Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
G9Z66ZF3Y370FN9E.js
|
ASCII text, with very long lines (350)
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\x4szqe[1].htm
|
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\G9Z66ZF3Y370FN9E.js"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://mokinukai.lt/x4szqe
|
79.98.25.1
|
|
|
|
https://assets.iv.lt/default.css
|
unknown
|
||
|
https://assets.iv.lt/header.html
|
unknown
|
||
|
https://assets.iv.lt/images/icon.png
|
unknown
|
||
|
https://assets.iv.lt/footer.html
|
unknown
|
||
|
https://assets.iv.lt/images/thumbnail.png
|
unknown
|
||
|
https://www.iv.lt/vps-serveriai/
|
unknown
|
||
|
https://www.iv.lt/neribotas-svetainiu-talpinimas/
|
unknown
|
||
|
https://www.iv.lt/
|
unknown
|
||
|
https://klientams.iv.lt/
|
unknown
|
||
|
https://www.iv.lt/svetainiu-kurimo-irankis/
|
unknown
|
||
|
https://www.iv.lt/profesionalus-hostingas/
|
unknown
|
||
|
https://www.iv.lt/talpinimo-planai/
|
unknown
|
||
|
https://www.iv.lt/el-pasto-filtras/
|
unknown
|
||
|
https://www.iv.lt/domenai/
|
unknown
|
||
|
https://www.iv.lt/sertifikatai/
|
unknown
|
There are 6 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
mokinukai.lt
|
79.98.25.1
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
79.98.25.1
|
mokinukai.lt
|
Lithuania
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Script\Settings\Telemetry\wscript.exe
|
JScriptSetScriptStateStarted
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2A782FC5000
|
heap
|
page read and write
|
||
|
2A782FB1000
|
heap
|
page read and write
|
||
|
2A783538000
|
heap
|
page read and write
|
||
|
2A782FCB000
|
heap
|
page read and write
|
||
|
EACC1FF000
|
stack
|
page read and write
|
||
|
2A782FC7000
|
heap
|
page read and write
|
||
|
2A7817D0000
|
heap
|
page read and write
|
||
|
2A782FD2000
|
heap
|
page read and write
|
||
|
2A78155F000
|
heap
|
page read and write
|
||
|
EACBAF4000
|
stack
|
page read and write
|
||
|
2A781514000
|
heap
|
page read and write
|
||
|
2A783541000
|
heap
|
page read and write
|
||
|
2A782FBA000
|
heap
|
page read and write
|
||
|
2A78155F000
|
heap
|
page read and write
|
||
|
2A781538000
|
heap
|
page read and write
|
||
|
2A78357E000
|
heap
|
page read and write
|
||
|
2A782FB8000
|
heap
|
page read and write
|
||
|
2A7837F0000
|
heap
|
page read and write
|
||
|
2A781563000
|
heap
|
page read and write
|
||
|
2A781523000
|
heap
|
page read and write
|
||
|
EACBEFF000
|
stack
|
page read and write
|
||
|
2A78355B000
|
heap
|
page read and write
|
||
|
2A782FD2000
|
heap
|
page read and write
|
||
|
2A781516000
|
heap
|
page read and write
|
||
|
2A7814E9000
|
heap
|
page read and write
|
||
|
2A78354A000
|
heap
|
page read and write
|
||
|
2A7817D5000
|
heap
|
page read and write
|
||
|
2A7814C1000
|
heap
|
page read and write
|
||
|
2A7814BB000
|
heap
|
page read and write
|
||
|
2A782FCB000
|
heap
|
page read and write
|
||
|
2A78354A000
|
heap
|
page read and write
|
||
|
2A7817DA000
|
heap
|
page read and write
|
||
|
2A7814D3000
|
heap
|
page read and write
|
||
|
2A783510000
|
heap
|
page read and write
|
||
|
2A782FB5000
|
heap
|
page read and write
|
||
|
2A783520000
|
heap
|
page read and write
|
||
|
2A782FE5000
|
heap
|
page read and write
|
||
|
2A782FB0000
|
heap
|
page read and write
|
||
|
2A782FCF000
|
heap
|
page read and write
|
||
|
2A78153A000
|
heap
|
page read and write
|
||
|
EACC5FE000
|
stack
|
page read and write
|
||
|
EACC0FE000
|
stack
|
page read and write
|
||
|
2A781490000
|
heap
|
page read and write
|
||
|
2A782FBB000
|
heap
|
page read and write
|
||
|
2A782FD2000
|
heap
|
page read and write
|
||
|
2A783645000
|
heap
|
page read and write
|
||
|
2A781513000
|
heap
|
page read and write
|
||
|
2A78157D000
|
heap
|
page read and write
|
||
|
2A7814D1000
|
heap
|
page read and write
|
||
|
2A7814DE000
|
heap
|
page read and write
|
||
|
2A781538000
|
heap
|
page read and write
|
||
|
2A781577000
|
heap
|
page read and write
|
||
|
2A78355E000
|
heap
|
page read and write
|
||
|
2A783570000
|
heap
|
page read and write
|
||
|
2A78153A000
|
heap
|
page read and write
|
||
|
2A782FB2000
|
heap
|
page read and write
|
||
|
2A78151C000
|
heap
|
page read and write
