Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
H3h3mgJtVI.exe
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\H3h3mgJtVI.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\H3h3mgJtVI.exe
|
"C:\Users\user\Desktop\H3h3mgJtVI.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
https://api.ip.sb/ip
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
https://api.ip.s
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
https://discord.com/api/v9/users/
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
There are 18 hidden URLs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
546B000
|
trusted library allocation
|
page read and write
|
||
|
5460000
|
trusted library allocation
|
page read and write
|
||
|
3132000
|
trusted library allocation
|
page read and write
|
||
|
3EE9000
|
trusted library allocation
|
page read and write
|
||
|
2F95000
|
trusted library allocation
|
page read and write
|
||
|
6140000
|
trusted library allocation
|
page execute and read and write
|
||
|
311F000
|
trusted library allocation
|
page read and write
|
||
|
3067000
|
trusted library allocation
|
page read and write
|
||
|
7ECF000
|
heap
|
page read and write
|
||
|
56E0000
|
trusted library allocation
|
page read and write
|
||
|
5A30000
|
trusted library allocation
|
page read and write
|
||
|
2D30000
|
heap
|
page read and write
|
||
|
319E000
|
trusted library allocation
|
page read and write
|
||
|
7B8E000
|
stack
|
page read and write
|
||
|
31A2000
|
trusted library allocation
|
page read and write
|
||
|
3151000
|
trusted library allocation
|
page read and write
|
||
|
2F78000
|
trusted library allocation
|
page read and write
|
||
|
30ED000
|
trusted library allocation
|
page read and write
|
||
|
7A0E000
|
stack
|
page read and write
|
||
|
12C8000
|
heap
|
page read and write
|
||
|
55C0000
|
trusted library allocation
|
page read and write
|
||
|
10BE000
|
stack
|
page read and write
|
||
|
139B000
|
heap
|
page read and write
|
||
|
1540000
|
heap
|
page read and write
|
||
|
55D0000
|
heap
|
page read and write
|
||
|
5A50000
|
trusted library allocation
|
page read and write
|
||
|
3123000
|
trusted library allocation
|
page read and write
|
||
|
153D000
|
trusted library allocation
|
page execute and read and write
|
||
|
30BD000
|
trusted library allocation
|
page read and write
|
||
|
8010000
|
trusted library allocation
|
page execute and read and write
|
||
|
633C000
|
heap
|
page read and write
|
||
|
30D7000
|
trusted library allocation
|
page read and write
|
||
|
1331000
|
heap
|
page read and write
|
||
|
3121000
|
trusted library allocation
|
page read and write
|
||
|
3136000
|
trusted library allocation
|
page read and write
|
||
|
547E000
|
trusted library allocation
|
page read and write
|
||
|
31C5000
|
trusted library allocation
|
page read and write
|
||
|
301A000
|
trusted library allocation
|
page read and write
|
||
|
5910000
|
trusted library allocation
|
page execute and read and write
|
||
|
3187000
|
trusted library allocation
|
page read and write
|
||
|
53F0000
|
trusted library allocation
|
page read and write
|
||
|
315A000
|
trusted library allocation
|
page read and write
|
||
|
3108000
|
trusted library allocation
|
page read and write
|
||
|
56D7000
|
trusted library allocation
|
page read and write
|
||
|
3157000
|
trusted library allocation
|
page read and write
|
||
|
6150000
|
trusted library allocation
|
page read and write
|
||
|
314F000
|
trusted library allocation
|
page read and write
|
||
|
31A6000
|
trusted library allocation
|
page read and write
|
||
|
30E5000
|
trusted library allocation
|
page read and write
|
||
|
13BD000
|
heap
|
page read and write
|
||
|
2F24000
|
trusted library allocation
|
page read and write
|
||
|
2CF0000
|
trusted library allocation
|
page read and write
|
||
|
310A000
|
trusted library allocation
|
page read and write
|
||
|
6120000
|
heap
|
page read and write
|
||
|
14FF000
|
stack
|
page read and write
|
||
|
2D60000
|
heap
|
page read and write
|
||
|
31D6000
|
trusted library allocation
|
page read and write
|
||
|
3117000
|
