||
52C3000
|
heap
|
page read and write
|
||
11A0000
|
trusted library allocation
|
page read and write
|
||
2FE4000
|
trusted library allocation
|
page read and write
|
||
5070000
|
heap
|
page read and write
|
||
7050000
|
trusted library allocation
|
page execute and read and write
|
||
2FF7000
|
trusted library allocation
|
page read and write
|
||
7020000
|
trusted library allocation
|
page read and write
|
||
5790000
|
heap
|
page read and write
|
||
F9E000
|
stack
|
page read and write
|
||
2EE3000
|
trusted library allocation
|
page read and write
|
||
52B0000
|
heap
|
page read and write
|
||
7B0000
|
heap
|
page read and write
|
||
3014000
|
trusted library allocation
|
page read and write
|
||
52BF000
|
heap
|
page read and write
|
||
2EE5000
|
trusted library allocation
|
page read and write
|
||
54DE000
|
trusted library allocation
|
page read and write
|
||
54F2000
|
trusted library allocation
|
page read and write
|
||
2FF5000
|
trusted library allocation
|
page read and write
|
||
7C0000
|
heap
|
page read and write
|
||
54B0000
|
trusted library allocation
|
page read and write
|
||
E3C000
|
heap
|
page read and write
|
||
2FDE000
|
trusted library allocation
|
page read and write
|
||
C8D000
|
trusted library allocation
|
page execute and read and write
|
||
2F41000
|
trusted library allocation
|
page read and write
|
||
52F4000
|
heap
|
page read and write
|
||
3C67000
|
trusted library allocation
|
page read and write
|
||
AF7000
|
stack
|
page read and write
|
||
2FFD000
|
trusted library allocation
|
page read and write
|
||
2E4F000
|
trusted library allocation
|
page read and write
|
||
2FA9000
|
trusted library allocation
|
page read and write
|
||
CE0000
|
trusted library allocation
|
page read and write
|
||
5500000
|
trusted library allocation
|
page read and write
|
||
2F73000
|
trusted library allocation
|
page read and write
|
||
7080000
|
trusted library allocation
|
page read and write
|
||
52F9000
|
heap
|
page read and write
|
||
70A2000
|
trusted library allocation
|
page read and write
|
||
109E000
|
stack
|
page read and write
|
||
2FA5000
|
trusted library allocation
|
page read and write
|
||
652000
|
unkown
|
page readonly
|
||
5780000
|
heap
|
page read and write
|
||
54C4000
|
trusted library allocation
|
page read and write
|
||
2BAD000
|
trusted library allocation
|
page read and write
|
||
5590000
|
trusted library allocation
|
page execute and read and write
|
||
3C63000
|
trusted library allocation
|
page read and write
|
||
5A60000
|
heap
|
page read and write
|
||
2FFF000
|
trusted library allocation
|
page read and write
|
||
5770000
|
heap
|
page read and write
|
||
CB5000
|
heap
|
page read and write
|
||
549F000
|
trusted library allocation
|
page read and write
|
||
4E9D000
|
stack
|
page read and write
|
||
3019000
|
trusted library allocation
|
page read and write
|
||
E74000
|
heap
|
page read and write
|
||
5338000
|
heap
|
page read and write
|
||
CCB000
|
trusted library allocation
|
page execute and read and write
|
||
58E0000
|
heap
|
page read and write
|
||
2FDA000
|
trusted library allocation
|
page read and write
|
||
D90000
|
trusted library allocation
|
page read and write
|
||
7C5E000
|
stack
|
page read and write
|
||
C90000
|
trusted library allocation
|
page read and write
|
||
54CB000
|
trusted library allocation
|
page read and write
|
||
E0E000
|
heap
|
page read and write
|
||
650000
|
unkown
|
page readonly
|
||
50B2000
|
heap
|
page read and write
|
||
4F60000
|
heap
|
page read and write
|
||
2F8E000
|
trusted library allocation
|
page read and write
|
||
CB0000
|
heap
|
page read and write
|
||
5515000
|
trusted library allocation
|
page read and write
|
||
2F92000
|
trusted library allocation
|
page read and write
|
||
D2E000
|
stack
|
page read and write
|
||
2F3F000
|
trusted library allocation
|
page read and write
|
||
52CF000
|
heap
|
page read and write
