Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\rundll32.exe
|
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6}
-Embedding
|
||
|
C:\Users\user\Desktop\FONDOS\FONDOS\bin\bin\DIMSA.Principal.exe
|
"C:\Users\user\Desktop\FONDOS\FONDOS\bin\bin\DIMSA.Principal.exe"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://tempuri.org/IBCTService/ConsultaPersonaResponse
|
unknown
|
||
|
http://tempuri.org/IBCTService/ConsultaSaldoClienteFondosT
|
unknown
|
||
|
http://tempuri.org/IBCTService/ServicioSGCDisponibleT
|
unknown
|
||
|
http://schemas.datacontract.org/2004/07/ServicioWebBCT
|
unknown
|
||
|
http://tempuri.org/IBCTService/ConsultaPersonaT
|
unknown
|
||
|
http://tempuri.org/IBCTService/EnvioAsientoT
|
unknown
|
||
|
http://tempuri.org/IBCTService/ConsultaEstadoCuentaCustodioResponse
|
unknown
|
||
|
http://tempuri.org/IBCTService/ConsultaInversionesResponse
|
unknown
|
||
|
http://tempuri.org/IBCTService/ConsultaTipoCambioResponse
|
unknown
|
||
|
http://1.8.5.61/ServicioWebBCT/BCTService.svc
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
http://tempuri.org/IBCTService/ConsultaMovimientosMonexT
|
unknown
|
||
|
http://tempuri.org/IBCTService/ConsultaRecomprasResponse
|
unknown
|
||
|
http://tempuri.org/IBCTService/ConsultaFondosPorClienteResponse
|
unknown
|
||
|
http://tempuri.org/IBCTService/SincronizaRecordKeeperT
|
unknown
|
||
|
http://tempuri.org/IBCTService/ObtieneEmisionesHoyT
|
unknown
|
||
|
http://tempuri.org/IBCTService/ConsultaMovimientosEfectivoResponse
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://tempuri.org/IBCTService/ConsultaCuentaResponse
|
unknown
|
||
|
http://tempuri.org/IBCTService/ObtieneEmisionesPorFechaResponse
|
unknown
|
||
|
http://tempuri.org/IBCTService/ProcesaSolLiquidacionResponsew
|
unknown
|
||
|
http://tempuri.org/IBCTService/ConsultaVencimientosT
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
http://tempuri.org/IBCTService/EnvioAsientoResponse
|
unknown
|
||
|
http://tempuri.org/IBCTService/RegistrarCambiarioResponse
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://tempuri.org/IBCTService/SolicitudMovimientoResponse
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://tempuri.org/IBCTService/ConsultaMovimientosMonexResponse
|
unknown
|
||
|
http://tempuri.org/IBCTService/ServicioBolsaDisponibleResponse
|
unknown
|
||
|
http://tempuri.org/IBCTService/ObtieneEmisionT
|
unknown
|
||
|
http://tempuri.org/IBCTService/ConsultaMovimientosEfectivoT
|
unknown
|
||
|
http://tempuri.org/IBCTService/EnvioEmailResponse
|
unknown
|
||
|
http://tempuri.org/IBCTService/SolicitudMovimientoT
|
unknown
|
||
|
http://tempuri.org/IBCTService/ConsultaFondosT
|
unknown
|
||
|
http://tempuri.org/IBCTService/ConsultaMargenesResponse
|
unknown
|
||
|
http://tempuri.org/IBCTService/ConsultaRecomprasT
|
unknown
|
||
|
http://tempuri.org/IBCTService/EnvioOCT
|
unknown
|
||
|
http://tempuri.org/IBCTService/ConsultaMovimientosValoresSalidasT
|
unknown
|
||
|
http://tempuri.org/IBCTService/ServicioDisponibleResponse
|
unknown
|
||
|
http://tempuri.org/IBCTService/ConsultaMonedaFondoT
|
unknown
|
||
|
http://tempuri.org/IBCTService/ActualizaClienteBursatilResponse
|
unknown
|
||
|
http://tempuri.org/IBCTService/EnvioEmailT
|
unknown
|
||
|
http://tempuri.org/IBCTService/ProcesaSolLiquidacionT
|
unknown
|
||
|
http://tempuri.org/IBCTService/ConsultaSaldoT
|
unknown
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://tempuri.org/IBCTService/SolicitudMovimientoV2T
|
unknown
|
||
|
http://tempuri.org/IBCTService/ObtieneCodigoCustodiaEnPuestoT
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-jones.html
|
unknown
|
||
|
http://tempuri.org/IBCTService/ConsultaEstadoCuentaPuestoT
|
unknown
|
||
|
http://tempuri.org/IBCTService/ConsultaMovimientosFondosResponse
|
unknown
|
||
|
http://tempuri.org/IBCTService/ConsultaDocumentoInversionResponse
|
unknown
|
||
|
