Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\9FvJxhtNOD.exe
|
"C:\Users\user\Desktop\9FvJxhtNOD.exe"
|
 |
|
|
C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe
|
"C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
wrigglesight.sbs
|
|
||
|
heroicmint.sbs
|
|
||
|
monstourtu.sbs
|
|
||
|
snailyeductyi.sbs
|
|
||
|
ferrycheatyk.sbs
|
|
||
|
https://steamcommunity.com/profiles/76561199724331900
|
104.102.49.254
|
|
|
|
deepymouthi.sbs
|
|
||
|
captaitwik.sbs
|
|
||
|
sidercotay.sbs
|
|
||
|
https://steamcommunity.com/my/wishlist/
|
unknown
|
||
|
https://player.vimeo.com
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC&
|
unknown
|
||
|
https://steamcommunity.com/?subsection=broadcasts
|
unknown
|
||
|
https://help.steampowered.com/en/
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/shared/javascript/shared_global.js?v=wJD9maDpDcV
|
unknown
|
||
|
https://steamcommunity.com/market/
|
unknown
|
||
|
https://store.steampowered.com/news/
|
unknown
|
||
|
https://store.steampowered.com/subscriber_agreement/
|
unknown
|
||
|
https://www.gstatic.cn/recaptcha/
|
unknown
|
||
|
http://store.steampowered.com/subscriber_agreement/
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/javascript/applications/community/manifest.js?v=
|
unknown
|
||
|
https://steamcommunity.com/linkfilter/?u=http%3A%2F%2Fwww.geonames.org
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/css/applications/community/main.css?v=ljhW-PbGuX
|
unknown
|
||
|
https://recaptcha.net/recaptcha/;
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=OeNIgrpE
|
unknown
|
||
|
http://www.valvesoftware.com/legal.htm
|
unknown
|
||
|
https://steamcommunity.com/discussions/
|
unknown
|
||
|
https://www.youtube.com
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://store.steampowered.com/stats/
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/javascript/global.js?v=bOP7RorZq4_W&l=englis
|
unknown
|
||
|
https://medal.tv
|
unknown
|
||
|
https://broadcast.st.dl.eccdnx.com
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0&
|
unknown
|
||
|
https://store.steampowered.com/steam_refunds/
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/shared/javascript/shared_responsive_adapter.js?v
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.p
|
unknown
|
||
|
https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20Feedback
|
unknown
|
||
|
https://steamcommunity.com/login/home/?goto=profiles%2F76561199724331900
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/shared/javascript/auth_refresh.js?v=WgUxSlKTb3W1
|
unknown
|
||
|
https://s.ytimg.com;
|
unknown
|
||
|
https://steamcommunity.com/workshop/
|
unknown
|
||
|
https://login.steampowered.com/
|
unknown
|
||
|
https://store.steampowered.com/legal/
|
unknown
|
||
|
https://steam.tv/
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/shared/css/buttons.css?v=tuNiaSwXwcYT&l=engl
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/shared/css/motiva_sans.css?v=GfSjbGKcNYaQ&l=
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/javascript/applications/community/main.js?v=W9BX
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw&
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/css/globalv2.css?v=pwVcIAtHNXwg&l=english&am
|
unknown
|
||
|
http://store.steampowered.com/privacy_agreement/
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/shared/css/shared_responsive.css?v=eghn9DNyCY67&
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/css/skin_1/header.css?v=vh4BMeDcNiCU&l=engli
|
unknown
|
||
|
https://store.steampowered.com/points/shop/
|
unknown
|
||
|
https://recaptcha.net
|
unknown
|
||
|
https://store.steampowered.com/