|
||
5560000
|
heap
|
page read and write
|
||
C80000
|
trusted library allocation
|
page read and write
|
||
C84000
|
trusted library allocation
|
page read and write
|
||
119F000
|
stack
|
page read and write
|
||
11B8000
|
heap
|
page read and write
|
||
5490000
|
trusted library allocation
|
page read and write
|
||
5480000
|
trusted library allocation
|
page read and write
|
||
CA2000
|
trusted library allocation
|
page read and write
|
||
7A0000
|
heap
|
page read and write
|
||
784E000
|
stack
|
page read and write
|
||
3010000
|
trusted library allocation
|
page read and write
|
||
3B45000
|
trusted library allocation
|
page read and write
|
||
2B9D000
|
trusted library allocation
|
page read and write
|
||
7041000
|
trusted library allocation
|
page read and write
|
||
D8B000
|
stack
|
page read and write
|
||
2E85000
|
trusted library allocation
|
page read and write
|
||
2BB8000
|
trusted library allocation
|
page read and write
|
||
77FF000
|
stack
|
page read and write
|
||
2F5C000
|
trusted library allocation
|
page read and write
|
||
54E6000
|
trusted library allocation
|
page read and write
|
||
748E000
|
heap
|
page read and write
|
||
D40000
|
heap
|
page execute and read and write
|
||
73A000
|
stack
|
page read and write
|
||
699000
|
unkown
|
page readonly
|
||
76BE000
|
stack
|
page read and write
|
||
C9D000
|
trusted library allocation
|
page execute and read and write
|
||
2F1F000
|
trusted library allocation
|
page read and write
|
||
55A0000
|
trusted library allocation
|
page read and write
|
||
5470000
|
trusted library allocation
|
page execute and read and write
|
||
2E25000
|
trusted library allocation
|
page read and write
|
||
4F40000
|
trusted library section
|
page read and write
|
||
2F7B000
|
trusted library allocation
|
page read and write
|
||
CA6000
|
trusted library allocation
|
page execute and read and write
|
||
5760000
|
trusted library section
|
page readonly
|
||
2E15000
|
trusted library allocation
|
page read and write
|
||
2FF1000
|
trusted library allocation
|
page read and write
|
||
DF9000
|
heap
|
page read and write
|
||
CC7000
|
trusted library allocation
|
page execute and read and write
|
||
300E000
|
trusted library allocation
|
page read and write
|
||
DA8000
|
heap
|
page read and write
|
||
C4E000
|
stack
|
page read and write
|
||
DC7000
|
heap
|
page read and write
|
||
5740000
|
trusted library allocation
|
page execute and read and write
|
||
2B98000
|
trusted library allocation
|
page read and write
|
||
2F5E000
|
trusted library allocation
|
page read and write
|
||
54ED000
|
trusted library allocation
|
page read and write
|
||
526D000
|
stack
|
page read and write
|
||
2F79000
|
trusted library allocation
|
page read and write
|
||
3B21000
|
trusted library allocation
|
page read and write
|
||
2F60000
|
trusted library allocation
|
page read and write
|
||
4F63000
|
heap
|
page read and write
|
||
794E000
|
stack
|
page read and write
|
||
75BD000
|
stack
|
page read and write
|
||
58DD000
|
stack
|
page read and write
|
||
2F75000
|
trusted library allocation
|
page read and write
|
||
D30000
|
trusted library allocation
|
page execute and read and write
|
||
2BAF000
|
trusted library allocation
|
page read and write
|
||
E7C000
|
heap
|
page read and write
|
||
4EB0000
|
heap
|
page execute and read and write
|
||
2BB5000
|
trusted library allocation
|
page read and write
|
||
2FE0000
|
trusted library allocation
|
page read and write
|
||
DE1000
|
heap
|
page read and write
|
||
6A8000
|
unkown
|
page readonly
|
||
2FA7000
|
trusted library allocation
|
page read and write
|
||
2FF3000
|
trusted library allocation
|
page read and write
|
||
54E1000
|
trusted library allocation
|
page read and write
|
||
2B9F000
|
trusted library allocation
|
page read and write
|
||
2DDC000
|
trusted library allocation
|
page read and write
|
||
2D08000
|
trusted library allocation