http://tempuri.org/IBCTService/SincronizaRecordKeeperResponse
|
unknown
|
||
|
http://tempuri.org/IBCTService/ConsultaDocumentoInversionT
|
unknown
|
||
|
http://tempuri.org/IBCTService/ObtieneEmisionesHoyResponse
|
unknown
|
||
|
http://tempuri.org/IBCTService/BaseDatosSGCDisponibleResponse
|
unknown
|
||
|
http://tempuri.org/IBCTService/SolicitudMovimientoV2Response
|
unknown
|
||
|
http://tempuri.org/IBCTService/RegistrarComisionBursatilT
|
unknown
|
||
|
http://tempuri.org/IBCTService/ServicioBolsaDisponibleT
|
unknown
|
||
|
http://tempuri.org/IBCTService/ConsultaLiquidacionesT
|
unknown
|
||
|
http://tempuri.org/IBCTService/ServicioSAPDisponibleResponse
|
unknown
|
||
|
http://tempuri.org/IBCTService/ServicioPELgxDisponibleResponseq
|
unknown
|
||
|
http://tempuri.org/IBCTService/BaseDatosVALCUSTODIASDisponibleResponse
|
unknown
|
||
|
http://tempuri.org/IBCTService/ConsultaFondosPorCuentaT
|
unknown
|
||
|
http://tempuri.org/IBCTService/ConsultaSaldoResponse
|
unknown
|
||
|
http://tempuri.org/IBCTService/BaseDatosSGCDisponibleT
|
unknown
|
||
|
http://tempuri.org/IBCTService/ServicioDisponibleT
|
unknown
|
||
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
http://tempuri.org/IBCTService/ConsultaEstadoCuentaCustodioT
|
unknown
|
||
|
http://tempuri.org/IBCTService/ObtieneEjecutivoFondoResponse
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
http://tempuri.org/IBCTService/ConsultaFondosPorCuentaResponse
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
http://tempuri.org/IBCTService/BaseDatosVALCUSTODIASDisponibleT
|
unknown
|
||
|
http://tempuri.org/IBCTService/EnvioOCResponse
|
unknown
|
||
|
http://tempuri.org/IBCTService/ConsultaCuentaT
|
unknown
|
||
|
http://tempuri.org/IBCTService/ConsultaVencimientosResponse
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://tempuri.org/IBCTService/ServicioPELgxDisponibleT
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
http://fontfabrik.com
|
unknown
|
||
|
http://tempuri.org/IBCTService/ActualizaClienteBursatilT
|
unknown
|
||
|
http://tempuri.org/IBCTService/ProcesaSolInversionResponse
|
unknown
|
||
|
http://tempuri.org/IBCTService/RegistrarComisionBursatilResponse
|
unknown
|
||
|
http://tempuri.org/IBCTService/ObtieneEjecutivoFondoT
|
unknown
|
||
|
http://tempuri.org/IBCTService/ObtieneCodigoCustodiaEnPuestoResponse
|
unknown
|
||
|
http://tempuri.org/IBCTService/ConsultaFondosPorClienteT
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
||
|
http://tempuri.org/IBCTService/ConsultaMovimientosValoresSalidasResponse
|
unknown
|
||
|
http://tempuri.org/IBCTService/ConsultaLiquidacionesResponse
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
http://tempuri.org/IBCTService/ProcesaSolInversionT
|
unknown
|
||
|
http://tempuri.org/IBCTService/ConsultaMargenesT
|
unknown
|
There are 90 hidden URLs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
5FBE000
|
unkown
|
page readonly
|
||
|
8CF6000
|
trusted library allocation
|
page read and write
|
||
|
189E000
|
stack
|
page read and write
|
||
|
912B000
|
trusted library section
|
page read and write
|
||
|
16F6000
|
stack
|
page read and write
|
||
|
E10000
|
unkown
|
page readonly
|
||
|
1B02000
|
heap
|
page read and write
|
||
|
1F50000
|
heap
|
page read and write
|
||
|
8CC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6750000
|
trusted library allocation
|
page read and write
|
||
|
1992000
|
trusted library allocation
|
page read and write
|
||
|
237D40E0000
|
heap
|
page read and write
|
||
|
1850000
|
heap
|
page read and write
|
||
|
A372000
|
heap
|
page read and write
|
||
|
1F57000
|
heap
|
page read and write
|
||
|
5C8E000
|
stack
|
page read and write
|
||
|
20A6000
|
heap
|
page read and write
|
||
|
8BA0000
|
heap
|
page read and write
|
||
|
A360000
|
heap
|
page read and write
|
||
|
237D43C0000
|
heap
|
page read and write
|
||
|
610E000
|
stack
|
page read and write
|
