Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
nteste.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\Desktop\CamScanner 23-10-2024 19.12.pdf
|
PDF document, version 1.7, 1 pages
|
dropped
|
|
|
|
C:\Users\user\Desktop\CamScanner 23-10-2024 19.13.pdf
|
PDF document, version 1.7, 5 pages
|
dropped
|
||
|
C:\Users\user\Desktop\doc08192220241029173958.pdf
|
PDF document, version 1.4, 1 pages
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\nteste.exe
|
"C:\Users\user\Desktop\nteste.exe"
|
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
s-part-0017.t-0009.t-msedge.net
|
13.107.246.45
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2A02000
|
heap
|
page read and write
|
||
|
4C00000
|
heap
|
page read and write
|
||
|
606000
|
heap
|
page read and write
|
||
|
21E0000
|
heap
|
page read and write
|
||
|
21D0000
|
heap
|
page read and write
|
||
|
4AC0000
|
heap
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
||
|
289E000
|
stack
|
page read and write
|
||
|
4A81000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
271F000
|
stack
|
page read and write
|
||
|
432000
|
unkown
|
page read and write
|
||
|
60A000
|
heap
|
page read and write
|
||
|
606000
|
heap
|
page read and write
|
||
|
2140000
|
heap
|
page read and write
|
||
|
607000
|
heap
|
page read and write
|
||
|
438000
|
unkown
|
page readonly
|
||
|
98000
|
stack
|
page read and write
|
||
|
4B80000
|
heap
|
page read and write
|
||
|
432000
|
unkown
|
page write copy
|
||
|
2080000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
28B0000
|
heap
|
page read and write
|
||
|
7CF000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
29C0000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2A42000
|
heap
|
page read and write
|
||
|
212E000
|
stack
|
page read and write
|
||
|
61C000
|
heap
|
page read and write
|
||
|
2143000
|
heap
|
page read and write
|
||
|
601000
|
heap
|
page read and write
|
||
|
4B01000
|
heap
|
page read and write
|
||
|
4C80000
|
direct allocation
|
page read and write
|
||
|
5DE000
|
heap
|
page read and write
|
||
|
8CF000
|
stack
|
page read and write
|
||
|
29BF000
|
stack
|
page read and write
|
||
|
61F000
|
heap
|
page read and write
|
||
|
1F5000
|
heap
|
page read and write
|
||
|
61F000
|
heap
|
page read and write
|
||
|
3D80000
|
trusted library allocation
|
page read and write
|
||
|
20A0000
|
heap
|
page read and write
|
||
|
20A5000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page readonly
|
||
|
61B000
|
heap
|
page read and write
|
||
|
4B00000
|
heap
|
page read and write
|
||
|
2090000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
438000
|
unkown
|
page readonly
|
||
|
29C3000
|
heap
|
page read and write
|
||
|
5DA000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page readonly
|
||
|
4A82000
|
heap
|
page read and write
|
||
|
4A80000
|
heap
|
page read and write
|
||
|
2A82000
|
heap
|
page read and write
|
||
|
5AE000
|
stack
|
page read and write
|
||
|
20AD000
|
heap
|
page read and write
|
||
|
4B40000
|
heap
|
page read and write
|
||
|
20AA000
|
heap
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
5FD000
|
heap
|
page read and write
|
||
|
601000
|
heap
|
page read and write
|
||
|
56E000
|
stack
|
page read and write
|
||
|
60C000
|
heap
|
page read and write
|
||
|
2A43000
|
heap
|
page read and write
|
There are 57 hidden memdumps, click here to show them.