trusted library allocation
|
page read and write
|
||
|
62E0000
|
heap
|
page read and write
|
||
|
3EC1000
|
trusted library allocation
|
page read and write
|
||
|
138F000
|
heap
|
page read and write
|
||
|
2FB3000
|
trusted library allocation
|
page read and write
|
||
|
1523000
|
trusted library allocation
|
page execute and read and write
|
||
|
12C0000
|
heap
|
page read and write
|
||
|
314B000
|
trusted library allocation
|
page read and write
|
||
|
1547000
|
heap
|
page read and write
|
||
|
1530000
|
trusted library allocation
|
page read and write
|
||
|
2DAE000
|
stack
|
page read and write
|
||
|
2D20000
|
trusted library allocation
|
page read and write
|
||
|
3106000
|
trusted library allocation
|
page read and write
|
||
|
3189000
|
trusted library allocation
|
page read and write
|
||
|
2EB0000
|
heap
|
page execute and read and write
|
||
|
2D07000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CFA000
|
trusted library allocation
|
page execute and read and write
|
||
|
30B5000
|
trusted library allocation
|
page read and write
|
||
|
152D000
|
trusted library allocation
|
page execute and read and write
|
||
|
5481000
|
trusted library allocation
|
page read and write
|
||
|
5A20000
|
heap
|
page read and write
|
||
|
3155000
|
trusted library allocation
|
page read and write
|
||
|
3104000
|
trusted library allocation
|
page read and write
|
||
|
3149000
|
trusted library allocation
|
page read and write
|
||
|
7EC8000
|
heap
|
page read and write
|
||
|
318D000
|
trusted library allocation
|
page read and write
|
||
|
61C5000
|
heap
|
page read and write
|
||
|
56D0000
|
trusted library allocation
|
page read and write
|
||
|
62D0000
|
heap
|
page read and write
|
||
|
30E7000
|
trusted library allocation
|
page read and write
|
||
|
30B1000
|
trusted library allocation
|
page read and write
|
||
|
73D0000
|
trusted library allocation
|
page read and write
|
||
|
DE8000
|
stack
|
page read and write
|
||
|
3170000
|
trusted library allocation
|
page read and write
|
||
|
2F8C000
|
trusted library allocation
|
page read and write
|
||
|
7DCF000
|
stack
|
page read and write
|
||
|
2D02000
|
trusted library allocation
|
page read and write
|
||
|
5486000
|
trusted library allocation
|
page read and write
|
||
|
7EB0000
|
heap
|
page read and write
|
||
|
790D000
|
stack
|
page read and write
|
||
|
6319000
|
heap
|
page read and write
|
||
|
3125000
|
trusted library allocation
|
page read and write
|
||
|
318B000
|
trusted library allocation
|
page read and write
|
||
|
311D000
|
trusted library allocation
|
page read and write
|
||
|
7A4E000
|
stack
|
page read and write
|
||
|
572E000
|
stack
|
page read and write
|
||
|
31A8000
|
trusted library allocation
|
page read and write
|
||
|
5A70000
|
trusted library allocation
|
page execute and read and write
|
||
|
590D000
|
stack
|
page read and write
|
||
|
C10000
|
unkown
|
page readonly
|
||
|
5464000
|
trusted library allocation
|
page read and write
|
||
|
317B000
|
trusted library allocation
|
page read and write
|
||
|
54A3000
|
heap
|
page read and write
|
||
|
310D000
|
trusted library allocation
|
page read and write
|
||
|
7EB9000
|
heap
|
page read and write
|
||
|
61C0000
|
heap
|
page read and write
|
||
|
1524000
|
trusted library allocation
|
page read and write
|
||
|
6180000
|
trusted library allocation
|
page read and write
|
||
|
1520000
|
trusted library allocation
|
page read and write
|
||
|
316A000
|
trusted library allocation
|
page read and write
|
||
|
544E000
|
stack
|
page read and write
|
||
|
3190000
|
trusted library allocation
|
page read and write
|
||
|
509C000
|
stack
|
page read and write
|
||
|
55A9000
|
stack
|
page read and write
|
||
|
10E5000
|
heap
|
page read and write
|
||
|
7EDA000
|
heap
|
page read and write
|
||
|
30B9000
|
trusted library allocation
|
page read and write
|
||
|
316E000
|
trusted library allocation
|
page read and write
|
||
|
1344000
|
heap
|
page read and write
|
||
|
1070000
|
heap
|
page read and write
|
||
|
311B000
|
trusted library allocation
|
page read and write
|
||
|
5400000
|
heap
|