||
|
8CD0000
|
unkown
|
page readonly
|
||
|
76CE000
|
heap
|
page read and write
|
||
|
6BC0000
|
unkown
|
page readonly
|
||
|
BCEF000
|
stack
|
page read and write
|
||
|
7026000
|
unkown
|
page readonly
|
||
|
BDEE000
|
stack
|
page read and write
|
||
|
5CCE000
|
stack
|
page read and write
|
||
|
197C000
|
trusted library allocation
|
page execute and read and write
|
||
|
A8B0000
|
heap
|
page read and write
|
||
|
5F3E000
|
unkown
|
page readonly
|
||
|
1950000
|
trusted library allocation
|
page read and write
|
||
|
9107000
|
trusted library section
|
page read and write
|
||
|
6AA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
13C8000
|
stack
|
page read and write
|
||
|
19AA000
|
trusted library allocation
|
page execute and read and write
|
||
|
A38A000
|
heap
|
page read and write
|
||
|
5E22000
|
trusted library allocation
|
page read and write
|
||
|
2090000
|
trusted library allocation
|
page execute and read and write
|
||
|
2074000
|
heap
|
page read and write
|
||
|
1A10000
|
trusted library allocation
|
page read and write
|
||
|
9092000
|
unkown
|
page readonly
|
||
|
A490000
|
unkown
|
page readonly
|
||
|
76C9000
|
heap
|
page read and write
|
||
|
1AB3000
|
heap
|
page read and write
|
||
|
19B7000
|
trusted library allocation
|
page execute and read and write
|
||
|
1D4E000
|
stack
|
page read and write
|
||
|
18DE000
|
stack
|
page read and write
|
||
|
3CFF000
|
trusted library allocation
|
page read and write
|
||
|
E12000
|
unkown
|
page readonly
|
||
|
1972000
|
trusted library allocation
|
page execute and read and write
|
||
|
9280000
|
trusted library allocation
|
page read and write
|
||
|
20A0000
|
heap
|
page read and write
|
||
|
A492000
|
unkown
|
page readonly
|
||
|
A7AD000
|
stack
|
page read and write
|
||
|
19A0000
|
trusted library allocation
|
page read and write
|
||
|
1980000
|
heap
|
page read and write
|
||
|
5DCE000
|
stack
|
page read and write
|
||
|
8FE0000
|
heap
|
page execute and read and write
|
||
|
8FD0000
|
heap
|
page read and write
|
||
|
5E30000
|
unkown
|
page readonly
|
||
|
3D31000
|
trusted library allocation
|
page read and write
|
||
|
6570000
|
unkown
|
page readonly
|
||
|
1A18000
|
trusted library allocation
|
page read and write
|
||
|
7670000
|
trusted library allocation
|
page read and write
|
||
|
6BC2000
|
unkown
|
page readonly
|
||
|
2070000
|
heap
|
page read and write
|
||
|
6760000
|
unkown
|
page readonly
|
||
|
7660000
|
trusted library allocation
|
page read and write
|
||
|
132E000
|
unkown
|
page readonly
|
||
|
76FF000
|
heap
|
page read and write
|
||
|
759D000
|
stack
|
page read and write
|
||
|
237D5B60000
|
heap
|
page read and write
|
||
|
735B5FE000
|
stack
|
page read and write
|
||
|
8CD2000
|
unkown
|
page readonly
|
||
|
1A5A000
|
heap
|
page read and write
|
||
|
A3BA000
|
heap
|
page read and write
|
||
|
1A20000
|
heap
|
page execute and read and write
|
||
|
5E2C000
|
trusted library allocation
|
page read and write
|
||
|
90D0000
|
trusted library allocation
|
page read and write
|
||
|
1B49000
|
heap
|
page read and write
|
||
|
76B0000
|
heap
|
page read and write
|
||
|
76D5000
|
heap
|
page read and write
|
||
|
6B70000
|
trusted library section
|
page readonly
|
||
|
203E000
|
stack
|
page read and write
|
||
|
A588000
|
unkown
|
page readonly
|
||
|
8CDE000
|
unkown
|
page readonly
|
||
|
1F4E000
|
stack
|
page read and write
|
||
|
19FE000
|
stack
|
page read and write
|
||
|
237D3FD0000
|
heap
|
page read and write
|
||
|
90F0000
|
trusted library allocation
|
page read and write
|
||
|
1AF6000
|
heap
|
page read and write
|
||
|
A98E000
|
stack
|
page read and write
|
||
|
1B30000
|
heap
|
page read and write
|
||
|
19B0000
|
trusted library allocation
|
page read and write
|
||
|
237D40E7000
|
heap
|
page read and write
|
||
|
BEEF000
|
stack
|
page read and write
|
||
|
1A50000
|
heap
|
page read and write
