Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\file.exe
|
"C:\Users\user\Desktop\file.exe"
|
 |
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://occupy-blushi.sbs/api
|
104.21.7.169
|
||
|
https://property-imper.sbs:443/apif
|
unknown
|
||
|
http://crl.micro
|
unknown
|
||
|
https://occupy-blushi.sbs:443/api
|
unknown
|
||
|
https://occupy-blushi.sbs/
|
unknown
|
||
|
https://occupy-blushi.sbs/5
|
unknown
|
||
|
https://property-imper.sbs/api
|
unknown
|
||
|
https://occupy-blushi.sbs/apiU=
|
unknown
|
||
|
https://occupy-blushi.sbs:443/apiO
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
occupy-blushi.sbs
|
104.21.7.169
|
||
|
property-imper.sbs
|
unknown
|
||
|
frogs-severz.sbs
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.21.7.169
|
occupy-blushi.sbs
|
United States
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
4DA0000
|
heap
|
page read and write
|
||
|
58A0000
|
remote allocation
|
page read and write
|
||
|
4EA0000
|
trusted library allocation
|
page read and write
|
||
|
53C0000
|
direct allocation
|
page execute and read and write
|
||
|
15C1000
|
heap
|
page read and write
|
||
|
14F0000
|
direct allocation
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
12FB000
|
stack
|
page read and write
|
||
|
14F0000
|
direct allocation
|
page read and write
|
||
|
4A1E000
|
stack
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
14F0000
|
direct allocation
|
page read and write
|
||
|
150A000
|
heap
|
page read and write
|
||
|
A30000
|
unkown
|
page read and write
|
||
|
15C9000
|
heap
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
53D0000
|
direct allocation
|
page execute and read and write
|
||
|
399F000
|
stack
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
A31000
|
unkown
|
page execute and read and write
|
||
|
4B1F000
|
stack
|
page read and write
|
||
|
A87000
|
unkown
|
page read and write
|
||
|
54FD000
|
stack
|
page read and write
|
||
|
55FE000
|
stack
|
page read and write
|
||
|
16FE000
|
stack
|
page read and write
|
||
|
14F0000
|
direct allocation
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
59EE000
|
stack
|
page read and write
|
||
|
5390000
|
direct allocation
|
page execute and read and write
|
||
|
A89000
|
unkown
|
page execute and read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
14F0000
|
direct allocation
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
461F000
|
stack
|
page read and write
|
||
|
14F0000
|
direct allocation
|
page read and write
|
||
|
5230000
|
direct allocation
|
page read and write
|
||
|
143E000
|
stack
|
page read and write
|
||
|
14F0000
|
direct allocation
|
page read and write
|
||
|
465E000
|
stack
|
page read and write
|
||
|
489F000
|
stack
|
page read and write
|
||
|
53A0000
|
direct allocation
|
page execute and read and write
|
||
|
4C5F000
|
stack
|
page read and write
|
||
|
53C0000
|
direct allocation
|
page execute and read and write
|
||
|
58A0000
|
remote allocation
|
page read and write
|
||
|
415E000
|
stack
|
page read and write
|
||
|
53CD000
|
stack
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
53C0000
|
direct allocation
|
page execute and read and write
|
||
|
CF9000
|
unkown
|
page execute and read and write
|
||
|
1552000
|
heap
|
page read and write
|
||
|
349F000
|
stack
|
page read and write
|
||
|
1539000
|
heap
|
page read and write
|
||
|
425F000
|
stack
|
page read and write
|
||
|
150E000
|
heap
|
page read and write
|
||
|
14EE000
|
stack
|
page read and write
|
||
|
14F0000
|
direct allocation
|
page read and write
|
||
|
4D9F000
|
stack
|
page read and write
|
||
|
311B000
|
stack
|
page read and write
|
||
|
3D5F000
|
stack
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
587F000
|
stack
|
page read and write
|
||
|
5230000
|
direct allocation
|
page read and write
|
||
|
389E000
|
stack
|
page read and write
|
||
|
411F000
|
stack
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
3ADF000
|
stack
|
page read and write
|
||
|
EE2000
|
unkown
|
page execute and read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
53C0000
|
direct allocation
|
page execute and read and write
|
||
|
1470000
|
heap
|
page read and write
|
||
|
15D3000
|
heap
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
339E000
|
stack
|
page read and write
|
||
|
1578000
|
heap
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
14F0000
|
direct allocation
|
page read and write
|
||
|
5A5E000
|
stack
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
5404000
|
trusted library allocation
|
