Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
66dcab0bcba58_crypted.exe
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\66dcab0bcba58_crypted.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\RegAsm.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\66dcab0bcba58_crypted.exe
|
"C:\Users\user\Desktop\66dcab0bcba58_crypted.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://api.ip.sb/ip
|
unknown
|
||
|
https://api.ip.s
|
unknown
|
||
|
https://discord.com/api/v9/users/
|
unknown
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3965000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
1548000
|
heap
|
page read and write
|
||
|
31E3000
|
trusted library allocation
|
page read and write
|
||
|
1494000
|
heap
|
page read and write
|
||
|
EEB000
|
trusted library allocation
|
page execute and read and write
|
||
|
1423000
|
trusted library allocation
|
page read and write
|
||
|
5650000
|
trusted library allocation
|
page read and write
|
||
|
73B9000
|
heap
|
page read and write
|
||
|
31AB000
|
trusted library allocation
|
page read and write
|
||
|
566F000
|
trusted library allocation
|
page read and write
|
||
|
6180000
|
heap
|
page read and write
|
||
|
2850000
|
heap
|
page execute and read and write
|
||
|
61A5000
|
heap
|
page read and write
|
||
|
304C000
|
trusted library allocation
|
page read and write
|
||
|
31AF000
|
trusted library allocation
|
page read and write
|
||
|
73D6000
|
heap
|
page read and write
|
||
|
505C000
|
stack
|
page read and write
|
||
|
14E4000
|
heap
|
page read and write
|
||
|
58A0000
|
trusted library allocation
|
page read and write
|
||
|
5614000
|
trusted library allocation
|
page read and write
|
||
|
782F000
|
stack
|
page read and write
|
||
|
14D8000
|
heap
|
page read and write
|
||
|
14B4000
|
heap
|
page read and write
|
||
|
310B000
|
trusted library allocation
|
page read and write
|
||
|
3149000
|
trusted library allocation
|
page read and write
|
||
|
31B1000
|
trusted library allocation
|
page read and write
|
||
|
2750000
|
trusted library allocation
|
page read and write
|
||
|
3116000
|
trusted library allocation
|
page read and write
|
||
|
144B000
|
trusted library allocation
|
page execute and read and write
|
||
|
3044000
|
trusted library allocation
|
page read and write
|
||
|
1552000
|
heap
|
page read and write
|
||
|
4A5E000
|
stack
|
page read and write
|
||
|
3194000
|
trusted library allocation
|
page read and write
|
||
|
1400000
|
trusted library allocation
|
page read and write
|
||
|
2DFF000
|
stack
|
page read and write
|
||
|
27A0000
|
heap
|
page read and write
|
||
|
318C000
|
trusted library allocation
|
page read and write
|
||
|
73A4000
|
heap
|
page read and write
|
||
|
155E000
|
heap
|
page read and write
|
||
|
562000
|
unkown
|
page readonly
|
||
|
AF0000
|
heap
|
page read and write
|
||
|
13CE000
|
stack
|
page read and write
|
||
|
519E000
|
stack
|
page read and write
|
||
|
5600000
|
heap
|
page read and write
|
||
|
143A000
|
trusted library allocation
|
page execute and read and write
|
||
|
F4E000
|
stack
|
page read and write
|
||
|
55E0000
|
trusted library allocation
|
page read and write
|
||
|
1360000
|
heap
|
page read and write
|
||
|
1410000
|
trusted library allocation
|
page read and write
|
||
|
AE0000
|
heap
|
page read and write
|
||
|
310D000
|
trusted library allocation
|
page read and write
|
||
|
31F4000
|
trusted library allocation
|
page read and write
|
||
|
1460000
|
heap
|
page read and write
|
||
|
58E0000
|
trusted library allocation
|
page read and write
|
||
|
31C2000
|
trusted library allocation
|
page read and write
|
||
|
5B70000
|
trusted library allocation
|
page execute and read and write
|
||
|
55F0000
|
trusted library allocation
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
3162000
|
trusted library allocation
|
page read and write
|
||
|
5610000
|
trusted library allocation
|
page read and write
|
||
|
9EC000
|
heap
|
page read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
1380000
|
heap
|
page read and write
|
||
|
EC0000
|
trusted library allocation
|
page read and write
|
||
|
3173000
|
trusted library allocation
|
page read and write
|
||
|
3190000
|
trusted library allocation
|
page read and write
|
||
|
3137000
|
trusted library allocation
|
page read and write
|
||
|
F50000
|
trusted library allocation
|
page execute and read and write
|
||
|
1387000
|
heap
|
page read and write
|
||
|
511E000
|
stack
|
page read and write
|
||
|
9EE000
|
heap
|
page read and write
|
||
|
3109000
|
trusted library allocation
|
page read and write
|
||
|
5631000
|
trusted library allocation
|
page read and write
|
||
|
318E000
|
trusted library allocation
|
page read and write
|
||
|
3961000
|
trusted library allocation
|
page read and write
