Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\file.exe
|
"C:\Users\user\Desktop\file.exe"
|
 |
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://downloads.reneelab.com/passnow/passnow_cnhttps://downloads.reneelab.com.cn/passnow/passnow_x
|
unknown
|
||
|
http://www.reneelab.es/product-land-280.htmlhttp://support.reneelab.com/anonymous_requests/newstore/
|
unknown
|
||
|
https://www.reneelab.comwww.reneelab.comhttp://https://0
|
unknown
|
||
|
http://bug.reneelab.com/psw_report.phpLicenseCodePSW_RENEELB_WINx86_20201003User
|
unknown
|
||
|
http://www.reneelab.kr/
|
unknown
|
||
|
http://support.reneelab.com/anonymous_requests/newstore/buy-renee-passnowentrare-nel-bios.htmlItalia
|
unknown
|
||
|
http://www.reneelab.jp/
|
unknown
|
||
|
http://support.reneelab.com/anonymous_requests/new
|
unknown
|
||
|
http://www.reneelab.fr/
|
unknown
|
||
|
https://downloads.reneelab.com.cn/download_api.php
|
unknown
|
||
|
http://www.reneelab.it/
|
unknown
|
||
|
http://isecure.reneelab.com.cn/webapi.php?code=
|
unknown
|
||
|
http://www.winimage.com/zLibDll1.2.6
|
unknown
|
||
|
https://downloads.reneelab.com/passnow/passnow_
|
unknown
|
||
|
http://www.reneelab.net/
|
unknown
|
||
|
http://www.reneelab.net//reset-windows-password.htmlhttp://support.reneelab.com/anonymous_requests/n
|
unknown
|
||
|
http://www.reneelab.biz/
|
unknown
|
||
|
https://downloads.reneelab.com/download_api.php
|
unknown
|
||
|
http://bug.reneelab.com
|
unknown
|
||
|
http://www.reneelab.cc/
|
unknown
|
||
|
http://www.reneelab.com.cn/product-land-286.htmlhttp://support.reneelab.com/anonymous_requests/newst
|
unknown
|
||
|
http://www.reneelab.it/reimpostare-passwordi-di-windows-login.html
|
unknown
|
||
|
http://www.reneelab.ru/
|
unknown
|
||
|
http://isecure.reneelab.com.cn/webapi.php?code=http://isecure-a.reneelab.com/webapi.php?code=http://
|
unknown
|
||
|
http://www.reneelab.de/
|
unknown
|
||
|
http://b.chenall.net/menu.lst
|
unknown
|
||
|
http://isecure-a.reneelab.com/webapi.php?code=
|
unknown
|
||
|
http://grub4dos.chenall.net/e/%u)
|
unknown
|
||
|
https://downloads.reneelab.com/download_api.phphttps://downloads.reneelab.com.cn/download_api.php?ac
|
unknown
|
||
|
http://www.reneelab.es/
|
unknown
|
||
|
http://www.winimage.com/zLibDll
|
unknown
|
||
|
http://www.reneelab.com/
|
unknown
|
||
|
http://isecure.reneelab.com/webapi.php?code=
|
unknown
|
||
|
http://www.reneelab.de/product-land-237.htmlhttp://support.reneelab.com/anonymous_requests/newstore/
|
unknown
|
||
|
http://www.reneelab.jp/product-land-286.htmlhttp://support.reneelab.com/anonymous_requests/newstore/
|
unknown
|
||
|
http://www.trialpay.com/productpage/?c=3016dc6&tid=6rpipbo
|
unknown
|
||
|
https://downloads.reneelab.com.cn/passnow/passnow_
|
unknown
|
||
|
https://www.reneelab.com
|
unknown
|
||
|
http://www.reneelab.biz/redefinir-senha-de-admin-logon-windows.htmlhttp://support.reneelab.com/anony
|
unknown
|
||
|
http://www.reneelab.com/product-land-188.htmlhttp://support.reneelab.com/anonymous_requests/newstore
|
unknown
|
||
|
http://www.reneelab.com.cn/
|
unknown
|
||
|
http://www.reneelab.pl/
|
unknown
|
||
|
http://www.reneelab.pl/product-land-280.htmlhttp://support.reneelab.com/anonymous_requests/newpurcha
|
unknown
|
There are 33 hidden URLs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
6FC000
|
stack
|
page read and write
|
||
|
9FA000
|
heap
|
page read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
1124000
|
unkown
|
page read and write
|
||
|
1123000
|
unkown
|
page write copy
|
||
|
87E000
|
stack
|
page read and write
|
||
|
3FD000
|
stack
|
page read and write
|
||
|
1128000
|
unkown
|
page readonly
|
||
|
B21000
|
unkown
|
page execute read
|
||
|
B21000
|
unkown
|
page execute read
|
||
|
1128000
|
unkown
|
page readonly
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
BA6000
|
unkown
|
page readonly
|
||
|
1125000
|
unkown
|
page write copy
|
||
|
9DF000
|
stack
|
page read and write
|
||
|
9FE000
|
heap
|
page read and write
|
||
|
1123000
|
unkown
|
page write copy
|
||
|
B20000
|
unkown
|
page readonly
|
||
|
BA4000
|
unkown
|
page read and write
|
||
|
BA4000
|
unkown
|
page readonly
|
||
|
129D000
|
stack
|
page read and write
|
||
|
139E000
|
stack
|
page read and write
|
||
|
8BE000
|
stack
|
page read and write
|
||
|
B20000
|
unkown
|
page readonly
|
||
|
125E000
|
stack
|
page read and write
|
There are 17 hidden memdumps, click here to show them.