Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\h2TTyq9R7h.exe
|
"C:\Users\user\Desktop\h2TTyq9R7h.exe"
|
 |
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
213.21.220.222:8080
|
|
||
|
http://tempuri.org/Contract/MSValue1LReqHa
|
unknown
|
||
|
https://api.ip.sb/ip
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/SequenceAcknowledgement
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous
|
unknown
|
||
|
http://tempuri.org/Contract/MSValue2LReqdj
|
unknown
|
||
|
http://ocsp.thawte.com0
|
unknown
|
||
|
http://tempuri.org/Contract/MSValue1LReqx
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
||
|
http://tempuri.org/Contract/MSValue1LReq
|
unknown
|
||
|
http://tempuri.org/Contract/MSValue2Response
|
unknown
|
||
|
http://tempuri.org/
|
unknown
|
||
|
http://tempuri.org/Contract/MSValue3Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/AckRequested
|
unknown
|
||
|
http://tempuri.org/Contract/MSValue3LReqF
|
unknown
|
||
|
http://tempuri.org/Contract/MSValue2LReq
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/CreateSequenceResponse
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/08/addressing
|
unknown
|
||
|
http://crl.thawte.com/ThawteTimestampingCA.crl0
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/08/addressing/fault
|
unknown
|
||
|
http://tempuri.org/Contract/MSValue2LReq(
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/TerminateSequence
|
unknown
|
||
|
http://tempuri.org/Contract/MSValue3LReq
|
unknown
|
||
|
http://tempuri.org/Contract/
|
unknown
|
||
|
http://tempuri.org/Contract/MSValue1Response
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/LastMessage
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/rm/CreateSequence
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/actor/next
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/dns
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/right/possessproperty
|
unknown
|
There are 21 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
213.21.220.222
|
unknown
|
Latvia
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
6C2B000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
8B1000
|
unkown
|
page read and write
|
|
|
|
6D0E000
|
trusted library allocation
|
page read and write
|
||
|
3CE000
|
stack
|
page read and write
|
||
|
8DBE000
|
stack
|
page read and write
|
||
|
5001000
|
heap
|
page read and write
|
||
|
70E000
|
unkown
|
page execute read
|
||
|
B8B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
30C000
|
stack
|
page read and write
|
||
|
8AC000
|
unkown
|
page read and write
|
||
|
4D80000
|
trusted library allocation
|
page read and write
|
||
|
B980000
|
trusted library allocation
|
page read and write
|
||
|
9160000
|
heap
|
page execute and read and write
|
||
|
B826000
|
trusted library allocation
|
page read and write
|
||
|
91CB000
|
trusted library allocation
|
page read and write
|
||
|
91E3000
|
heap
|
page read and write
|
||
|
4FF6000
|
heap
|
page read and write
|
||
|
B88D000
|
trusted library allocation
|
page read and write
|
||
|
4DA3000
|
trusted library allocation
|
page read and write
|
||
|
BB4E000
|
stack
|
page read and write
|
||
|
C5F000
|
stack
|
page read and write
|
||
|
8A5000
|
unkown
|
page write copy
|
||
|
9232000
|
heap
|
page read and write
|
||
|
4F10000
|
trusted library allocation
|
page read and write
|
||
|
340000
|
heap
|
page read and write
|
||
|
69C0000
|
heap
|
page execute and read and write
|
||
|
4EA5000
|
trusted library allocation
|
page execute and read and write
|
||
|
C3CE000
|
stack
|
page read and write
|
||
|
9126000
|
trusted library allocation
|
page read and write
|
||
|
4DB2000
|
trusted library allocation
|
page read and write
|
||
|
910B000
|
trusted library allocation
|
page read and write
|
||
|
B970000
|
trusted library allocation
|
page execute and read and write
|
||
|
9100000
|
trusted library allocation
|