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/css/skin_1/fatalerror.css?v=wctRWaBvNt2z&l=e
|
unknown
|
||
|
https://steamcommunity.com
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/shared/css/shared_global.css?v=Ff_1prscqzeu&
|
unknown
|
||
|
https://sketchfab.com
|
unknown
|
||
|
https://lv.queniujq.cn
|
unknown
|
||
|
https://store.steampowered.com/;Persistent-AuthWWW-AuthenticateVarysteamCountry=US%7C42cb6563c5fec81
|
unknown
|
||
|
https://www.youtube.com/
|
unknown
|
||
|
http://127.0.0.1:27060
|
unknown
|
||
|
https://store.steampowered.com/privacy_agreement/
|
unknown
|
||
|
https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png
|
unknown
|
||
|
https://ferrycheatyk.sbs/api&
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/images/skin_1/footerLogo_valve.png?v=1
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/shared/images/header/logo_steam.svg?t=962016
|
unknown
|
||
|
https://www.google.com/recaptcha/
|
unknown
|
||
|
https://checkout.steampowered.com/
|
unknown
|
||
|
https://login.microsoftonline.us/tls:
|
unknown
|
||
|
https://help.steampowered.com/
|
unknown
|
||
|
https://api.steampowered.com/
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/javascript/applications/community/libraries~b28b
|
unknown
|
||
|
http://store.steampowered.com/account/cookiepreferences/
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/public/shared/images/responsive/header_logo.png
|
unknown
|
||
|
https://store.steampowered.com/mobile
|
unknown
|
||
|
https://steamcommunity.com/
|
unknown
|
||
|
https://steamcommunity.com/v
|
unknown
|
||
|
https://store.steampowered.com/;
|
unknown
|
||
|
https://store.steampowered.com/about/
|
unknown
|
||
|
https://community.cloudflare.steamstatic.com/
|
unknown
|
There are 74 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
steamcommunity.com
|
104.102.49.254
|
|
|
|
wrigglesight.sbs
|
unknown
|
|
|
|
ferrycheatyk.sbs
|
unknown
|
|
|
|
deepymouthi.sbs
|
unknown
|
|
|
|
monstourtu.sbs
|
unknown
|
|
|
|
captaitwik.sbs
|
unknown
|
|
|
|
snailyeductyi.sbs
|
unknown
|
|
|
|
heroicmint.sbs
|
unknown
|
|
|
|
sidercotay.sbs
|
unknown
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.102.49.254
|
steamcommunity.com
|
United States
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
A11E000
|
direct allocation
|
page read and write
|
|
|
|
1896000
|
unkown
|
page read and write
|
||
|
A402000
|
direct allocation
|
page read and write
|
||
|
1895000
|
unkown
|
page write copy
|
||
|
EDD000
|
stack
|
page read and write
|
||
|
A0A0000
|
direct allocation
|
page read and write
|
||
|
3288000
|
heap
|
page read and write
|
||
|
4BDD000
|
stack
|
page read and write
|
||
|
A458000
|
direct allocation
|
page read and write
|
||
|
328D000
|
heap
|
page read and write
|
||
|
A0E4000
|
direct allocation
|
page read and write
|
||
|
A10C000
|
direct allocation
|
page read and write
|
||
|
1892000
|
unkown
|
page read and write
|
||
|
4B00000
|
heap
|
page read and write
|
||
|
A14C000
|
direct allocation
|
page read and write
|
||
|
32A4000
|
heap
|
page read and write
|
||
|
A15C000
|
direct allocation
|
page read and write
|
||
|
32D8000
|
heap
|
page read and write
|
||
|
32C9000
|
heap
|
page read and write
|
||
|
CFF000
|
stack
|
page read and write
|
||
|
A0F8000
|
direct allocation
|
page read and write
|
||
|
F01000
|
unkown
|
page execute read
|
||
|
A0AA000
|
direct allocation
|
page read and write
|
||
|
A5AC000
|
direct allocation
|
page read and write
|
||
|
A046000
|
direct allocation
|
page read and write
|
||
|
A2BE000
|
direct allocation
|
page read and write
|
||
|
4F10000
|
remote allocation
|
page read and write
|
||
|
8EE000
|
stack
|
