Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\Desktop\download\vcd15cbe7772f49c399c6a5babf22c1241717689176015
|
ASCII text, with very long lines (19948), with no line terminators
|
dropped
|
 |
|
|
C:\Users\user\Desktop\cmdline.out
|
ASCII text, with CRLF line terminators
|
modified
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\download\vcd15cbe7772f49c399c6a5babf22c1241717689176015.js"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c wget -t 2 -v -T 60 -P "C:\Users\user\Desktop\download" --no-check-certificate --content-disposition
--user-agent="Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; AS; rv:11.0) like Gecko" "https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015"
> cmdline.out 2>&1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\wget.exe
|
wget -t 2 -v -T 60 -P "C:\Users\user\Desktop\download" --no-check-certificate --content-disposition --user-agent="Mozilla/5.0
(Windows NT 6.1; WOW64; Trident/7.0; AS; rv:11.0) like Gecko" "https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
|
|||
|
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
|
104.16.79.73
|
||
|
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015Dr
|
unknown
|
||
|
https://cloudflareinsights.com/cdn-cgi/rum
|
unknown
|
||
|
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015le
|
unknown
|
||
|
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5bab
|
unknown
|
||
|
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015p
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
static.cloudflareinsights.com
|
104.16.79.73
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.16.79.73
|
static.cloudflareinsights.com
|
United States
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
175ACDD4000
|
heap
|
page read and write
|
||
|
175AB4D4000
|
heap
|
page read and write
|
||
|
175AD133000
|
heap
|
page read and write
|
||
|
A6B000
|
heap
|
page read and write
|
||
|
A4E000
|
stack
|
page read and write
|
||
|
175AB4D8000
|
heap
|
page read and write
|
||
|
1008FF000
|
stack
|
page read and write
|
||
|
175AD13F000
|
heap
|
page read and write
|
||
|
175AD131000
|
heap
|
page read and write
|
||
|
100AFF000
|
stack
|
page read and write
|
||
|
100000
|
heap
|
page read and write
|
||
|
A60000
|
heap
|
page read and write
|
||
|
1000FA000
|
stack
|
page read and write
|
||
|
175AB4A0000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
175AD13E000
|
heap
|
page read and write
|
||
|
175AB462000
|
heap
|
page read and write
|
||
|
175AB4F5000
|
heap
|
page read and write
|
||
|
175AB4E6000
|
heap
|
page read and write
|
||
|
1001FE000
|
stack
|
page read and write
|
||
|
175AD132000
|
heap
|
page read and write
|
||
|
175AB4D0000
|
heap
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
175AB462000
|
heap
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
175AB4D4000
|
heap
|
page read and write
|
||
|
ADE000
|
stack
|
page read and write
|
||
|
175AB4B1000
|
heap
|
page read and write
|
||
|
175AB4D4000
|
heap
|
page read and write
|
||
|
B48000
|
heap
|
page read and write
|
||
|
175AB4D8000
|
heap
|
page read and write
|
||
|
175AB3B9000
|
heap
|
page read and write
|
||
|
175AB4B2000
|
heap
|
page read and write
|
||
|
175AB4CF000
|
heap
|
page read and write
|
||
|
175AD13A000
|
heap
|
page read and write
|
||
|
175ACDD0000
|
heap
|
page read and write
|
||
|
B40000
|
heap
|
page read and write