page read and write
|
||
|
4F4A000
|
heap
|
page read and write
|
||
|
91F0000
|
heap
|
page read and write
|
||
|
8B1000
|
unkown
|
page write copy
|
||
|
912D000
|
trusted library allocation
|
page read and write
|
||
|
9150000
|
trusted library allocation
|
page read and write
|
||
|
B9D0000
|
trusted library allocation
|
page read and write
|
||
|
91A000
|
unkown
|
page readonly
|
||
|
263D000
|
stack
|
page read and write
|
||
|
911E000
|
trusted library allocation
|
page read and write
|
||
|
5350000
|
trusted library allocation
|
page read and write
|
||
|
BB8E000
|
stack
|
page read and write
|
||
|
5340000
|
trusted library allocation
|
page read and write
|
||
|
7D3000
|
unkown
|
page execute read
|
||
|
500C000
|
heap
|
page read and write
|
||
|
B871000
|
trusted library allocation
|
page read and write
|
||
|
4EA7000
|
trusted library allocation
|
page execute and read and write
|
||
|
B810000
|
trusted library allocation
|
page read and write
|
||
|
B860000
|
trusted library allocation
|
page read and write
|
||
|
910E000
|
trusted library allocation
|
page read and write
|
||
|
B841000
|
trusted library allocation
|
page read and write
|
||
|
4FC2000
|
heap
|
page read and write
|
||
|
B8A1000
|
trusted library allocation
|
page read and write
|
||
|
4D90000
|
trusted library allocation
|
page read and write
|
||
|
4EF0000
|
trusted library allocation
|
page read and write
|
||
|
91E0000
|
heap
|
page read and write
|
||
|
729000
|
unkown
|
page execute read
|
||
|
515E000
|
stack
|
page read and write
|
||
|
B990000
|
trusted library allocation
|
page read and write
|
||
|
91B0000
|
trusted library allocation
|
page read and write
|
||
|
91C0000
|
trusted library allocation
|
page read and write
|
||
|
91B2000
|
trusted library allocation
|
page read and write
|
||
|
C2CE000
|
stack
|
page read and write
|
||
|
49E0000
|
heap
|
page read and write
|
||
|
4D94000
|
trusted library allocation
|
page read and write
|
||
|
4ED0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5348000
|
trusted library allocation
|
page read and write
|
||
|
4EA2000
|
trusted library allocation
|
page read and write
|
||
|
B81B000
|
trusted library allocation
|
page read and write
|
||
|
4D9D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6FC000
|
stack
|
page read and write
|
||
|
4DC0000
|
heap
|
page read and write
|
||
|
9104000
|
trusted library allocation
|
page read and write
|
||
|
91A000
|
unkown
|
page readonly
|
||
|
729000
|
unkown
|
page execute read
|
||
|
6D3F000
|
trusted library allocation
|
page read and write
|
||
|
91C5000
|
trusted library allocation
|
page read and write
|
||
|
6B1E000
|
stack
|
page read and write
|
||
|
B920000
|
trusted library allocation
|
page read and write
|
||
|
6DA2000
|
trusted library allocation
|
page read and write
|
||
|
700000
|
unkown
|
page readonly
|
||
|
8AA000
|
unkown
|
page write copy
|
||
|
69E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
69D0000
|
trusted library allocation
|
page read and write
|
||
|
380000
|
heap
|
page read and write
|
||
|
4FDA000
|
heap
|
page read and write
|
||
|
5360000
|
heap
|
page read and write
|
||
|
4F20000
|
heap
|
page read and write
|
||
|
BBCE000
|
stack
|
page read and write
|
||
|
2660000
|
heap
|
page read and write
|
||
|
5007000
|
heap
|
page read and write
|
||
|
4EAB000
|
trusted library allocation
|
page execute and read and write
|
||
|
B9C0000
|
trusted library allocation
|
page read and write
|
||
|
7C21000
|
trusted library allocation
|
page read and write
|
||
|
FF0B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
B910000
|
trusted library allocation
|
page execute and read and write
|
||
|
990000
|
heap
|
page read and write
|
||
|
4FD0000
|
heap
|
page read and write
|
||
|
96E000
|
stack
|
page read and write
|
||
|
B880000
|
trusted library allocation
|
page read and write
|
||
|
4FCC000
|
heap
|
page read and write
