Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
hObXeMHkSShI8GL7378ICT2M.exe
|
PE32 executable (console) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\RegAsm.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\hObXeMHkSShI8GL7378ICT2M.exe
|
"C:\Users\user\Desktop\hObXeMHkSShI8GL7378ICT2M.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
https://api.ip.sb/ip
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
https://api.ip.s
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
https://discord.com/api/v9/users/
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
There are 18 hidden URLs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
27C000
|
unkown
|
page read and write
|
|
|
|
14EE000
|
stack
|
page read and write
|
||
|
2AE2000
|
trusted library allocation
|
page read and write
|
||
|
2AAC000
|
trusted library allocation
|
page read and write
|
||
|
54FE000
|
stack
|
page read and write
|
||
|
5320000
|
heap
|
page read and write
|
||
|
7052000
|
heap
|
page read and write
|
||
|
2AD3000
|
trusted library allocation
|
page read and write
|
||
|
2752000
|
trusted library allocation
|
page read and write
|
||
|
C64000
|
heap
|
page read and write
|
||
|
C56000
|
heap
|
page read and write
|
||
|
4F70000
|
trusted library allocation
|
page read and write
|
||
|
5345000
|
heap
|
page read and write
|
||
|
2AC1000
|
trusted library allocation
|
page read and write
|
||
|
70A000
|
stack
|
page read and write
|
||
|
272F000
|
stack
|
page read and write
|
||
|
27B0000
|
heap
|
page execute and read and write
|
||
|
2B7A000
|
trusted library allocation
|
page read and write
|
||
|
BB4000
|
trusted library allocation
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
2AC5000
|
trusted library allocation
|
page read and write
|
||
|
CBE000
|
heap
|
page read and write
|
||
|
2B7C000
|
trusted library allocation
|
page read and write
|
||
|
2B7E000
|
trusted library allocation
|
page read and write
|
||
|
2B12000
|
trusted library allocation
|
page read and write
|
||
|
6F1E000
|
heap
|
page read and write
|
||
|
108E000
|
stack
|
page read and write
|
||
|
4E34000
|
trusted library allocation
|
page read and write
|
||
|
2AF9000
|
trusted library allocation
|
page read and write
|
||
|
52AE000
|
stack
|
page read and write
|
||
|
251000
|
unkown
|
page execute read
|
||
|
2B48000
|
trusted library allocation
|
page read and write
|
||
|
2B76000
|
trusted library allocation
|
page read and write
|
||
|
2ABF000
|
trusted library allocation
|
page read and write
|
||
|
76EF000
|
stack
|
page read and write
|
||
|
15EF000
|
stack
|
page read and write
|
||
|
BBD000
|
trusted library allocation
|
page execute and read and write
|
||
|
536F000
|
heap
|
page read and write
|
||
|
2B14000
|
trusted library allocation
|
page read and write
|
||
|
4F30000
|
heap
|
page read and write
|
||
|
2B78000
|
trusted library allocation
|
page read and write
|
||
|
27FE000
|
stack
|
page read and write
|
||
|
2B33000
|
trusted library allocation
|
page read and write
|
||
|
2A42000
|
trusted library allocation
|
page read and write
|
||
|
2B2F000
|
trusted library allocation
|
page read and write
|
||
|
4EA0000
|
trusted library allocation
|
page read and write
|
||
|
2AC7000
|
trusted library allocation
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
2B2D000
|
trusted library allocation
|
page read and write
|
||
|
730F000
|
stack
|
page read and write
|
||
|
BB3000
|
trusted library allocation
|
page execute and read and write
|
||
|
5180000
|
trusted library section
|
page readonly
|
||
|
7020000
|
heap
|
page read and write
|
||
|
2AAA000
|
trusted library allocation
|
page read and write
|
||
|
5310000
|
heap
|
page read and write
|
||
|
2A97000
|
trusted library allocation
|
page read and write
|
||
|
2911000
|
trusted library allocation
|
page read and write
|
||
|
4FA3000
|
heap
|
page read and write
|
||
|
4E97000
|
trusted library allocation
|
page read and write
|
||
|
2740000
|
trusted library allocation
|
page read and write
|
||
|
10B0000
|
heap
|
page read and write
|
||
|
720E000
|
stack
|
page read and write
|
||
|
49EB000
|
stack
|
page read and write
|
||
|
2757000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B2B000
|
trusted library allocation
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
4E70000
|
trusted library allocation
|
page read and write
|
||
|
734E000
|
stack
|
