Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\17305370457af8060c5c3c6d7e83c17b8f6083a3c41c5dd21323a637c4bf05d8d8bd79484b331.dat-decoded.exe
|
"C:\Users\user\Desktop\17305370457af8060c5c3c6d7e83c17b8f6083a3c41c5dd21323a637c4bf05d8d8bd79484b331.dat-decoded.exe"
|
 |
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
upe2023.duckdns.org
|
24.152.38.77
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
24.152.38.77
|
upe2023.duckdns.org
|
unknown
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\6a2634340fbf8a0a2c038c6263d49fd1
|
[kl]
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
12000
|
unkown
|
page readonly
|
|
|
|
2748000
|
trusted library allocation
|
page read and write
|
|
|
|
23B9000
|
trusted library allocation
|
page read and write
|
||
|
5850000
|
heap
|
page read and write
|
||
|
4A30000
|
trusted library allocation
|
page execute and read and write
|
||
|
57A000
|
heap
|
page read and write
|
||
|
7F610000
|
trusted library allocation
|
page execute and read and write
|
||
|
4A50000
|
trusted library allocation
|
page read and write
|
||
|
4E5F000
|
stack
|
page read and write
|
||
|
237E000
|
trusted library allocation
|
page read and write
|
||
|
1A7000
|
stack
|
page read and write
|
||
|
24CD000
|
trusted library allocation
|
page read and write
|
||
|
593000
|
heap
|
page read and write
|
||
|
274B000
|
trusted library allocation
|
page read and write
|
||
|
4F0000
|
trusted library allocation
|
page read and write
|
||
|
4A6000
|
heap
|
page read and write
|
||
|
500000
|
trusted library allocation
|
page read and write
|
||
|
4C50000
|
heap
|
page execute and read and write
|
||
|
633000
|
heap
|
page read and write
|
||
|
50D000
|
trusted library allocation
|
page execute and read and write
|
||
|
537000
|
trusted library allocation
|
page execute and read and write
|
||
|
513000
|
trusted library allocation
|
page read and write
|
||
|
5840000
|
heap
|
page read and write
|
||
|
239D000
|
trusted library allocation
|
page read and write
|
||
|
611000
|
heap
|
page read and write
|
||
|
4A40000
|
heap
|
page read and write
|
||
|
237B000
|
trusted library allocation
|
page read and write
|
||
|
2370000
|
trusted library allocation
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
2400000
|
trusted library allocation
|
page read and write
|
||
|
23E0000
|
trusted library allocation
|
page read and write
|
||
|
23D0000
|
trusted library allocation
|
page read and write
|
||
|
5866000
|
heap
|
page read and write
|
||
|
10000
|
unkown
|
page readonly
|
||
|
55E000
|
heap
|
page read and write
|
||
|
64D000
|
heap
|
page read and write
|
||
|
46E000
|
stack
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
53B000
|
trusted library allocation
|
page execute and read and write
|
||
|
55B000
|
heap
|
page read and write
|
||
|
510000
|
trusted library allocation
|
page read and write
|
||
|
52A000
|
trusted library allocation
|
page execute and read and write
|
||
|
A9000
|
stack
|
page read and write
|
||
|
2431000
|
trusted library allocation
|
page read and write
|
||
|
420000
|
heap
|
page read and write
|
||
|
452E000
|
stack
|
page read and write
|
||
|
410000
|
heap
|
page read and write
|
||
|
49EE000
|
stack
|
page read and write
|
||
|
2374000
|
trusted library allocation
|
page read and write
|
||
|
820000
|
trusted library allocation
|
page read and write
|
||
|
24CF000
|
trusted library allocation
|
page read and write
|
||
|
2340000
|
trusted library allocation
|
page read and write
|
||
|
2410000
|
trusted library allocation
|
page read and write
|
||
|
4C40000
|
heap
|
page read and write
|
||
|
5F9000
|
heap
|
page read and write
|
||
|
4B69000
|
stack
|
page read and write
|
||
|
238E000
|
trusted library allocation
|
page read and write
|
||
|
23A2000
|
trusted library allocation
|
page read and write
|
||
|
51D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2420000
|
heap
|
page read and write
|
||
|
2360000
|
trusted library allocation
|
page read and write
|
||
|
4D5A000
|
stack
|
page read and write
|
||
|
644000
|
heap
|
page read and write
|
||
|
8C8000
|
trusted library allocation
|
page read and write
|
||
|
2382000
|
trusted library allocation
|
page read and write
|
||
|
526000
|
trusted library allocation
|
page execute and read and write
|
||
|
550000
|
heap
|
page read and write
|
||
|
8AC000
|
stack
|
page read and write
|
||
|
532000
|
trusted library allocation
|
page read and write
|
||
|
48EC000
|
stack
|
page read and write
|
||
|
503000
|
trusted library allocation
|
page execute and read and write
|
||
|
86E000
|
stack
|
page read and write
|
||
|
23F7000
|
trusted library allocation
|
page read and write
|
||
|
4A60000
|
heap
|
page read and write
|
||
|
520000
|
trusted library allocation
|
page read and write
|
||
|
2396000
|
trusted library allocation
|
page read and write
|
||
|
980000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F5000
|
trusted library allocation
|
page read and write
|
||
|
48AC000
|
stack
|
page read and write
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
23F0000
|
trusted library allocation
|
page read and write
|
||
|
5EE000
|
heap
|
page read and write
|
||
|
990000
|
heap
|
page read and write
|
||
|
81E000
|
stack
|
page read and write
|
||
|
3431000
|
trusted library allocation
|
page read and write
|
||
|
8B0000
|
heap
|
page read and write
|
||
|
2376000
|
trusted library allocation
|
page read and write
|
||
|
4A63000
|
heap
|
page read and write
|
||
|
23B0000
|
trusted library allocation
|
page read and write
|
||
|
5FF000
|
heap
|
page read and write
|
||
|
504000
|
trusted library allocation
|
page read and write
|
||
|
585000
|
heap
|
page read and write
|
||
|
2391000
|
trusted library allocation
|
page read and write
|
||
|
233E000
|
stack
|
page read and write
|
||
|
23C0000
|
heap
|
page execute and read and write
|
||
|
5DA000
|
heap
|
page read and write
|
There are 86 hidden memdumps, click here to show them.