Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll32.exe
|
loaddll32.exe "C:\Users\user\Desktop\e.dll"
|
 |
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\e.dll",#1
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\e.dll",#1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://w0t.lol/u1AnNcgaAe2bF5Pgk9d0LeWL8vpSDZkJZinYdkhr9pqBGLRnRX5Vvq3izq9ug8qLY6yKal3j6Ee_t1iMTK_cFx1mTVmw7UgAUUyYrKRm3RdsqVNvpv6_kKFgqugw7GxorO8WhL4PsC4qoVKtjEe0DOKO8ZDw1Tjmp1kilcdzr5ins6cIF1bcVHlXvd0LhB36FiVt_ML5BynNwrbTMXHBlrYMYDHKv7fr-4V207YlIg6tWfJiMRdzu_qeSooE4jIQIx6aML1s49f-Ri0B1CS37y5JuxrX5yqAG8oDK4QDEBXT7TWGpGoNsuTFyKiEDbJQD0BBibjsRhVHiSSidzARVzTSro8qK1SpnxWQFVotTjKG7CepcMDibvLwH_Jr5CkuCYLKtK52-cvQybIZ4Fhw0wjCJODhJJbW1bSQqThISFsFSjkb8WhpxT9Aqfic0XA
|
104.21.69.9
|
|
|
|
http://www.quovadis.bm0
|
unknown
|
||
|
https://w0t.lol/
|
unknown
|
||
|
https://ocsp.quovadisoffshore.com0
|
unknown
|
||
|
https://w0t.lol/u1AnNcgaAe2bF5Pgk9d0LeWL8vpSDZkJZinYdkhr9pqBGLRnRX5Vvq3izq9ug8qLY6yKal3j6Ee_t1iMTK_c
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
w0t.lol
|
104.21.69.9
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.21.69.9
|
w0t.lol
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\MediaPlayer
|
COMPUTERNAME
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
B50000
|
heap
|
page read and write
|
||
|
501E000
|
stack
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
31E9000
|
heap
|
page read and write
|
||
|
64D1000
|
direct allocation
|
page execute read
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
50E9000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D4000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
C5F000
|
unkown
|
page readonly
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D0000
|
heap
|
page read and write
|
||
|
521C000
|
stack
|
page read and write
|
||
|
51E9000
|
heap
|
page read and write
|
||
|
31A3000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
3190000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
E5F000
|
unkown
|
page readonly
|
||
|
5800000
|
remote allocation
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D4000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
270000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
3100000
|
heap
|
page read and write
|
||
|
C50000
|
unkown
|
page readonly
|
||
|
B5B000
|
heap
|
page read and write
|
||
|
31E6000
|
heap
|
page read and write
|
||
|
564F000
|
stack
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
4D36000
|
direct allocation
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
317F000
|
heap
|
page read and write
|
||
|
B6D000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
31A6000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
550000
|
unclassified section
|
page readonly
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D5000
|
heap
|
page read and write
|
||
|
5220000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
304E000
|
stack
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D4000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
31A6000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D4000
|
heap
|
page read and write
|
||
|
33E0000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
BEE000
|
stack
|
page read and write
|
||
|
30D4000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
31A1000
|
heap
|
page read and write
|
||
|
30D4000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
4F4F000
|
direct allocation
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D4000
|
heap
|
page read and write
|
||
|
4E5B000
|
direct allocation
|
page readonly
|
||
|
310A000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
27AC1000
|
direct allocation
|
page execute read
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
C2F000
|
stack
|
page read and write
|
||
|
B5E000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
31A1000
|
heap
|
page read and write
|
||
|
4D31000
|
direct allocation
|
page execute read
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D4000
|
heap
|
page read and write
|
||
|
5800000
|
remote allocation
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D4000
|
heap
|
page read and write
|
||
|
30D4000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
56AE000
|
stack
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D4000
|
heap
|
page read and write
|
||
|
C51000
|
unkown
|
page execute read
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D4000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
4FDD000
|
direct allocation
|
page execute read
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
3163000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D4000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
56EF000
|
stack
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
66CC000
|
direct allocation
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
308E000
|
stack
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
587F000
|
stack
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
C60000
|
unkown
|
page read and write
|
||
|
27AC2000
|
direct allocation
|
page readonly
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D4000
|
heap
|
page read and write
|
||
|
5099000
|
stack
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
578F000
|
stack
|
page read and write
|
||
|
5800000
|
remote allocation
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
4FDE000
|
stack
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
4BD1000
|
direct allocation
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
540000
|
unclassified section
|
page readonly
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
5790000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
574E000
|
stack
|
page read and write
|
||
|
4E51000
|
direct allocation
|
page execute read
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D4000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
31A6000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
27AC0000
|
direct allocation
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
4F9D000
|
stack
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
65D1000
|
direct allocation
|
page execute read
|
||
|
C85000
|
unkown
|
page write copy
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
3177000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
50E1000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D5000
|
heap
|
page read and write
|
||
|
30D4000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
505B000
|
stack
|
page read and write
|
||
|
3152000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
50DB000
|
stack
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
33CE000
|
stack
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D4000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D4000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
530000
|
unclassified section
|
page readonly
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D4000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30E0000
|
direct allocation
|
page execute and read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
64D6000
|
direct allocation
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
50E0000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
3121000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
3DD000
|
stack
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
583E000
|
stack
|
page read and write
|
||
|
662C000
|
direct allocation
|
page readonly
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
C5B000
|
unkown
|
page execute read
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D4000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
560E000
|
stack
|
page read and write
|
||
|
2DC000
|
stack
|
page read and write
|
||
|
3000000
|
direct allocation
|
page execute read
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
4A00000
|
direct allocation
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
||
|
30D7000
|
heap
|
page read and write
|
There are 268 hidden memdumps, click here to show them.