page read and write
|
||
|
2D6C000
|
stack
|
page read and write
|
||
|
A140000
|
direct allocation
|
page read and write
|
||
|
32D8000
|
heap
|
page read and write
|
||
|
3130000
|
heap
|
page read and write
|
||
|
328D000
|
heap
|
page read and write
|
||
|
A092000
|
direct allocation
|
page read and write
|
||
|
A03B000
|
direct allocation
|
page read and write
|
||
|
A0CA000
|
direct allocation
|
page read and write
|
||
|
A2BA000
|
direct allocation
|
page read and write
|
||
|
45B000
|
remote allocation
|
page execute and read and write
|
||
|
A17A000
|
direct allocation
|
page read and write
|
||
|
A126000
|
direct allocation
|
page read and write
|
||
|
A106000
|
direct allocation
|
page read and write
|
||
|
A2DC000
|
direct allocation
|
page read and write
|
||
|
A0B2000
|
direct allocation
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
A2D2000
|
direct allocation
|
page read and write
|
||
|
19B2000
|
direct allocation
|
page read and write
|
||
|
4D0D000
|
stack
|
page read and write
|
||
|
3309000
|
heap
|
page read and write
|
||
|
32BF000
|
heap
|
page read and write
|
||
|
A08E000
|
direct allocation
|
page read and write
|
||
|
4F10000
|
remote allocation
|
page read and write
|
||
|
A0B8000
|
direct allocation
|
page read and write
|
||
|
13CE000
|
unkown
|
page readonly
|
||
|
A3F000
|
stack
|
page read and write
|
||
|
A180000
|
direct allocation
|
page read and write
|
||
|
A0B4000
|
direct allocation
|
page read and write
|
||
|
A132000
|
direct allocation
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
A2B2000
|
direct allocation
|
page read and write
|
||
|
328D000
|
heap
|
page read and write
|
||
|
A502000
|
direct allocation
|
page read and write
|
||
|
1899000
|
unkown
|
page read and write
|
||
|
A10A000
|
direct allocation
|
page read and write
|
||
|
13CE000
|
unkown
|
page readonly
|
||
|
312E000
|
stack
|
page read and write
|
||
|
327C000
|
heap
|
page read and write
|
||
|
1971000
|
direct allocation
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
A0BA000
|
direct allocation
|
page read and write
|
||
|
A2C2000
|
direct allocation
|
page read and write
|
||
|
A13E000
|
direct allocation
|
page read and write
|
||
|
539E000
|
stack
|
page read and write
|
||
|
A3AC000
|
direct allocation
|
page read and write
|
||
|
327C000
|
heap
|
page read and write
|
||
|
E9D000
|
stack
|
page read and write
|
||
|
A40000
|
direct allocation
|
page read and write
|
||
|
63C000
|
stack
|
page read and write
|
||
|
AFD000
|
stack
|
page read and write
|
||
|
F01000
|
unkown
|
page execute read
|
||
|
A0F6000
|
direct allocation
|
page read and write
|
||
|
A086000
|
direct allocation
|
page read and write
|
||
|
A136000
|
direct allocation
|
page read and write
|
||
|
1959000
|
unkown
|
page readonly
|
||
|
191B000
|
unkown
|
page write copy
|
||
|
A030000
|
direct allocation
|
page read and write
|
||
|
B12000
|
heap
|
page read and write
|
||
|
3287000
|
heap
|
page read and write
|
||
|
2A0FF000
|
stack
|
page read and write
|
||
|
1897000
|
unkown
|
page write copy
|
||
|
A402000
|
direct allocation
|
page read and write
|
||
|
3140000
|
heap
|
page read and write
|
||
|
A14A000
|
direct allocation
|
page read and write
|
||
|
190A000
|
unkown
|
page read and write
|
||
|
A012000
|
direct allocation
|
page read and write
|
||
|
A0EA000
|
direct allocation
|
page read and write
|
||
|
A08C000
|
direct allocation
|
page read and write
|
||
|
A016000
|
direct allocation
|
page read and write
|
||
|
A02E000
|
direct allocation
|
page read and write
|
||
|
A356000
|
direct allocation
|
page read and write
|
||
|
A13C000
|
direct allocation
|
page read and write
|
||
