Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
file.exe
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\file.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\RegAsm.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\file.exe
|
"C:\Users\user\Desktop\file.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://api.ip.sb/ip
|
unknown
|
||
|
https://api.ip.s
|
unknown
|
||
|
https://discord.com/api/v9/users/
|
unknown
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
4245000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
323E000
|
stack
|
page read and write
|
||
|
13DE000
|
heap
|
page read and write
|
||
|
3241000
|
trusted library allocation
|
page execute and read and write
|
||
|
32C7000
|
trusted library allocation
|
page read and write
|
||
|
5656000
|
trusted library allocation
|
page read and write
|
||
|
55F0000
|
trusted library allocation
|
page read and write
|
||
|
32B4000
|
trusted library allocation
|
page read and write
|
||
|
1560000
|
trusted library allocation
|
page read and write
|
||
|
3111000
|
trusted library allocation
|
page read and write
|
||
|
533E000
|
stack
|
page read and write
|
||
|
3273000
|
trusted library allocation
|
page read and write
|
||
|
4242000
|
trusted library allocation
|
page read and write
|
||
|
32DD000
|
trusted library allocation
|
page read and write
|
||
|
3040000
|
heap
|
page read and write
|
||
|
32BC000
|
trusted library allocation
|
page read and write
|
||
|
3322000
|
trusted library allocation
|
page read and write
|
||
|
5634000
|
trusted library allocation
|
page read and write
|
||
|
3371000
|
trusted library allocation
|
page read and write
|
||
|
339F000
|
trusted library allocation
|
page read and write
|
||
|
735B000
|
heap
|
page read and write
|
||
|
731E000
|
heap
|
page read and write
|
||
|
165E000
|
heap
|
page read and write
|
||
|
1477000
|
heap
|
page read and write
|
||
|
F5C000
|
stack
|
page read and write
|
||
|
32D5000
|
trusted library allocation
|
page read and write
|
||
|
3386000
|
trusted library allocation
|
page read and write
|
||
|
5A9E000
|
stack
|
page read and write
|
||
|
335D000
|
trusted library allocation
|
page read and write
|
||
|
15A4000
|
trusted library allocation
|
page read and write
|
||
|
15A0000
|
trusted library allocation
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
32F7000
|
trusted library allocation
|
page read and write
|
||
|
333D000
|
trusted library allocation
|
page read and write
|
||
|
744E000
|
stack
|
page read and write
|
||
|
56A0000
|
heap
|
page read and write
|
||
|
166A000
|
heap
|
page read and write
|
||
|
5920000
|
heap
|
page read and write
|
||
|
E40000
|
unkown
|
page readonly
|
||
|
1648000
|
heap
|
page read and write
|
||
|
157B000
|
heap
|
page read and write
|
||
|
15F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
52AD000
|
stack
|
page read and write
|
||
|
56C0000
|
heap
|
page read and write
|
||
|
5670000
|
trusted library allocation
|
page read and write
|
||
|
329D000
|
trusted library allocation
|
page read and write
|
||
|
1404000
|
heap
|
page read and write
|
||
|
1414000
|
trusted library allocation
|
page read and write
|
||
|
141D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1652000
|
heap
|
page read and write
|
||
|
32A6000
|
trusted library allocation
|
page read and write
|
||
|
456000
|
remote allocation
|
page execute and read and write
|
||
|
15A4000
|
heap
|
page read and write
|
||
|
7330000
|
heap
|
page read and write
|
||
|
5950000
|
trusted library allocation
|
page read and write
|
||
|
154E000
|
stack
|
page read and write
|
||
|
142D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3382000
|
trusted library allocation
|
page read and write
|
||
|
1436000
|
trusted library allocation
|
page execute and read and write
|
||
|
7340000
|
heap
|
page read and write
|
||
|
13FC000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
3299000
|
trusted library allocation
|
page read and write
|
||
|
76CE000
|
stack
|
page read and write
|
||
|
140E000
|
stack
|
page read and write
|
||
|
32BA000
|
trusted library allocation
|
page read and write
|
||
|
2F0E000
|
stack
|
page read and write
|
||
|
32A1000
|
trusted library allocation
|
page read and write
|
||
|
327F000
|
trusted library allocation
|
page read and write
|
||
|
7210000
|
heap
|
page read and write
|
||
|
3030000
|
trusted library allocation
|
page read and write
|
||
|
32C3000
|
trusted library allocation
|
page read and write
|
||
|
56F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5AB0000
|
heap
|
page read and write
|
||
|
3225000
|
trusted library allocation
|
page read and write
|
||
|
156F000
|
trusted library allocation
