Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe
|
"C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe"
|
 |
|
|
C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe
|
"C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe"
|
|
|
|
C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe
|
"C:\Users\user\Desktop\DHL Shipping documents 0020398484995500.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://ftp.concaribe.com
|
unknown
|
|
|
|
https://api.ipify.org/
|
104.26.12.205
|
||
|
https://api.ipify.org
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
||
|
http://concaribe.com
|
unknown
|
||
|
https://api.ipify.org/t
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://github.com/dnSpy/dnSpy/wiki/Debugging-Unity-Games
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
concaribe.com
|
192.185.13.234
|
|
|
|
ftp.concaribe.com
|
unknown
|
|
|
|
api.ipify.org
|
104.26.12.205
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.185.13.234
|
concaribe.com
|
United States
|
|
|
|
104.26.12.205
|
api.ipify.org
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DHL Shipping documents 0020398484995500_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DHL Shipping documents 0020398484995500_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DHL Shipping documents 0020398484995500_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DHL Shipping documents 0020398484995500_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DHL Shipping documents 0020398484995500_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DHL Shipping documents 0020398484995500_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DHL Shipping documents 0020398484995500_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DHL Shipping documents 0020398484995500_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DHL Shipping documents 0020398484995500_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DHL Shipping documents 0020398484995500_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DHL Shipping documents 0020398484995500_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DHL Shipping documents 0020398484995500_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DHL Shipping documents 0020398484995500_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\DHL Shipping documents 0020398484995500_RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3FD9000
|
trusted library allocation
|
page read and write
|
|
|
|
2E91000
|
trusted library allocation
|
page read and write
|
|
|
|
2EBC000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
1140000
|
trusted library allocation
|
page read and write
|
||
|
2EC0000
|
heap
|
page execute and read and write
|
||
|
63D0000
|
heap
|
page read and write
|
||
|
2ED0000
|
trusted library allocation
|
page read and write
|
||
|
3E41000
|
trusted library allocation
|
page read and write
|
||
|
1584000
|
heap
|
page read and write
|
||
|
150E000
|
stack
|
page read and write
|
||
|
1133000
|
trusted library allocation
|
page read and write
|
||
|
14A0000
|
heap
|
page read and write
|
||
|
5520000
|
heap
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
14A7000
|
heap
|
page read and write
|
||
|
F63000
|
trusted library allocation
|
page execute and read and write
|
||
|
631D000
|
stack
|
page read and write
|
||
|
62B0000
|
heap
|
page read and write
|
||
|
62B5000
|
heap
|
page read and write
|
||
|
5AED000
|
trusted library allocation
|
page read and write
|
||
|
2D6E000
|
trusted library allocation
|
page read and write
|
||
|
1510000
|
trusted library allocation
|
page read and write
|
||
|
2E10000
|
heap
|
page execute and read and write
|
||
|
14C0000
|
heap
|
page read and write
|
||
|
5380000
|
heap
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
1520000
|
trusted library allocation
|
page read and write
|
||
|
2EBA000
|
trusted library allocation
|
page read and write
|
||
|
102A000
|
heap
|
page read and write
|
||
|
168E000
|
stack
|
page read and write
|
||
|
1440000
|
trusted library allocation
|
page read and write
|
||
|
11A3000
|
heap
|
page read and write
|
||
|
F6D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1036000
|
heap
|
page read and write
|
||
|
2EB8000
|
trusted library allocation
|
page read and write
|
||
|
516E000
|
stack
|
page read and write
|
||
|
7070000
|
heap
|
page read and write
|
||
|
F9B000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D82000
|
trusted library allocation
|
page read and write
|
||
|
5540000
|
heap
|
page read and write
|
||
|
1008000
|
heap
|
page read and write
|
||
|
5AE0000
|
trusted library allocation
|
page read and write
|
||
|
BB0000
|
unkown
|
page readonly
|
||
|
6A1E000
|
stack
|
page read and write
|
||
|
701E000
|
stack
|
page read and write
|
||
|
1294000
|
trusted library allocation
|
page read and write
|
||
|
1105000
|
heap
|