|
3288000
|
heap
|
page read and write
|
||
|
A09A000
|
direct allocation
|
page read and write
|
||
|
A2B0000
|
direct allocation
|
page read and write
|
||
|
2A3FF000
|
stack
|
page read and write
|
||
|
A0D2000
|
direct allocation
|
page read and write
|
||
|
A154000
|
direct allocation
|
page read and write
|
||
|
328D000
|
heap
|
page read and write
|
||
|
A2D8000
|
direct allocation
|
page read and write
|
||
|
197A000
|
direct allocation
|
page read and write
|
||
|
3010000
|
heap
|
page read and write
|
||
|
1974000
|
direct allocation
|
page read and write
|
||
|
1990000
|
direct allocation
|
page read and write
|
||
|
A0F2000
|
direct allocation
|
page read and write
|
||
|
32BF000
|
heap
|
page read and write
|
||
|
B08000
|
heap
|
page read and write
|
||
|
A130000
|
direct allocation
|
page read and write
|
||
|
A346000
|
direct allocation
|
page read and write
|
||
|
A0A2000
|
direct allocation
|
page read and write
|
||
|
A2CA000
|
direct allocation
|
page read and write
|
||
|
A09C000
|
direct allocation
|
page read and write
|
||
|
A00C000
|
direct allocation
|
page read and write
|
||
|
1959000
|
unkown
|
page readonly
|
||
|
AA0000
|
direct allocation
|
page read and write
|
||
|
E3D000
|
stack
|
page read and write
|
||
|
E40000
|
direct allocation
|
page read and write
|
||
|
A014000
|
direct allocation
|
page read and write
|
||
|
A114000
|
direct allocation
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
A01E000
|
direct allocation
|
page read and write
|
||
|
A04A000
|
direct allocation
|
page read and write
|
||
|
2A2FF000
|
stack
|
page read and write
|
||
|
2DAC000
|
stack
|
page read and write
|
||
|
A2BC000
|
direct allocation
|
page read and write
|
||
|
A458000
|
direct allocation
|
page read and write
|
||
|
2A40B000
|
direct allocation
|
page read and write
|
||
|
A3AC000
|
direct allocation
|
page read and write
|
||
|
1911000
|
unkown
|
page read and write
|
||
|
A090000
|
direct allocation
|
page read and write
|
||
|
3145000
|
heap
|
page read and write
|
||
|
4F0D000
|
stack
|
page read and write
|
||
|
191B000
|
unkown
|
page write copy
|
||
|
32A2000
|
heap
|
page read and write
|
||
|
A49000
|
direct allocation
|
page read and write
|
||
|
4B9E000
|
stack
|
page read and write
|
||
|
EE0000
|
heap
|
page read and write
|
||
|
A0E8000
|
direct allocation
|
page read and write
|
||
|
A09E000
|
direct allocation
|
page read and write
|
||
|
930000
|
heap
|
page read and write
|
||
|
A018000
|
direct allocation
|
page read and write
|
||
|
3316000
|
heap
|
page read and write
|
||
|
32A2000
|
heap
|
page read and write
|
||
|
191C000
|
unkown
|
page readonly
|
||
|
A14E000
|
direct allocation
|
page read and write
|
||
|
A256000
|
direct allocation
|
page read and write
|
||
|
A0E6000
|
direct allocation
|
page read and write
|
||
|
A028000
|
direct allocation
|
page read and write
|
||
|
A096000
|
direct allocation
|
page read and write
|
||
|
A100000
|
direct allocation
|
page read and write
|
||
|
A2AE000
|
direct allocation
|
page read and write
|
||
|
18EA000
|
unkown
|
page read and write
|
||
|
DFF000
|
stack
|
page read and write
|
||
|
A0BE000
|
direct allocation
|
page read and write
|
||
|
550F000
|
stack
|
page read and write
|
||
|
A0C4000
|
direct allocation
|
page read and write
|
||
|
A290000
|
direct allocation
|
page read and write
|
||
|
3288000
|
heap
|
page read and write
|
||
|
32A2000
|
heap
|
page read and write
|
||
|
A10E000
|
direct allocation
|
page read and write
|
||
|
A036000
|
direct allocation
|
page read and write
|
||
|
A088000
|
direct allocation
|
page read and write
|
||
|
A084000
|
direct allocation
|
page read and write
|
||