|
||
|
9106000
|
trusted library allocation
|
page read and write
|
||
|
4EF2000
|
trusted library allocation
|
page read and write
|
||
|
4EE0000
|
heap
|
page execute and read and write
|
||
|
5355000
|
trusted library allocation
|
page read and write
|
||
|
4DC5000
|
heap
|
page read and write
|
||
|
B9A0000
|
trusted library allocation
|
page read and write
|
||
|
6A00000
|
trusted library allocation
|
page read and write
|
||
|
49D0000
|
heap
|
page readonly
|
||
|
91D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D93000
|
trusted library allocation
|
page execute and read and write
|
||
|
89A000
|
unkown
|
page readonly
|
||
|
6C21000
|
trusted library allocation
|
page read and write
|
||
|
B832000
|
trusted library allocation
|
page read and write
|
||
|
B9B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6A10000
|
heap
|
page read and write
|
||
|
70E000
|
unkown
|
page execute read
|
||
|
999000
|
heap
|
page read and write
|
||
|
8C28000
|
trusted library allocation
|
page read and write
|
||
|
B850000
|
trusted library allocation
|
page read and write
|
||
|
701000
|
unkown
|
page execute read
|
||
|
99E000
|
heap
|
page read and write
|
||
|
4DB0000
|
trusted library allocation
|
page read and write
|
||
|
701000
|
unkown
|
page execute read
|
||
|
69BE000
|
stack
|
page read and write
|
||
|
8425000
|
trusted library allocation
|
page read and write
|
||
|
6CD1000
|
trusted library allocation
|
page read and write
|
||
|
4CF7000
|
stack
|
page read and write
|
||
|
4FCE000
|
heap
|
page read and write
|
||
|
91A0000
|
heap
|
page read and write
|
||
|
4DAD000
|
trusted library allocation
|
page execute and read and write
|
||
|
49C0000
|
heap
|
page read and write
|
||
|
9121000
|
trusted library allocation
|
page read and write
|
||
|
534C000
|
trusted library allocation
|
page read and write
|
||
|
8A9000
|
unkown
|
page read and write
|
||
|
8A6000
|
unkown
|
page read and write
|
||
|
B900000
|
trusted library allocation
|
page read and write
|
||
|
89A000
|
unkown
|
page readonly
|
||
|
4EC0000
|
trusted library allocation
|
page read and write
|
||
|
8A7000
|
unkown
|
page write copy
|
||
|
C4CE000
|
stack
|
page read and write
|
||
|
B83E000
|
trusted library allocation
|
page read and write
|
||
|
7DA000
|
unkown
|
page readonly
|
||
|
4D50000
|
heap
|
page read and write
|
||
|
253B000
|
stack
|
page read and write
|
||
|
8AF000
|
unkown
|
page readonly
|
||
|
9112000
|
trusted library allocation
|
page read and write
|
||
|
4F00000
|
trusted library allocation
|
page read and write
|
||
|
4959000
|
stack
|
page read and write
|
||
|
B890000
|
heap
|
page read and write
|
||
|
7DA000
|
unkown
|
page readonly
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
B887000
|
trusted library allocation
|
page read and write
|
||
|
911A000
|
trusted library allocation
|
page read and write
|
||
|
7D3000
|
unkown
|
page execute read
|
||
|
5160000
|
heap
|
page read and write
|
||
|
4EA0000
|
trusted library allocation
|
page read and write
|
||
|
91C8000
|
trusted library allocation
|
page read and write
|
||
|
24FF000
|
stack
|
page read and write
|
||
|
370000
|
heap
|
page read and write
|
||
|
6D70000
|
trusted library allocation
|
page read and write
|
||
|
4DBA000
|
trusted library allocation
|
page execute and read and write
|
||
|
B84A000
|
trusted library allocation
|
page read and write
|
||
|
B8C0000
|
trusted library allocation
|
page read and write
|
||
|
B8F0000
|
trusted library allocation
|
page read and write
|
||
|
B821000
|
trusted library allocation
|
page read and write
|
||
|
8AF000
|
unkown
|
page readonly
|
||
|
4F56000
|
heap
|
page read and write
|
||
|
700000
|
unkown
|
page readonly
|
||
|
4DB6000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F28000
|
heap
|
page read and write
|
||
|
8A5000
|
unkown
|
page write copy
|
There are 165 hidden memdumps, click here to show them.