page read and write
|
||
|
14AF000
|
stack
|
page read and write
|
||
|
2B44000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
BCB000
|
heap
|
page read and write
|
||
|
2AB5000
|
trusted library allocation
|
page read and write
|
||
|
271000
|
unkown
|
page readonly
|
||
|
2742000
|
trusted library allocation
|
page read and write
|
||
|
4F20000
|
trusted library allocation
|
page execute and read and write
|
||
|
3911000
|
trusted library allocation
|
page read and write
|
||
|
2AA8000
|
trusted library allocation
|
page read and write
|
||
|
2B01000
|
trusted library allocation
|
page read and write
|
||
|
28FF000
|
stack
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
74A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5363000
|
heap
|
page read and write
|
||
|
6B10000
|
trusted library allocation
|
page read and write
|
||
|
7029000
|
heap
|
page read and write
|
||
|
B3E000
|
stack
|
page read and write
|
||
|
274A000
|
trusted library allocation
|
page execute and read and write
|
||
|
CB9000
|
heap
|
page read and write
|
||
|
2ACB000
|
trusted library allocation
|
page read and write
|
||
|
6B32000
|
trusted library allocation
|
page read and write
|
||
|
2B4E000
|
trusted library allocation
|
page read and write
|
||
|
744E000
|
stack
|
page read and write
|
||
|
2AE4000
|
trusted library allocation
|
page read and write
|
||
|
2AFD000
|
trusted library allocation
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
BD0000
|
direct allocation
|
page execute and read and write
|
||
|
4AEC000
|
stack
|
page read and write
|
||
|
51A0000
|
heap
|
page execute and read and write
|
||
|
B4D000
|
stack
|
page read and write
|
||
|
4E3E000
|
trusted library allocation
|
page read and write
|
||
|
7039000
|
heap
|
page read and write
|
||
|
251000
|
unkown
|
page execute read
|
||
|
5300000
|
trusted library allocation
|
page read and write
|
||
|
7B7000
|
heap
|
page read and write
|
||
|
2B70000
|
trusted library allocation
|
page read and write
|
||
|
2B82000
|
trusted library allocation
|
page read and write
|
||
|
104E000
|
stack
|
page read and write
|
||
|
4FA0000
|
heap
|
page read and write
|
||
|
2B65000
|
trusted library allocation
|
page read and write
|
||
|
4E3B000
|
trusted library allocation
|
page read and write
|
||
|
2A91000
|
trusted library allocation
|
page read and write
|
||
|
C68000
|
heap
|
page read and write
|
||
|
7035000
|
heap
|
page read and write
|
||
|
2B35000
|
trusted library allocation
|
page read and write
|
||
|
4E56000
|
trusted library allocation
|
page read and write
|
||
|
4EC0000
|
trusted library allocation
|
page read and write
|
||
|
4ED0000
|
trusted library allocation
|
page read and write
|
||
|
27A0000
|
trusted library allocation
|
page read and write
|
||
|
250000
|
unkown
|
page readonly
|
||
|
2B52000
|
trusted library allocation
|
page read and write
|
||
|
2AFF000
|
trusted library allocation
|
page read and write
|
||
|
2780000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E90000
|
trusted library allocation
|
page read and write
|
||
|
2A93000
|
trusted library allocation
|
page read and write
|
||
|
AF7000
|
stack
|
page read and write
|
||
|
5190000
|
heap
|
page read and write
|
||
|
7045000
|
heap
|
page read and write
|
||
|
2B63000
|
trusted library allocation
|
page read and write
|
||
|
2ACD000
|
trusted library allocation
|
page read and write
|
||
|
10BE000
|
heap
|
page read and write
|
||
|
5389000
|
heap
|
page read and write
|
||
|
B7E000
|
stack
|
page read and write
|
||
|
2B42000
|
trusted library allocation
|
page read and write
|
||
|
2AAE000
|
trusted library allocation
|
page read and write
|
||
|
10BA000
|
heap
|
page read and write
|
||
|
7010000
|
heap
|
page read and write
|
||
|
2B46000
|
trusted library allocation
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
2900000
|
heap
|
page read and write
|
||
|
4E62000
|
trusted library allocation
|
page read and write
|
||
|
2B29000
|
trusted library allocation
|
page read and write
|
||
|
2AE0000
|
trusted library allocation
|
page read and write
|
||
|
C01000
|
heap
|
page read and write
|
||
|
29F2000
|
trusted library allocation
|
page read and write
|
||
|
4F80000
|
trusted library allocation
|
page read and write
|
||
|
2B03000
|
trusted library allocation
|
page read and write
|
||
|
2750000
|
trusted library allocation
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