|
529D000
|
stack
|
page read and write
|
||
|
32BF000
|
heap
|
page read and write
|
||
|
A2C6000
|
direct allocation
|
page read and write
|
||
|
A0F0000
|
direct allocation
|
page read and write
|
||
|
A138000
|
direct allocation
|
page read and write
|
||
|
A2B8000
|
direct allocation
|
page read and write
|
||
|
A080000
|
direct allocation
|
page read and write
|
||
|
324F000
|
stack
|
page read and write
|
||
|
A12C000
|
direct allocation
|
page read and write
|
||
|
A156000
|
direct allocation
|
page read and write
|
||
|
935000
|
heap
|
page read and write
|
||
|
9FED000
|
stack
|
page read and write
|
||
|
A12E000
|
direct allocation
|
page read and write
|
||
|
3267000
|
heap
|
page read and write
|
||
|
A5AC000
|
direct allocation
|
page read and write
|
||
|
A01A000
|
direct allocation
|
page read and write
|
||
|
73D000
|
stack
|
page read and write
|
||
|
4F10000
|
remote allocation
|
page read and write
|
||
|
2A1FF000
|
stack
|
page read and write
|
||
|
A0AE000
|
direct allocation
|
page read and write
|
||
|
A356000
|
direct allocation
|
page read and write
|
||
|
F00000
|
unkown
|
page readonly
|
||
|
A0FA000
|
direct allocation
|
page read and write
|
||
|
A13A000
|
direct allocation
|
page read and write
|
||
|
E50000
|
heap
|
page read and write
|
||
|
32A5000
|
heap
|
page read and write
|
||
|
4E0F000
|
stack
|
page read and write
|
||
|
A152000
|
direct allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
A502000
|
direct allocation
|
page read and write
|
||
|
1892000
|
unkown
|
page write copy
|
||
|
191C000
|
unkown
|
page readonly
|
||
|
A0E0000
|
direct allocation
|
page read and write
|
||
|
32C9000
|
heap
|
page read and write
|
||
|
A098000
|
direct allocation
|
page read and write
|
||
|
A020000
|
direct allocation
|
page read and write
|
||
|
32D8000
|
heap
|
page read and write
|
||
|
A1C8000
|
direct allocation
|
page read and write
|
||
|
32C9000
|
heap
|
page read and write
|
||
|
A055000
|
direct allocation
|
page read and write
|
||
|
A2AC000
|
direct allocation
|
page read and write
|
||
|
A134000
|
direct allocation
|
page read and write
|
||
|
32A2000
|
heap
|
page read and write
|
||
|
A6B3000
|
direct allocation
|
page read and write
|
||
|
331C000
|
heap
|
page read and write
|
||
|
A2C4000
|
direct allocation
|
page read and write
|
||
|
A082000
|
direct allocation
|
page read and write
|
||
|
A6B3000
|
direct allocation
|
page read and write
|
||
|
A16C000
|
direct allocation
|
page read and write
|
||
|
3277000
|
heap
|
page read and write
|
||
|
8AE000
|
stack
|
page read and write
|
||
|
A0A4000
|
direct allocation
|
page read and write
|
||
|
A2C0000
|
direct allocation
|
page read and write
|
||
|
540E000
|
stack
|
page read and write
|
||
|
4B5D000
|
stack
|
page read and write
|
||
|
A0C0000
|
direct allocation
|
page read and write
|
||
|
18E1000
|
unkown
|
page write copy
|
||
|
A0A8000
|
direct allocation
|
page read and write
|
||
|
AB0000
|
direct allocation
|
page read and write
|
||
|
A006000
|
direct allocation
|
page read and write
|
||
|
A002000
|
direct allocation
|
page read and write
|
||
|
2A405000
|
direct allocation
|
page read and write
|
||
|
A2B4000
|
direct allocation
|
page read and write
|
||
|
18E2000
|
unkown
|
page read and write
|
||
|
A004000
|
direct allocation
|
page read and write
|
||
|
189A000
|
unkown
|
page write copy
|
||
|
A0C6000
|
direct allocation
|
page read and write
|
||
|
3260000
|
heap
|
page read and write
|
||
|
F00000
|
unkown
|
page readonly
|
||
|
18D5000
|
unkown
|
page read and write
|
||
|
A01C000
|
direct allocation
|
page read and write
|
There are 232 hidden memdumps, click here to show them.