Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Users\user\Desktop\5086520740-COMPROBANTE-DE-PAGO-000255784540102210.exe
|
"C:\Users\user\Desktop\5086520740-COMPROBANTE-DE-PAGO-000255784540102210.exe"
|
||
C:\Windows\SysWOW64\grpconv.exe
|
C:\windows\syswow64\grpconv.exe
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
http://www.atozed.com
|
unknown
|
||
http://www.wapforum.org/DTD/xhtml-mobile10.dtd
|
unknown
|
||
http://www.wapforum.org/DTD/wml_1.1.xml
|
unknown
|
||
http://prototype.conio.net/
|
unknown
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
194.48.248.72
|
unknown
|
Germany
|
Registry
Path
|
Value
|
Malicious
|
|
---|---|---|---|
HKEY_CURRENT_USER\SOFTWARE\32343444
|
cxvvxcccvccvxvc
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
141EE000
|
remote allocation
|
page execute and read and write
|
||
3583000
|
direct allocation
|
page read and write
|
||
35A1000
|
direct allocation
|
page read and write
|
||
72E000
|
stack
|
page read and write
|
||
7E780000
|
direct allocation
|
page read and write
|
||
35B7000
|
direct allocation
|
page read and write
|
||
EE4000
|
unkown
|
page readonly
|
||
359A000
|
direct allocation
|
page read and write
|
||
35C5000
|
direct allocation
|
page read and write
|
||
6D0000
|
heap
|
page read and write
|
||
4D3000
|
unkown
|
page write copy
|
||
4DF000
|
unkown
|
page write copy
|
||
35E2000
|
direct allocation
|
page read and write
|
||
14A05000
|
remote allocation
|
page execute and read and write
|
||
13209000
|
remote allocation
|
page execute and read and write
|
||
7B0000
|
heap
|
page read and write
|
||
4E4000
|
unkown
|
page readonly
|
||
3623000
|
direct allocation
|
page read and write
|
||
35F8000
|
direct allocation
|
page read and write
|
||
3850000
|
heap
|
page read and write
|
||
1C6000
|
heap
|
page read and write
|
||
19F4000
|
heap
|
page read and write
|
||
7DD80000
|
direct allocation
|
page read and write
|
||
14A07000
|
remote allocation
|
page execute and read and write
|
||
14A81000
|
remote allocation
|
page execute and read and write
|
||
29A0000
|
heap
|
page read and write
|
||
7EB90000
|
direct allocation
|
page read and write
|
||
29A8000
|
heap
|
page read and write
|
||
131D2000
|
remote allocation
|
page execute and read and write
|
||
1C0000
|
heap
|
page read and write
|
||
18F0000
|
heap
|
page read and write
|
||
14A8B000
|
remote allocation
|
page execute and read and write
|
||
76F000
|
stack
|
page read and write
|
||
2AC000
|
stack
|
page read and write
|
||
3490000
|
direct allocation
|
page execute and read and write
|
||
3650000
|
heap
|
page read and write
|
||
4DB000
|
unkown
|
page read and write
|
||
356A000
|
direct allocation
|
page read and write
|
||
3575000
|
direct allocation
|
page read and write
|
||
39E000
|
stack
|
page read and write
|
||
149CF000
|
remote allocation
|
page execute and read and write
|
||
7B5000
|
heap
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
7CF76000
|
direct allocation
|
page read and write
|
||
361C000
|
direct allocation
|
page read and write
|
||
199000
|
stack
|
page read and write
|
||
14A7F000
|
remote allocation
|
page execute and read and write
|
||
360D000
|
direct allocation
|
page read and write
|
||
147C5000
|
remote allocation
|
page execute and read and write
|
||
2ED000
|
stack
|
page read and write
|
||
3853000
|
heap
|
page read and write
|
||
13C09000
|
remote allocation
|
page execute and read and write
|
||
14A1A000
|
remote allocation
|
page execute and read and write
|
||
1810000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
9B000
|
stack
|
page read and write
|
||
7F590000
|
direct allocation
|
page read and write
|
||
7C430000
|
direct allocation
|
page read and write
|
||
294F000
|
stack
|
page read and write
|
||
35DB000
|
direct allocation
|
page read and write
|
||
3614000
|
direct allocation
|
page read and write
|
||
35BE000
|
direct allocation
|
page read and write
|
||
35D3000
|
direct allocation
|
page read and write
|
||
2C70000
|
heap
|
page read and write
|
||
35A8000
|
direct allocation
|
page read and write
|
||
19DE000
|
heap
|
page read and write
|
||
14A1C000
|
remote allocation
|
page execute and read and write
|
||
19DA000
|
heap
|
page read and write
|
||
362A000
|
direct allocation
|
page read and write
|
||
19D0000
|
heap
|
page read and write
|
||
13140000
|
remote allocation
|
page execute and read and write
|
||
4DF000
|
unkown
|
page read and write
|
||
350000
|
heap
|
page read and write
|
||
14A28000
|
remote allocation
|
page execute and read and write
|
||
14A09000
|
remote allocation
|
page execute and read and write
|
||
357C000
|
direct allocation
|
page read and write
|
||
3470000
|
heap
|
page read and write
|
||
4D3000
|
unkown
|
page read and write
|
||
35F0000
|
direct allocation
|
page read and write
|
||
19C0000
|
heap
|
page read and write
|
||
35CC000
|
direct allocation
|
page read and write
|
||
35E9000
|
direct allocation
|
page read and write
|
||
3A0000
|
heap
|
page read and write
|
||
34F0000
|
heap
|
page read and write
|
||
35AF000
|
direct allocation
|
page read and write
|
There are 75 hidden memdumps, click here to show them.