|
||
|
19BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
237D40B0000
|
heap
|
page read and write
|
||
|
1A8E000
|
heap
|
page read and write
|
||
|
2080000
|
trusted library allocation
|
page read and write
|
||
|
620E000
|
stack
|
page read and write
|
||
|
A8AE000
|
stack
|
page read and write
|
||
|
2068000
|
trusted library allocation
|
page read and write
|
||
|
6B6C000
|
stack
|
page read and write
|
||
|
87A0000
|
trusted library allocation
|
page read and write
|
||
|
90E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C4E000
|
stack
|
page read and write
|
||
|
735B4FF000
|
stack
|
page read and write
|
||
|
A8FE000
|
stack
|
page read and write
|
||
|
3B91000
|
trusted library allocation
|
page read and write
|
||
|
7620000
|
unkown
|
page readonly
|
||
|
763A000
|
unkown
|
page readonly
|
||
|
763C000
|
unkown
|
page readonly
|
||
|
2050000
|
trusted library allocation
|
page read and write
|
||
|
5FC0000
|
unkown
|
page readonly
|
||
|
19B5000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B91000
|
trusted library allocation
|
page read and write
|
||
|
1920000
|
heap
|
page read and write
|
||
|
6776000
|
unkown
|
page readonly
|
||
|
6BA0000
|
heap
|
page read and write
|
||
|
1962000
|
trusted library allocation
|
page execute and read and write
|
||
|
1A24000
|
heap
|
page execute and read and write
|
||
|
1B47000
|
heap
|
page read and write
|
||
|
1A15000
|
trusted library allocation
|
page read and write
|
||
|
7695000
|
heap
|
page read and write
|
||
|
6762000
|
unkown
|
page readonly
|
||
|
A94E000
|
stack
|
page read and write
|
||
|
196A000
|
trusted library allocation
|
page execute and read and write
|
||
|
19B2000
|
trusted library allocation
|
page read and write
|
||
|
1990000
|
trusted library allocation
|
page read and write
|
||
|
237D43C5000
|
heap
|
page read and write
|
||
|
9090000
|
unkown
|
page readonly
|
||
|
A480000
|
heap
|
page read and write
|
||
|
199A000
|
trusted library allocation
|
page execute and read and write
|
||
|
7690000
|
heap
|
page read and write
|
||
|
2040000
|
trusted library allocation
|
page read and write
|
||
|
910C000
|
trusted library section
|
page read and write
|
||
|
5E32000
|
unkown
|
page readonly
|
||
|
1A5E000
|
heap
|
page read and write
|
||
|
8CDC000
|
unkown
|
page readonly
|
||
|
7622000
|
unkown
|
page readonly
|
||
|
19A2000
|
trusted library allocation
|
page execute and read and write
|
||
|
63B0000
|
unkown
|
page readonly
|
||
|
3D46000
|
trusted library allocation
|
page read and write
|
||
|
1730000
|
heap
|
page read and write
|
||
|
9100000
|
trusted library section
|
page read and write
|
||
|
76A0000
|
heap
|
page read and write
|
||
|
1855000
|
heap
|
page read and write
|
||
|
1810000
|
heap
|
page read and write
|
||
|
735B57F000
|
stack
|
page read and write
|
||
|
5E11000
|
trusted library allocation
|
page read and write
|
||
|
87C2000
|
trusted library allocation
|
page read and write
|
||
|
8BC8000
|
heap
|
page read and write
|
||
|
8BAE000
|
heap
|
page read and write
|
||
|
8BCA000
|
heap
|
page read and write
|
||
|
735B47C000
|
stack
|
page read and write
|
||
|
63B2000
|
unkown
|
page readonly
|
||
|
197A000
|
trusted library allocation
|
page execute and read and write
|
||
|
7680000
|
trusted library allocation
|
page execute and read and write
|
||
|
237D41E0000
|
heap
|
page read and write
|
||
|
3C6B000
|
trusted library allocation
|
page read and write
|
||
|
3D70000
|
trusted library allocation
|
page read and write
|
||
|
A460000
|
unclassified section
|
page read and write
|
||
|
2094000
|
trusted library allocation
|
page execute and read and write
|
||
|
8CFB000
|
trusted library allocation
|
page read and write
|
||
|
1996000
|
trusted library allocation
|
page execute and read and write
|
||
|
6BB0000
|
heap
|
page read and write
|
There are 159 hidden memdumps, click here to show them.