|
page read and write
|
||
|
3242000
|
trusted library allocation
|
page read and write
|
||
|
310F000
|
stack
|
page read and write
|
||
|
1470000
|
heap
|
page read and write
|
||
|
32A3000
|
trusted library allocation
|
page read and write
|
||
|
12F0000
|
heap
|
page read and write
|
||
|
5910000
|
trusted library section
|
page readonly
|
||
|
1442000
|
trusted library allocation
|
page read and write
|
||
|
58B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3388000
|
trusted library allocation
|
page read and write
|
||
|
1210000
|
heap
|
page read and write
|
||
|
322D000
|
trusted library allocation
|
page read and write
|
||
|
14C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3384000
|
trusted library allocation
|
page read and write
|
||
|
30F0000
|
heap
|
page read and write
|
||
|
5925000
|
heap
|
page read and write
|
||
|
1385000
|
heap
|
page read and write
|
||
|
563E000
|
trusted library allocation
|
page read and write
|
||
|
3325000
|
trusted library allocation
|
page read and write
|
||
|
12FB000
|
stack
|
page read and write
|
||
|
1320000
|
heap
|
page read and write
|
||
|
1432000
|
trusted library allocation
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
180F000
|
stack
|
page read and write
|
||
|
1413000
|
trusted library allocation
|
page execute and read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
5623000
|
heap
|
page read and write
|
||
|
32C0000
|
trusted library allocation
|
page read and write
|
||
|
32EE000
|
trusted library allocation
|
page read and write
|
||
|
32DB000
|
trusted library allocation
|
page read and write
|
||
|
13D8000
|
heap
|
page read and write
|
||
|
336B000
|
trusted library allocation
|
page read and write
|
||
|
5620000
|
heap
|
page read and write
|
||
|
5940000
|
heap
|
page read and write
|
||
|
3175000
|
trusted library allocation
|
page read and write
|
||
|
3335000
|
trusted library allocation
|
page read and write
|
||
|
1430000
|
trusted library allocation
|
page read and write
|
||
|
590B000
|
stack
|
page read and write
|
||
|
1622000
|
heap
|
page read and write
|
||
|
EA9000
|
stack
|
page read and write
|
||
|
15CB000
|
trusted library allocation
|
page execute and read and write
|
||
|
13CD000
|
stack
|
page read and write
|
||
|
7912000
|
trusted library allocation
|
page read and write
|
||
|
758E000
|
stack
|
page read and write
|
||
|
780E000
|
stack
|
page read and write
|
||
|
3303000
|
trusted library allocation
|
page read and write
|
||
|
7374000
|
heap
|
page read and write
|
||
|
7310000
|
heap
|
page read and write
|
||
|
5990000
|
heap
|
page execute and read and write
|
||
|
1530000
|
heap
|
page read and write
|
||
|
1593000
|
trusted library allocation
|
page execute and read and write
|
||
|
1520000
|
trusted library allocation
|
page read and write
|
||
|
1380000
|
heap
|
page read and write
|
||
|
166E000
|
heap
|
page read and write
|
||
|
150E000
|
stack
|
page read and write
|
||
|
3307000
|
trusted library allocation
|
page read and write
|
||
|
2FEE000
|
stack
|
page read and write
|
||
|
5930000
|
heap
|
page read and write
|
||
|
31CC000
|
trusted library allocation
|
page read and write
|
||
|
32F2000
|
trusted library allocation
|
page read and write
|
||
|
3318000
|
trusted library allocation
|
page read and write
|
||
|
331C000
|
trusted library allocation
|
page read and write
|
||
|
1350000
|
heap
|
page read and write
|
||
|
336D000
|
trusted library allocation
|
page read and write
|
||
|
4111000
|
trusted library allocation
|
page read and write
|
||
|
32D1000
|
trusted library allocation
|
page read and write
|
||
|
FA7000
|
stack
|
page read and write
|
||
|
3130000
|
heap
|
page execute and read and write
|
||
|
5630000
|
trusted library allocation
|
page read and write
|
||
|
32D9000
|
trusted library allocation
|
page read and write
|
||
|
32FD000
|
trusted library allocation
|
page read and write
|
||
|
32EA000
|
trusted library allocation
|
page read and write
|
||
|
58A0000
|
trusted library allocation
|
page read and write
|
||
|
7354000
|
heap
|
page read and write
|
||
|
1370000
|
trusted library allocation
|
page read and write
|
||
|
1580000
|
heap
|
page read and write
|
||
|
331A000
|
trusted library allocation
|
page read and write
|
||
|
144B000
|
trusted library allocation
|
page execute and read and write
|
||
|
5970000
|
trusted library allocation
|
page read and write
|
||
|
336F000
|
trusted library allocation
|
page read and write
|
||
|
55F5000
|
trusted library allocation
|
page read and write
|
||
|
1661000
|
heap
|
page read and write
|
||
|
302D000
|
stack
|
page read and write
|
||
|
32F5000
|
trusted library allocation
|
page read and write
|