page read and write
|
||
|
375E000
|
stack
|
page read and write
|
||
|
2F9E000
|
stack
|
page read and write
|
||
|
522E000
|
stack
|
page read and write
|
||
|
1475000
|
heap
|
page read and write
|
||
|
475F000
|
stack
|
page read and write
|
||
|
5B5F000
|
stack
|
page read and write
|
||
|
563E000
|
stack
|
page read and write
|
||
|
D3D000
|
unkown
|
page execute and write copy
|
||
|
49DF000
|
stack
|
page read and write
|
||
|
58ED000
|
stack
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
325E000
|
stack
|
page read and write
|
||
|
451E000
|
stack
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
3C5E000
|
stack
|
page read and write
|
||
|
14A7000
|
heap
|
page read and write
|
||
|
1500000
|
heap
|
page read and write
|
||
|
401E000
|
stack
|
page read and write
|
||
|
156B000
|
heap
|
page read and write
|
||
|
EE3000
|
unkown
|
page execute and write copy
|
||
|
14F0000
|
direct allocation
|
page read and write
|
||
|
3C1F000
|
stack
|
page read and write
|
||
|
15DC000
|
heap
|
page read and write
|
||
|
D25000
|
unkown
|
page execute and read and write
|
||
|
5BDE000
|
stack
|
page read and write
|
||
|
573F000
|
stack
|
page read and write
|
||
|
14F0000
|
direct allocation
|
page read and write
|
||
|
3EDE000
|
stack
|
page read and write
|
||
|
D2E000
|
unkown
|
page execute and read and write
|
||
|
15C9000
|
heap
|
page read and write
|
||
|
53C0000
|
direct allocation
|
page execute and read and write
|
||
|
43DE000
|
stack
|
page read and write
|
||
|
385F000
|
stack
|
page read and write
|
||
|
14F0000
|
direct allocation
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
1541000
|
heap
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
3D9E000
|
stack
|
page read and write
|
||
|
A31000
|
unkown
|
page execute and write copy
|
||
|
14F0000
|
direct allocation
|
page read and write
|
||
|
2FDE000
|
stack
|
page read and write
|
||
|
3E9F000
|
stack
|
page read and write
|
||
|
429E000
|
stack
|
page read and write
|
||
|
5230000
|
direct allocation
|
page read and write
|
||
|
34DE000
|
stack
|
page read and write
|
||
|
35DF000
|
stack
|
page read and write
|
||
|
335F000
|
stack
|
page read and write
|
||
|
537F000
|
stack
|
page read and write
|
||
|
D3C000
|
unkown
|
page execute and write copy
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
479E000
|
stack
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
371F000
|
stack
|
page read and write
|
||
|
15E2000
|
heap
|
page read and write
|
||
|
53B0000
|
direct allocation
|
page execute and read and write
|
||
|
321F000
|
stack
|
page read and write
|
||
|
A30000
|
unkown
|
page readonly
|
||
|
577D000
|
stack
|
page read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
3FDF000
|
stack
|
page read and write
|
||
|
439F000
|
stack
|
page read and write
|
||
|
14A0000
|
heap
|
page read and write
|
||
|
48DE000
|
stack
|
page read and write
|
||
|
4C9E000
|
stack
|
page read and write
|
||
|
53C0000
|
direct allocation
|
page execute and read and write
|
||
|
D3C000
|
unkown
|
page execute and read and write
|
||
|
15C3000
|
heap
|
page read and write
|
||
|
15DC000
|
heap
|
page read and write
|
||
|
5274000
|
direct allocation
|
page read and write
|
||
|
3B1E000
|
stack
|
page read and write
|
||
|
53E0000
|
direct allocation
|
page execute and read and write
|
||
|
527C000
|
stack
|
page read and write
|
||
|
A87000
|
unkown
|
page write copy
|
||
|
15E2000
|
heap
|
page read and write
|
||
|
53F0000
|
direct allocation
|
page execute and read and write
|
||
|
F8B000
|
stack
|
page read and write
|
||
|
44DF000
|
stack
|
page read and write
|
||
|
1547000
|
heap
|
page read and write
|
||
|
1460000
|
heap
|
page read and write
|
||
|
1544000
|
heap
|
page read and write
|
||
|
39DE000
|
stack
|
page read and write
|
||
|
5B90000
|
heap
|
page read and write
|
||
|
EE2000
|
unkown
|
page execute and write copy
|
||
|
361E000
|
stack
|
page read and write
|
||
|
14F0000
|
direct allocation
|
page read and write
|
||
|
15DA000
|
heap
|
page read and write
|
||
|
5230000
|
direct allocation
|
page read and write
|
||
|
30DF000
|
stack
|
page read and write
|
||
|
A75000
|
unkown
|
page execute and read and write
|
||
|
C1A000
|
unkown
|
page execute and read and write
|
||
|
4B5E000
|
stack
|
page read and write
|
||
|
58A0000
|
remote allocation
|
page read and write
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
5CDF000
|
stack
|
page read and write
|
||
|
14AD000
|
heap
|
page read and write
|
There are 168 hidden memdumps, click here to show them.