|
||
|
31DF000
|
trusted library allocation
|
page read and write
|
||
|
561E000
|
trusted library allocation
|
page read and write
|
||
|
5675000
|
trusted library allocation
|
page read and write
|
||
|
772E000
|
stack
|
page read and write
|
||
|
14A0000
|
heap
|
page read and write
|
||
|
314D000
|
trusted library allocation
|
page read and write
|
||
|
5700000
|
trusted library allocation
|
page execute and read and write
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
562E000
|
trusted library allocation
|
page read and write
|
||
|
56D0000
|
heap
|
page execute and read and write
|
||
|
31AD000
|
trusted library allocation
|
page read and write
|
||
|
3177000
|
trusted library allocation
|
page read and write
|
||
|
5670000
|
trusted library allocation
|
page read and write
|
||
|
5E0000
|
unkown
|
page readonly
|
||
|
2962000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A20000
|
trusted library allocation
|
page read and write
|
||
|
75EE000
|
stack
|
page read and write
|
||
|
5642000
|
trusted library allocation
|
page read and write
|
||
|
1544000
|
heap
|
page read and write
|
||
|
2FE5000
|
trusted library allocation
|
page read and write
|
||
|
3214000
|
trusted library allocation
|
page read and write
|
||
|
A02000
|
heap
|
page read and write
|
||
|
31A9000
|
trusted library allocation
|
page read and write
|
||
|
1539000
|
heap
|
page read and write
|
||
|
6170000
|
heap
|
page read and write
|
||
|
141D000
|
trusted library allocation
|
page execute and read and write
|
||
|
727E000
|
heap
|
page read and write
|
||
|
13F0000
|
heap
|
page read and write
|
||
|
5B4D000
|
stack
|
page read and write
|
||
|
31A7000
|
trusted library allocation
|
page read and write
|
||
|
1413000
|
trusted library allocation
|
page execute and read and write
|
||
|
3095000
|
trusted library allocation
|
page read and write
|
||
|
3171000
|
trusted library allocation
|
page read and write
|
||
|
9CE000
|
heap
|
page read and write
|
||
|
1469000
|
heap
|
page read and write
|
||
|
501E000
|
stack
|
page read and write
|
||
|
5680000
|
trusted library allocation
|
page read and write
|
||
|
3188000
|
trusted library allocation
|
page read and write
|
||
|
4FDE000
|
stack
|
page read and write
|
||
|
1436000
|
trusted library allocation
|
page execute and read and write
|
||
|
73B3000
|
heap
|
page read and write
|
||
|
3040000
|
trusted library allocation
|
page read and write
|
||
|
142D000
|
trusted library allocation
|
page execute and read and write
|
||
|
563D000
|
trusted library allocation
|
page read and write
|
||
|
7390000
|
heap
|
page read and write
|
||
|
739D000
|
heap
|
page read and write
|
||
|
1432000
|
trusted library allocation
|
page read and write
|
||
|
31E1000
|
trusted library allocation
|
page read and write
|
||
|
76EF000
|
stack
|
page read and write
|
||
|
3113000
|
trusted library allocation
|
page read and write
|
||
|
7370000
|
heap
|
page read and write
|
||
|
31CA000
|
trusted library allocation
|
page read and write
|
||
|
3143000
|
trusted library allocation
|
page read and write
|
||
|
31F6000
|
trusted library allocation
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
2F6E000
|
stack
|
page read and write
|
||
|
1555000
|
heap
|
page read and write
|
||
|
73C8000
|
heap
|
page read and write
|
||
|
561B000
|
trusted library allocation
|
page read and write
|
||
|
312C000
|
trusted library allocation
|
page read and write
|
||
|
314B000
|
trusted library allocation
|
page read and write
|
||
|
30EB000
|
trusted library allocation
|
page read and write
|
||
|
59E0000
|
heap
|
page read and write
|
||
|
3126000
|
trusted library allocation
|
page read and write
|
||
|
5A40000
|
heap
|
page read and write
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
56A0000
|
trusted library allocation
|
page read and write
|
||
|
3165000
|
trusted library allocation
|
page read and write
|
||
|
3192000
|
trusted library allocation
|
page read and write
|
||
|
DA3000
|
trusted library allocation
|
page execute and read and write
|
||
|
31CD000
|
trusted library allocation
|
page read and write
|
||
|
5603000
|
heap
|
page read and write
|
||
|
73AF000
|
heap
|
page read and write
|
||
|
75AE000
|
stack
|
page read and write
|
||
|
58B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3197000
|
trusted library allocation
|
page read and write
|
||
|
594B000
|
stack
|
page read and write
|
||
|
31C4000
|
trusted library allocation
|
page read and write
|
||
|
59F0000
|
heap
|
page read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
5950000
|
trusted library section
|
page readonly
|
||
|
2E10000
|
trusted library allocation
|
page execute and read and write
|
||
|
31F8000
|
trusted library allocation
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