||
|
3293000
|
trusted library allocation
|
page read and write
|
||
|
143A000
|
trusted library allocation
|
page execute and read and write
|
||
|
5600000
|
trusted library allocation
|
page read and write
|
||
|
1410000
|
trusted library allocation
|
page read and write
|
||
|
3343000
|
trusted library allocation
|
page read and write
|
||
|
15C0000
|
trusted library allocation
|
page read and write
|
||
|
32F0000
|
trusted library allocation
|
page read and write
|
||
|
15FC000
|
heap
|
page read and write
|
||
|
32B6000
|
trusted library allocation
|
page read and write
|
||
|
754E000
|
stack
|
page read and write
|
||
|
3354000
|
trusted library allocation
|
page read and write
|
||
|
335A000
|
trusted library allocation
|
page read and write
|
||
|
1654000
|
heap
|
page read and write
|
||
|
3320000
|
trusted library allocation
|
page read and write
|
||
|
3229000
|
trusted library allocation
|
page read and write
|
||
|
32B8000
|
trusted library allocation
|
page read and write
|
||
|
1412000
|
heap
|
page read and write
|
||
|
FF5000
|
heap
|
page read and write
|
||
|
768F000
|
stack
|
page read and write
|
||
|
14BE000
|
stack
|
page read and write
|
||
|
15E0000
|
trusted library allocation
|
page read and write
|
||
|
7350000
|
heap
|
page read and write
|
||
|
31D4000
|
trusted library allocation
|
page read and write
|
||
|
563B000
|
trusted library allocation
|
page read and write
|
||
|
300E000
|
stack
|
page read and write
|
||
|
565D000
|
trusted library allocation
|
page read and write
|
||
|
5AA0000
|
heap
|
page read and write
|
||
|
13F6000
|
heap
|
page read and write
|
||
|
5AD4000
|
heap
|
page read and write
|
||
|
3243000
|
trusted library allocation
|
page read and write
|
||
|
564E000
|
trusted library allocation
|
page read and write
|
||
|
3305000
|
trusted library allocation
|
page read and write
|
||
|
7362000
|
heap
|
page read and write
|
||
|
5651000
|
trusted library allocation
|
page read and write
|
||
|
331E000
|
trusted library allocation
|
page read and write
|
||
|
15BF000
|
heap
|
page read and write
|
||
|
3314000
|
trusted library allocation
|
page read and write
|
||
|
1594000
|
trusted library allocation
|
page read and write
|
||
|
56D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1447000
|
trusted library allocation
|
page execute and read and write
|
||
|
33A4000
|
trusted library allocation
|
page read and write
|
||
|
333F000
|
trusted library allocation
|
page read and write
|
||
|
77CE000
|
stack
|
page read and write
|
||
|
141D000
|
heap
|
page read and write
|
||
|
32D3000
|
trusted library allocation
|
page read and write
|
||
|
1460000
|
trusted library allocation
|
page read and write
|
||
|
1440000
|
trusted library allocation
|
page read and write
|
||
|
1600000
|
heap
|
page read and write
|
||
|
3339000
|
trusted library allocation
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
3327000
|
trusted library allocation
|
page read and write
|
||
|
734C000
|
heap
|
page read and write
|
||
|
1550000
|
trusted library allocation
|
page read and write
|
||
|
32BE000
|
trusted library allocation
|
page read and write
|
||
|
1570000
|
heap
|
page read and write
|
||
|
329B000
|
trusted library allocation
|
page read and write
|
||
|
333B000
|
trusted library allocation
|
page read and write
|
||
|
EC0000
|
unkown
|
page readonly
|
||
|
1540000
|
trusted library allocation
|
page read and write
|
||
|
E42000
|
unkown
|
page readonly
|
||
|
161E000
|
heap
|
page read and write
|
||
|
170F000
|
stack
|
page read and write
|
||
|
3374000
|
trusted library allocation
|
page read and write
|
||
|
904F000
|
stack
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
3337000
|
trusted library allocation
|
page read and write
|
||
|
31DC000
|
trusted library allocation
|
page read and write
|
||
|
15B0000
|
heap
|
page read and write
|
||
|
3301000
|
trusted library allocation
|
page read and write
|
||
|
736D000
|
heap
|
page read and write
|
||
|
31D0000
|
trusted library allocation
|
page read and write
|
||
|
5BC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
327B000
|
trusted library allocation
|
page read and write
|
||
|
1423000
|
trusted library allocation
|
page read and write
|
||
|
151C000
|
stack
|
page read and write
|
||
|
32C5000
|
trusted library allocation
|
page read and write
|
||
|
14D0000
|
heap
|
page execute and read and write
|
||
|
56E0000
|
trusted library allocation
|
page read and write
|
||
|
15EF000
|
heap
|
page read and write
|
||
|
3352000
|
trusted library allocation
|
page read and write
|
||
|
329F000
|
trusted library allocation
|
page read and write
|
There are 231 hidden memdumps, click here to show them.