|
||
|
2A782FBF000
|
heap
|
page read and write
|
||
|
EACC3FB000
|
stack
|
page read and write
|
||
|
2A782FD2000
|
heap
|
page read and write
|
||
|
2A78155F000
|
heap
|
page read and write
|
||
|
2A78151D000
|
heap
|
page read and write
|
||
|
2A7814DE000
|
heap
|
page read and write
|
||
|
2A782FD2000
|
heap
|
page read and write
|
||
|
2A782FC3000
|
heap
|
page read and write
|
||
|
2A7817DA000
|
heap
|
page read and write
|
||
|
2A782FD2000
|
heap
|
page read and write
|
||
|
2A781538000
|
heap
|
page read and write
|
||
|
2A78153A000
|
heap
|
page read and write
|
||
|
2A78153A000
|
heap
|
page read and write
|
||
|
2A7814C0000
|
heap
|
page read and write
|
||
|
2A7814BB000
|
heap
|
page read and write
|
||
|
EACBFFF000
|
stack
|
page read and write
|
||
|
2A781509000
|
heap
|
page read and write
|
||
|
2A781516000
|
heap
|
page read and write
|
||
|
2A781526000
|
heap
|
page read and write
|
||
|
2A782FD2000
|
heap
|
page read and write
|
||
|
EACBBFE000
|
stack
|
page read and write
|
||
|
EACBCFE000
|
stack
|
page read and write
|
||
|
2A782FD2000
|
heap
|
page read and write
|
||
|
2A783571000
|
heap
|
page read and write
|
||
|
2A781470000
|
heap
|
page read and write
|
||
|
2A782FC7000
|
heap
|
page read and write
|
||
|
2A782FB7000
|
heap
|
page read and write
|
||
|
2A781538000
|
heap
|
page read and write
|
||
|
2A78151B000
|
heap
|
page read and write
|
||
|
2A781567000
|
heap
|
page read and write
|
||
|
2A78356D000
|
heap
|
page read and write
|
||
|
2A782FBB000
|
heap
|
page read and write
|
||
|
2A781660000
|
heap
|
page read and write
|
||
|
2A781680000
|
heap
|
page read and write
|
||
|
2A78155F000
|
heap
|
page read and write
|
||
|
2A782FED000
|
heap
|
page read and write
|
||
|
2A781509000
|
heap
|
page read and write
|
||
|
2A782FBE000
|
heap
|
page read and write
|
||
|
2A7814C1000
|
heap
|
page read and write
|
||
|
2A781524000
|
heap
|
page read and write
|
||
|
2A78151F000
|
heap
|
page read and write
|
||
|
2A783770000
|
heap
|
page read and write
|
||
|
2A78151C000
|
heap
|
page read and write
|
||
|
2A782FB1000
|
heap
|
page read and write
|
||
|
2A783543000
|
heap
|
page read and write
|
||
|
2A782FE4000
|
heap
|
page read and write
|
||
|
2A781568000
|
heap
|
page read and write
|
||
|
2A781522000
|
heap
|
page read and write
|
||
|
2A78356A000
|
heap
|
page read and write
|
||
|
2A783640000
|
heap
|
page read and write
|
||
|
2A78151F000
|
heap
|
page read and write
|
||
|
2A782FC8000
|
heap
|
page read and write
|
||
|
EACC2FE000
|
stack
|
page read and write
|
||
|
2A78356B000
|
heap
|
page read and write
|
||
|
EACC4FF000
|
stack
|
page read and write
|
||
|
2A7817DD000
|
heap
|
page read and write
|
||
|
2A781538000
|
heap
|
page read and write
|
||
|
2A781509000
|
heap
|
page read and write
|
||
|
2A78153A000
|
heap
|
page read and write
|
||
|
2A782FD2000
|
heap
|
page read and write
|
||
|
2A783570000
|
heap
|
page read and write
|
||
|
2A783990000
|
heap
|
page read and write
|
||
|
2A78156E000
|
heap
|
page read and write
|
||
|
2A782FD2000
|
heap
|
page read and write
|
||
|
2A7814BA000
|
heap
|
page read and write
|
||
|
2A783470000
|
heap
|
page read and write
|
||
|
2A78151F000
|
heap
|
page read and write
|
||
|
2A7837C0000
|
heap
|
page read and write
|
||
|
2A782FC2000
|
heap
|
page read and write
|
||
|
2A78155F000
|
heap
|
page read and write
|
||
|
2A783574000
|
heap
|
page read and write
|
||
|
2A78352B000
|
heap
|
page read and write
|
||
|
2A78155F000
|
heap
|
page read and write
|
||
|
2A78355A000
|
heap
|
page read and write
|
||
|
2A78355A000
|
heap
|
page read and write
|
||
|
2A7830E0000
|
heap
|
page read and write
|
||
|
2A7839A0000
|
trusted library allocation
|
page read and write
|
||
|
2A7817D9000
|
heap
|
page read and write
|
||
|
2A78155F000
|
heap
|
page read and write
|
||
|
2A782FE5000
|
heap
|
page read and write
|
||
|
2A782FB4000
|
heap
|
page read and write
|
||
|
2A782FD2000
|
heap
|
page read and write
|
||
|
2A7814D0000
|
heap
|
page read and write
|
||
|
2A782FC1000
|
heap
|
page read and write
|
||
|
2A78356F000
|
heap
|
page read and write
|
||
|
2A781526000
|
heap
|
page read and write
|
There are 133 hidden memdumps, click here to show them.