3F81000
|
trusted library allocation
|
page read and write
|
||
|
3135000
|
trusted library allocation
|
page read and write
|
||
|
3124000
|
trusted library allocation
|
page read and write
|
||
|
31DD000
|
trusted library allocation
|
page read and write
|
||
|
31B3000
|
trusted library allocation
|
page read and write
|
||
|
786F000
|
stack
|
page read and write
|
||
|
295E000
|
stack
|
page read and write
|
||
|
1430000
|
trusted library allocation
|
page read and write
|
||
|
73BF000
|
heap
|
page read and write
|
||
|
310F000
|
trusted library allocation
|
page read and write
|
||
|
58D0000
|
heap
|
page read and write
|
||
|
7972000
|
trusted library allocation
|
page read and write
|
||
|
FD7000
|
stack
|
page read and write
|
||
|
274E000
|
stack
|
page read and write
|
||
|
2F70000
|
heap
|
page read and write
|
||
|
3111000
|
trusted library allocation
|
page read and write
|
||
|
3167000
|
trusted library allocation
|
page read and write
|
||
|
30B2000
|
trusted library allocation
|
page read and write
|
||
|
3147000
|
trusted library allocation
|
page read and write
|
||
|
1280000
|
heap
|
page read and write
|
||
|
3160000
|
trusted library allocation
|
page read and write
|
||
|
1440000
|
trusted library allocation
|
page read and write
|
||
|
3184000
|
trusted library allocation
|
page read and write
|
||
|
31A5000
|
trusted library allocation
|
page read and write
|
||
|
5660000
|
trusted library allocation
|
page read and write
|
||
|
529F000
|
stack
|
page read and write
|
||
|
2F81000
|
trusted library allocation
|
page read and write
|
||
|
30E3000
|
trusted library allocation
|
page read and write
|
||
|
9C8000
|
heap
|
page read and write
|
||
|
5A45000
|
heap
|
page read and write
|
||
|
312E000
|
trusted library allocation
|
page read and write
|
||
|
5636000
|
trusted library allocation
|
page read and write
|
||
|
2E6E000
|
stack
|
page read and write
|
||
|
154B000
|
heap
|
page read and write
|
||
|
9E7000
|
heap
|
page read and write
|
||
|
31F2000
|
trusted library allocation
|
page read and write
|
||
|
DA4000
|
trusted library allocation
|
page read and write
|
||
|
31DB000
|
trusted library allocation
|
page read and write
|
||
|
2963000
|
trusted library allocation
|
page read and write
|
||
|
5A00000
|
trusted library allocation
|
page read and write
|
||
|
320F000
|
trusted library allocation
|
page read and write
|
||
|
303C000
|
trusted library allocation
|
page read and write
|
||
|
1442000
|
trusted library allocation
|
page read and write
|
||
|
309D000
|
trusted library allocation
|
page read and write
|
||
|
318A000
|
trusted library allocation
|
page read and write
|
||
|
1414000
|
trusted library allocation
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
560000
|
unkown
|
page readonly
|
||
|
7270000
|
heap
|
page read and write
|
||
|
ED9000
|
stack
|
page read and write
|
||
|
EC4000
|
trusted library allocation
|
page read and write
|
||
|
97B000
|
stack
|
page read and write
|
||
|
1530000
|
heap
|
page read and write
|
||
|
3103000
|
trusted library allocation
|
page read and write
|
||
|
7E4E000
|
stack
|
page read and write
|
||
|
4EDE000
|
stack
|
page read and write
|
||
|
150A000
|
heap
|
page read and write
|
||
|
74AE000
|
stack
|
page read and write
|
||
|
30EF000
|
trusted library allocation
|
page read and write
|
||
|
3099000
|
trusted library allocation
|
page read and write
|
||
|
9F6000
|
heap
|
page read and write
|
||
|
56F0000
|
heap
|
page read and write
|
||
|
2E20000
|
heap
|
page execute and read and write
|
||
|
87C000
|
stack
|
page read and write
|
||
|
58F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
515C000
|
stack
|
page read and write
|
||
|
312A000
|
trusted library allocation
|
page read and write
|
||
|
315A000
|
trusted library allocation
|
page read and write
|
||
|
316D000
|
trusted library allocation
|
page read and write
|
||
|
315E000
|
trusted library allocation
|
page read and write
|
||
|
2961000
|
trusted library allocation
|
page read and write
|
||
|
3128000
|
trusted library allocation
|
page read and write
|
||
|
456000
|
remote allocation
|
page execute and read and write
|
||
|
1447000
|
trusted library allocation
|
page execute and read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
1285000
|
heap
|
page read and write
|
||
|
3133000
|
trusted library allocation
|
page read and write
|
||
|
1506000
|
heap
|
page read and write
|
||
|
3175000
|
trusted library allocation
|
page read and write
|
||
|
3141000
|
trusted library allocation
|
page read and write
|
||
|
14FA000
|
heap
|
page read and write
|
||
|
7374000
|
heap
|
page read and write
|
||
|
D90000
|
trusted library allocation
|
page read and write
|
There are 233 hidden memdumps, click here to show them.