|
page read and write
|
||
2FDC000
|
trusted library allocation
|
page read and write
|
||
2F5A000
|
trusted library allocation
|
page read and write
|
||
3B89000
|
trusted library allocation
|
page read and write
|
||
2F04000
|
trusted library allocation
|
page read and write
|
||
2BAB000
|
trusted library allocation
|
page read and write
|
||
4EFE000
|
stack
|
page read and write
|
||
2F8C000
|
trusted library allocation
|
page read and write
|
||
2F44000
|
trusted library allocation
|
page read and write
|
||
2E96000
|
trusted library allocation
|
page read and write
|
||
3016000
|
trusted library allocation
|
page read and write
|
||
52D3000
|
heap
|
page read and write
|
||
2BDA000
|
trusted library allocation
|
page read and write
|
||
5069000
|
stack
|
page read and write
|
||
DA0000
|
heap
|
page read and write
|
||
57DB000
|
stack
|
page read and write
|
||
2FA3000
|
trusted library allocation
|
page read and write
|
||
5570000
|
trusted library allocation
|
page read and write
|
||
54C0000
|
trusted library allocation
|
page read and write
|
||
3BD1000
|
trusted library allocation
|
page read and write
|
||
2FD6000
|
trusted library allocation
|
page read and write
|
||
2F15000
|
trusted library allocation
|
page read and write
|
||
11B0000
|
heap
|
page read and write
|
||
58F0000
|
heap
|
page read and write
|
||
E38000
|
heap
|
page read and write
|
||
2AFD000
|
stack
|
page read and write
|
||
2F6F000
|
trusted library allocation
|
page read and write
|
||
52C7000
|
heap
|
page read and write
|
||
2B10000
|
heap
|
page read and write
|
||
CA0000
|
trusted library allocation
|
page read and write
|
||
2D00000
|
trusted library allocation
|
page read and write
|
||
2F95000
|
trusted library allocation
|
page read and write
|
||
CAA000
|
trusted library allocation
|
page execute and read and write
|
||
C70000
|
trusted library allocation
|
page read and write
|
||
5530000
|
trusted library allocation
|
page read and write
|
||
798E000
|
stack
|
page read and write
|
||
2F8A000
|
trusted library allocation
|
page read and write
|
||
528E000
|
heap
|
page read and write
|
||
5510000
|
trusted library allocation
|
page read and write
|
||
2FD8000
|
trusted library allocation
|
page read and write
|
||
2F52000
|
trusted library allocation
|
page read and write
|
||
2F71000
|
trusted library allocation
|
page read and write
|
||
54A0000
|
trusted library allocation
|
page execute and read and write
|
||
531A000
|
heap
|
page read and write
|
||
5911000
|
heap
|
page read and write
|
||
C0E000
|
stack
|
page read and write
|
||
52CB000
|
heap
|
page read and write
|
||
2F56000
|
trusted library allocation
|
page read and write
|
||
5785000
|
heap
|
page read and write
|
||
5270000
|
heap
|
page read and write
|
||
5329000
|
heap
|
page read and write
|
||
2BB3000
|
trusted library allocation
|
page read and write
|
||
76FE000
|
stack
|
page read and write
|
||
52A5000
|
heap
|
page read and write
|
||
3BA9000
|
trusted library allocation
|
page read and write
|
||
546E000
|
stack
|
page read and write
|
||
2FE2000
|
trusted library allocation
|
page read and write
|
||
2968000
|
trusted library allocation
|
page read and write
|
||
DAE000
|
heap
|
page read and write
|
||
2F26000
|
trusted library allocation
|
page read and write
|
||
CC2000
|
trusted library allocation
|
page read and write
|
||
2E34000
|
trusted library allocation
|
page read and write
|
||
7480000
|
heap
|
page read and write
|
||
7E0000
|
heap
|
page read and write
|
||
2F88000
|
trusted library allocation
|
page read and write
|
||
C83000
|
trusted library allocation
|
page execute and read and write
|
||
52B7000
|
heap
|
page read and write
|
||
4F3E000
|
stack
|
page read and write
|
||
529F000
|
heap
|
page read and write
|
||
2F54000
|
trusted library allocation
|
page read and write
|
There are 200 hidden memdumps, click here to show them.