page execute and read and write
|
||
|
13FE000
|
stack
|
page read and write
|
||
|
316C000
|
trusted library allocation
|
page read and write
|
||
|
7C8F000
|
stack
|
page read and write
|
||
|
3185000
|
trusted library allocation
|
page read and write
|
||
|
2CF2000
|
trusted library allocation
|
page read and write
|
||
|
2D50000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F1C000
|
trusted library allocation
|
page read and write
|
||
|
3183000
|
trusted library allocation
|
page read and write
|
||
|
2EC1000
|
trusted library allocation
|
page read and write
|
||
|
3063000
|
trusted library allocation
|
page read and write
|
||
|
3153000
|
trusted library allocation
|
page read and write
|
||
|
313C000
|
trusted library allocation
|
page read and write
|
||
|
30D4000
|
trusted library allocation
|
page read and write
|
||
|
62CD000
|
stack
|
page read and write
|
||
|
7B4E000
|
stack
|
page read and write
|
||
|
2CF6000
|
trusted library allocation
|
page execute and read and write
|
||
|
31A4000
|
trusted library allocation
|
page read and write
|
||
|
2D0B000
|
trusted library allocation
|
page execute and read and write
|
||
|
55B0000
|
trusted library allocation
|
page read and write
|
||
|
10E0000
|
heap
|
page read and write
|
||
|
73F2000
|
trusted library allocation
|
page read and write
|
||
|
4F9B000
|
stack
|
page read and write
|
||
|
133D000
|
heap
|
page read and write
|
||
|
30EB000
|
trusted library allocation
|
page read and write
|
||
|
12F5000
|
heap
|
page read and write
|
||
|
77D0000
|
heap
|
page read and write
|
||
|
5ABB000
|
stack
|
page read and write
|
||
|
5A3E000
|
trusted library allocation
|
page read and write
|
||
|
7EC0000
|
heap
|
page read and write
|
||
|
1050000
|
heap
|
page read and write
|
||
|
6110000
|
heap
|
page read and write
|
||
|
314D000
|
trusted library allocation
|
page read and write
|
||
|
319C000
|
trusted library allocation
|
page read and write
|
||
|
5AC0000
|
trusted library section
|
page readonly
|
||
|
7ED4000
|
heap
|
page read and write
|
||
|
30F2000
|
trusted library allocation
|
page read and write
|
||
|
53E0000
|
trusted library allocation
|
page read and write
|
||
|
3134000
|
trusted library allocation
|
page read and write
|
||
|
1356000
|
heap
|
page read and write
|
||
|
12E7000
|
heap
|
page read and write
|
||
|
1060000
|
heap
|
page read and write
|
||
|
30E9000
|
trusted library allocation
|
page read and write
|
||
|
5730000
|
trusted library allocation
|
page read and write
|
||
|
5AD0000
|
heap
|
page read and write
|
||
|
548D000
|
trusted library allocation
|
page read and write
|
||
|
7CCE000
|
stack
|
page read and write
|
||
|
313A000
|
trusted library allocation
|
page read and write
|
||
|
1383000
|
heap
|
page read and write
|
||
|
30EF000
|
trusted library allocation
|
page read and write
|
||
|
3177000
|
trusted library allocation
|
page read and write
|
||
|
54A0000
|
heap
|
page read and write
|
||
|
546E000
|
trusted library allocation
|
page read and write
|
||
|
300A000
|
trusted library allocation
|
page read and write
|
||
|
62F1000
|
heap
|
page read and write
|
||
|
2D00000
|
trusted library allocation
|
page read and write
|
||
|
CE9000
|
stack
|
page read and write
|
||
|
300E000
|
trusted library allocation
|
page read and write
|
||
|
C12000
|
unkown
|
page readonly
|
||
|
2EAE000
|
stack
|
page read and write
|
||
|
1302000
|
heap
|
page read and write
|
||
|
5492000
|
trusted library allocation
|
page read and write
|
||
|
3119000
|
trusted library allocation
|
page read and write
|
||
|
3138000
|
trusted library allocation
|
page read and write
|
||
|
12CE000
|
heap
|
page read and write
|
||
|
12BF000
|
stack
|
page read and write
|
||
|
5750000
|
trusted library allocation
|
page read and write
|
||
|
1510000
|
trusted library allocation
|
page read and write
|
||
|
3168000
|
trusted library allocation
|
page read and write
|
||
|
3F29000
|
trusted library allocation
|
page read and write
|
||
|
3080000
|
trusted library allocation
|
page read and write
|
There are 189 hidden memdumps, click here to show them.