page read and write
|
||
|
2D4E000
|
stack
|
page read and write
|
||
|
2DCC000
|
stack
|
page read and write
|
||
|
1540000
|
heap
|
page read and write
|
||
|
66CB000
|
heap
|
page read and write
|
||
|
F64000
|
trusted library allocation
|
page read and write
|
||
|
2D5B000
|
trusted library allocation
|
page read and write
|
||
|
10CE000
|
stack
|
page read and write
|
||
|
BEE000
|
stack
|
page read and write
|
||
|
2E80000
|
trusted library allocation
|
page read and write
|
||
|
F70000
|
trusted library allocation
|
page read and write
|
||
|
5530000
|
heap
|
page read and write
|
||
|
FC5000
|
heap
|
page read and write
|
||
|
3FD1000
|
trusted library allocation
|
page read and write
|
||
|
5510000
|
trusted library allocation
|
page execute and read and write
|
||
|
14A0000
|
heap
|
page read and write
|
||
|
116E000
|
heap
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
56D3000
|
heap
|
page read and write
|
||
|
1120000
|
trusted library allocation
|
page read and write
|
||
|
113D000
|
trusted library allocation
|
page execute and read and write
|
||
|
112D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6B77000
|
trusted library allocation
|
page read and write
|
||
|
1075000
|
heap
|
page read and write
|
||
|
2D76000
|
trusted library allocation
|
page read and write
|
||
|
6714000
|
heap
|
page read and write
|
||
|
EF8000
|
stack
|
page read and write
|
||
|
2D71000
|
trusted library allocation
|
page read and write
|
||
|
F50000
|
trusted library allocation
|
page read and write
|
||
|
1040000
|
heap
|
page read and write
|
||
|
54B0000
|
heap
|
page read and write
|
||
|
6DAF000
|
stack
|
page read and write
|
||
|
6DF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3EA9000
|
trusted library allocation
|
page read and write
|
||
|
F80000
|
trusted library allocation
|
page read and write
|
||
|
2E7F000
|
trusted library allocation
|
page read and write
|
||
|
B3A000
|
stack
|
page read and write
|
||
|
563C000
|
stack
|
page read and write
|
||
|
2E3B000
|
trusted library allocation
|
page read and write
|
||
|
2E56000
|
trusted library allocation
|
page read and write
|
||
|
6A27000
|
trusted library allocation
|
page read and write
|
||
|
1146000
|
trusted library allocation
|
page execute and read and write
|
||
|
5AD0000
|
trusted library allocation
|
page read and write
|
||
|
FE0000
|
trusted library allocation
|
page read and write
|
||
|
101E000
|
heap
|
page read and write
|
||
|
63C0000
|
heap
|
page read and write
|
||
|
2E41000
|
trusted library allocation
|
page read and write
|
||
|
2E30000
|
heap
|
page execute and read and write
|
||
|
2E34000
|
trusted library allocation
|
page read and write
|
||
|
3E69000
|
trusted library allocation
|
page read and write
|
||
|
43E000
|
remote allocation
|
page execute and read and write
|
||
|
6A70000
|
trusted library allocation
|
page execute and read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
124C000
|
stack
|
page read and write
|
||
|
56B0000
|
heap
|
page read and write
|
||
|
1570000
|
trusted library allocation
|
page read and write
|
||
|
66A0000
|
heap
|
page read and write
|
||
|
1157000
|
trusted library allocation
|
page execute and read and write
|
||
|
537F000
|
stack
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
155F000
|
trusted library allocation
|
page read and write
|
||
|
1110000
|
trusted library allocation
|
page read and write
|
||
|
6B70000
|
trusted library allocation
|
page read and write
|
||
|
6B80000
|
trusted library allocation
|
page read and write
|
||
|
13B8000
|
trusted library allocation
|
page read and write
|
||
|
569E000
|
stack
|
page read and write
|
||
|
1097000
|
heap
|
page read and write
|
||
|
6DB0000
|
trusted library allocation
|
page read and write
|
||
|
1580000
|
heap
|
page read and write
|
||
|
F7D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6A80000
|
trusted library allocation
|
page read and write
|
||
|
1450000
|
trusted library allocation
|
page read and write
|
||
|
11EB000
|
heap
|
page read and write
|
||
|
56A0000
|
trusted library section
|
page readonly
|
||
|
5520000
|
heap
|
page read and write
|
||
|
F82000
|
trusted library allocation
|
page read and write
|
||
|
2D50000
|
trusted library allocation
|
page read and write
|
||
|
1550000
|
trusted library allocation
|
page read and write
|
||
|
59BF000
|
stack
|
page read and write
|
||
|
2E5D000
|
trusted library allocation
|
page read and write
|
||
|
FF0000
|
trusted library allocation
|
page read and write
|
||
|
2E4E000
|
trusted library allocation
|
page read and write
|
||
|
5AD8000
|
trusted library allocation
|
page read and write
|
||
|
2D62000
|
trusted library allocation
|
page read and write
|
||
|
2EC2000
|
trusted library allocation
|
page read and write
|
||
|
2E36000
|
trusted library allocation
|
page read and write
|
||
|
1124000
|