|
||
|
175AB3B9000
|
heap
|
page read and write
|
||
|
103F000
|
stack
|
page read and write
|
||
|
175AB4D4000
|
heap
|
page read and write
|
||
|
2B20000
|
heap
|
page read and write
|
||
|
2B5A000
|
heap
|
page read and write
|
||
|
1007FF000
|
stack
|
page read and write
|
||
|
2B2D000
|
heap
|
page read and write
|
||
|
175AB440000
|
heap
|
page read and write
|
||
|
175AB4E6000
|
heap
|
page read and write
|
||
|
175AB4DC000
|
heap
|
page read and write
|
||
|
175AB480000
|
heap
|
page read and write
|
||
|
175AB3C0000
|
heap
|
page read and write
|
||
|
175AB4B1000
|
heap
|
page read and write
|
||
|
175AD13E000
|
heap
|
page read and write
|
||
|
175AB4B1000
|
heap
|
page read and write
|
||
|
A80000
|
heap
|
page read and write
|
||
|
175AD13E000
|
heap
|
page read and write
|
||
|
175AB481000
|
heap
|
page read and write
|
||
|
2B2A000
|
heap
|
page read and write
|
||
|
2E1F000
|
stack
|
page read and write
|
||
|
2B5E000
|
heap
|
page read and write
|
||
|
175AD137000
|
heap
|
page read and write
|
||
|
175AB4CF000
|
heap
|
page read and write
|
||
|
175AB3B5000
|
heap
|
page read and write
|
||
|
175AB497000
|
heap
|
page read and write
|
||
|
175AB46C000
|
heap
|
page read and write
|
||
|
175AB4C6000
|
heap
|
page read and write
|
||
|
A6C000
|
heap
|
page read and write
|
||
|
A0E000
|
stack
|
page read and write
|
||
|
9CC000
|
stack
|
page read and write
|
||
|
175AB4E6000
|
heap
|
page read and write
|
||
|
175AD13A000
|
heap
|
page read and write
|
||
|
E3F000
|
stack
|
page read and write
|
||
|
175AB380000
|
heap
|
page read and write
|
||
|
2FF0000
|
heap
|
page read and write
|
||
|
175AB3B0000
|
heap
|
page read and write
|
||
|
175AB48C000
|
heap
|
page read and write
|
||
|
175AB4CF000
|
heap
|
page read and write
|
||
|
175AB4E6000
|
heap
|
page read and write
|
||
|
175AB45D000
|
heap
|
page read and write
|
||
|
175AB48C000
|
heap
|
page read and write
|
||
|
175AB483000
|
heap
|
page read and write
|
||
|
A65000
|
heap
|
page read and write
|
||
|
175AB2A0000
|
heap
|
page read and write
|
||
|
116000
|
heap
|
page read and write
|
||
|
1004FF000
|
stack
|
page read and write
|
||
|
175AD130000
|
heap
|
page read and write
|
||
|
175AB3BB000
|
heap
|
page read and write
|
||
|
175AB46B000
|
heap
|
page read and write
|
||
|
175AE9F0000
|
trusted library allocation
|
page read and write
|
||
|
175AB4D4000
|
heap
|
page read and write
|
||
|
175AB4D8000
|
heap
|
page read and write
|
||
|
110000
|
heap
|
page read and write
|
||
|
175AB4DC000
|
heap
|
page read and write
|
||
|
175AB4D8000
|
heap
|
page read and write
|
||
|
1006FF000
|
stack
|
page read and write
|
||
|
175AB4D8000
|
heap
|
page read and write
|
||
|
175AD131000
|
heap
|
page read and write
|
||
|
2B62000
|
heap
|
page read and write
|
||
|
175AD143000
|
heap
|
page read and write
|
||
|
2B64000
|
heap
|
page read and write
|
||
|
175AD134000
|
heap
|
page read and write
|
||
|
175AB4E6000
|
heap
|
page read and write
|
||
|
175AE9D0000
|
heap
|
page read and write
|
||
|
175AD147000
|
heap
|
page read and write
|
||
|
175AD133000
|
heap
|
page read and write
|
||
|
2B56000
|
heap
|
page read and write
|
||
|
175AB4E3000
|
heap
|
page read and write
|
||
|
175AB4D8000
|
heap
|
page read and write
|
||
|
2B65000
|
heap
|
page read and write
|
||
|
1009FF000
|
stack
|
page read and write
|
There are 98 hidden memdumps, click here to show them.