2AB7000
|
trusted library allocation
|
page read and write
|
||
|
271000
|
unkown
|
page readonly
|
||
|
704F000
|
heap
|
page read and write
|
||
|
13AE000
|
stack
|
page read and write
|
||
|
2B5D000
|
trusted library allocation
|
page read and write
|
||
|
2AB0000
|
trusted library allocation
|
page read and write
|
||
|
4F60000
|
trusted library allocation
|
page execute and read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
C58000
|
heap
|
page read and write
|
||
|
10C7000
|
heap
|
page read and write
|
||
|
2B4C000
|
trusted library allocation
|
page read and write
|
||
|
2AE6000
|
trusted library allocation
|
page read and write
|
||
|
2AFB000
|
trusted library allocation
|
page read and write
|
||
|
52D0000
|
trusted library allocation
|
page read and write
|
||
|
2B61000
|
trusted library allocation
|
page read and write
|
||
|
2B19000
|
trusted library allocation
|
page read and write
|
||
|
BB0000
|
trusted library allocation
|
page read and write
|
||
|
553E000
|
stack
|
page read and write
|
||
|
C92000
|
heap
|
page read and write
|
||
|
4E80000
|
trusted library allocation
|
page read and write
|
||
|
748E000
|
stack
|
page read and write
|
||
|
2ACF000
|
trusted library allocation
|
page read and write
|
||
|
2BA0000
|
trusted library allocation
|
page read and write
|
||
|
785000
|
heap
|
page read and write
|
||
|
2733000
|
trusted library allocation
|
page read and write
|
||
|
250000
|
unkown
|
page readonly
|
||
|
2B5F000
|
trusted library allocation
|
page read and write
|
||
|
275B000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B67000
|
trusted library allocation
|
page read and write
|
||
|
2790000
|
trusted library allocation
|
page read and write
|
||
|
6F10000
|
heap
|
page read and write
|
||
|
54B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2ADC000
|
trusted library allocation
|
page read and write
|
||
|
273D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B16000
|
trusted library allocation
|
page read and write
|
||
|
BA0000
|
trusted library allocation
|
page read and write
|
||
|
2B4A000
|
trusted library allocation
|
page read and write
|
||
|
2A99000
|
trusted library allocation
|
page read and write
|
||
|
2DE000
|
unkown
|
page readonly
|
||
|
1780000
|
heap
|
page read and write
|
||
|
2B31000
|
trusted library allocation
|
page read and write
|
||
|
2AC9000
|
trusted library allocation
|
page read and write
|
||
|
4E4E000
|
trusted library allocation
|
page read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
2DE000
|
unkown
|
page readonly
|
||
|
27C000
|
unkown
|
page write copy
|
||
|
262F000
|
stack
|
page read and write
|
||
|
2746000
|
trusted library allocation
|
page execute and read and write
|
||
|
EFD000
|
stack
|
page read and write
|
||
|
4F10000
|
heap
|
page read and write
|
||
|
2770000
|
trusted library allocation
|
page read and write
|
||
|
703E000
|
heap
|
page read and write
|
||
|
517C000
|
stack
|
page read and write
|
||
|
2AB2000
|
trusted library allocation
|
page read and write
|
||
|
4E5D000
|
trusted library allocation
|
page read and write
|
||
|
2A95000
|
trusted library allocation
|
page read and write
|
||
|
2AD1000
|
trusted library allocation
|
page read and write
|
||
|
5330000
|
heap
|
page read and write
|
||
|
5369000
|
heap
|
page read and write
|
||
|
2B69000
|
trusted library allocation
|
page read and write
|
||
|
4E30000
|
trusted library allocation
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
2AEF000
|
trusted library allocation
|
page read and write
|
||
|
2ADE000
|
trusted library allocation
|
page read and write
|
||
|
29E6000
|
trusted library allocation
|
page read and write
|
||
|
2B80000
|
trusted library allocation
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
2AF7000
|
trusted library allocation
|
page read and write
|
||
|
4E51000
|
trusted library allocation
|
page read and write
|
||
|
2B89000
|
trusted library allocation
|
page read and write
|
||
|
52B0000
|
heap
|
page read and write
|
||
|
2B50000
|
trusted library allocation
|
page read and write
|
||
|
4F40000
|
trusted library allocation
|
page execute and read and write
|
||
|
5315000
|
heap
|
page read and write
|
||
|
2B40000
|
trusted library allocation
|
page read and write
|
||
|
2B27000
|
trusted library allocation
|
page read and write
|
There are 215 hidden memdumps, click here to show them.