trusted library allocation
|
page read and write
|
||
|
6010000
|
heap
|
page read and write
|
||
|
128E000
|
stack
|
page read and write
|
||
|
66F1000
|
heap
|
page read and write
|
||
|
142E000
|
stack
|
page read and write
|
||
|
6E00000
|
heap
|
page read and write
|
||
|
2FD1000
|
trusted library allocation
|
page read and write
|
||
|
2E62000
|
trusted library allocation
|
page read and write
|
||
|
6A20000
|
trusted library allocation
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
6B2E000
|
stack
|
page read and write
|
||
|
108E000
|
stack
|
page read and write
|
||
|
148E000
|
stack
|
page read and write
|
||
|
6B6E000
|
stack
|
page read and write
|
||
|
641E000
|
stack
|
page read and write
|
||
|
F86000
|
trusted library allocation
|
page execute and read and write
|
||
|
691E000
|
stack
|
page read and write
|
||
|
F95000
|
trusted library allocation
|
page execute and read and write
|
||
|
1123000
|
trusted library allocation
|
page execute and read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
F60000
|
trusted library allocation
|
page read and write
|
||
|
11E9000
|
heap
|
page read and write
|
||
|
13AE000
|
stack
|
page read and write
|
||
|
58B0000
|
heap
|
page execute and read and write
|
||
|
57D0000
|
trusted library section
|
page read and write
|
||
|
7FD20000
|
trusted library allocation
|
page execute and read and write
|
||
|
54C2000
|
trusted library allocation
|
page read and write
|
||
|
6A90000
|
trusted library allocation
|
page execute and read and write
|
||
|
585C000
|
stack
|
page read and write
|
||
|
6110000
|
heap
|
page read and write
|
||
|
1565000
|
trusted library allocation
|
page read and write
|
||
|
68DE000
|
stack
|
page read and write
|
||
|
1290000
|
trusted library allocation
|
page read and write
|
||
|
1188000
|
heap
|
page read and write
|
||
|
1490000
|
trusted library allocation
|
page execute and read and write
|
||
|
DC7000
|
stack
|
page read and write
|
||
|
6D2E000
|
stack
|
page read and write
|
||
|
10AC000
|
heap
|
page read and write
|
||
|
1150000
|
trusted library allocation
|
page read and write
|
||
|
1030000
|
heap
|
page read and write
|
||
|
717E000
|
stack
|
page read and write
|
||
|
115B000
|
trusted library allocation
|
page execute and read and write
|
||
|
116A000
|
heap
|
page read and write
|
||
|
1034000
|
heap
|
page read and write
|
||
|
2D6A000
|
trusted library allocation
|
page read and write
|
||
|
67DE000
|
stack
|
page read and write
|
||
|
2E8D000
|
trusted library allocation
|
page read and write
|
||
|
2FCE000
|
stack
|
page read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
120E000
|
stack
|
page read and write
|
||
|
12A0000
|
heap
|
page read and write
|
||
|
2E77000
|
trusted library allocation
|
page read and write
|
||
|
6D6E000
|
stack
|
page read and write
|
||
|
2E51000
|
trusted library allocation
|
page read and write
|
||
|
1220000
|
heap
|
page read and write
|
||
|
1160000
|
heap
|
page read and write
|
||
|
1513000
|
trusted library allocation
|
page read and write
|
||
|
11FC000
|
heap
|
page read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
1084000
|
heap
|
page read and write
|
||
|
2EB6000
|
trusted library allocation
|
page read and write
|
||
|
F8A000
|
trusted library allocation
|
page execute and read and write
|
||
|
CCA000
|
stack
|
page read and write
|
||
|
63BD000
|
stack
|
page read and write
|
||
|
5533000
|
heap
|
page read and write
|
||
|
114A000
|
trusted library allocation
|
page execute and read and write
|
||
|
F97000
|
trusted library allocation
|
page execute and read and write
|
||
|
BB2000
|
unkown
|
page readonly
|
||
|
2E30000
|
trusted library allocation
|
page read and write
|
||
|
5500000
|
trusted library allocation
|
page read and write
|
||
|
6DE0000
|
heap
|
page read and write
|
||
|
56D0000
|
heap
|
page read and write
|
||
|
2D7D000
|
trusted library allocation
|
page read and write
|
||
|
1560000
|
trusted library allocation
|
page read and write
|
||
|
54D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E3E000
|
trusted library allocation
|
page read and write
|
||
|
2E4A000
|
trusted library allocation
|
page read and write
|
||
|
6A6E000
|
stack
|
page read and write
|
||
|
4F3E000
|
stack
|
page read and write
|
||
|
FB0000
|
trusted library allocation
|
page read and write
|
||
|
54C0000
|
trusted library allocation
|
page read and write
|
||
|
1530000
|
trusted library allocation
|
page read and write
|
||
|
2E81000
|
trusted library allocation
|
page read and write
|
||
|
F92000
|
trusted library allocation
|
page read and write
|
||
|
2E42000
|
trusted library allocation
|
page read and write
|
||
|
FD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D5E000
|
trusted library allocation
|
page read and write
|
||
|
12A7000
|
heap
|
page read and write
|
There are 211 hidden memdumps, click here to show them.