Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
dmwSettings.ex#.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\Desktop\error.log
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\dmwSettings.ex#.exe
|
"C:\Users\user\Desktop\dmwSettings.ex#.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://pki-crl.symauth.com/ca_7a5c3a0c73117406add19312bc1bc23f/LatestCRL.crl07
|
unknown
|
||
|
http://cv.iptc.org/newscodes/digitalsourcetype/compositeWithTrainedAlgorithmicMedia
|
unknown
|
||
|
http://www.indyproject.org/
|
unknown
|
||
|
http://pki-ocsp.symauth.com0
|
unknown
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3F0000
|
unkown
|
page read and write
|
||
|
3280000
|
direct allocation
|
page read and write
|
||
|
32E0000
|
direct allocation
|
page execute and read and write
|
||
|
4FB1000
|
direct allocation
|
page read and write
|
||
|
1785000
|
unkown
|
page execute and read and write
|
||
|
2D00000
|
direct allocation
|
page read and write
|
||
|
3293000
|
direct allocation
|
page read and write
|
||
|
5058000
|
direct allocation
|
page read and write
|
||
|
2D00000
|
direct allocation
|
page read and write
|
||
|
1B4D000
|
unkown
|
page execute and read and write
|
||
|
4FB8000
|
direct allocation
|
page read and write
|
||
|
1B97000
|
unkown
|
page execute and read and write
|
||
|
1D62000
|
unkown
|
page execute and read and write
|
||
|
5002000
|
direct allocation
|
page read and write
|
||
|
4FFB000
|
direct allocation
|
page read and write
|
||
|
2D00000
|
direct allocation
|
page read and write
|
||
|
4D0000
|
unkown
|
page readonly
|
||
|
4E6000
|
unkown
|
page readonly
|
||
|
15F3000
|
unkown
|
page execute and read and write
|
||
|
4FF0000
|
direct allocation
|
page read and write
|
||
|
1D5E000
|
unkown
|
page execute and read and write
|
||
|
544C000
|
stack
|
page read and write
|
||
|
1783000
|
unkown
|
page execute and read and write
|
||
|
19C1000
|
unkown
|
page execute and read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
19C7000
|
unkown
|
page execute and read and write
|
||
|
178B000
|
unkown
|
page execute and read and write
|
||
|
4FAC000
|
direct allocation
|
page read and write
|
||
|
1979000
|
unkown
|
page execute and read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
136D000
|
unkown
|
page readonly
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
136B000
|
unkown
|
page read and write
|
||
|
1771000
|
unkown
|
page execute and read and write
|
||
|
4FC0000
|
direct allocation
|
page read and write
|
||
|
428000
|
unkown
|
page readonly
|
||
|
1B9F000
|
unkown
|
page execute and read and write
|
||
|
4C5000
|
unkown
|
page readonly
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
4FA1000
|
direct allocation
|
page read and write
|
||
|
2057000
|
unkown
|
page execute read
|
||
|
2D00000
|
direct allocation
|
page read and write
|
||
|
32D0000
|
heap
|
page read and write
|
||
|
1D64000
|
unkown
|
page execute and read and write
|
||
|
1B62000
|
unkown
|
page execute and read and write
|
||
|
A1000
|
unkown
|
page execute read
|
||
|
5009000
|
direct allocation
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
15E3000
|
unkown
|
page execute and read and write
|
||
|
4F35000
|
direct allocation
|
page read and write
|
||
|
5150000
|
heap
|
page read and write
|
||
|
178D000
|
unkown
|
page execute and read and write
|
||
|
2D00000
|
direct allocation
|
page read and write
|
||
|
2907000
|
stack
|
page read and write
|
||
|
5005000
|
direct allocation
|
page read and write
|
||
|
50E2000
|
direct allocation
|
page read and write
|
||
|
4FA2000
|
direct allocation
|
page read and write
|
||
|
4E2000
|
unkown
|
page readonly
|
||
|
4AE1000
|
heap
|
page read and write
|
||
|
540F000
|
stack
|
page read and write
|
||
|
19E1000
|
unkown
|
page execute and read and write
|
||
|
13F6000
|
unkown
|
page execute and read and write
|
||
|
2D00000
|
direct allocation
|
page read and write
|
||
|
19C9000
|
unkown
|
page execute and read and write
|
||
|
19BB000
|
unkown
|
page execute and read and write
|
||
|
4AE1000
|
heap
|
page read and write
|
||
|
4F20000
|
direct allocation
|
page read and write
|
||
|
4AE0000
|
heap
|
page read and write
|
||
|
2D00000
|
direct allocation
|
page read and write
|
||
|
15BB000
|
unkown
|
page execute and read and write
|
||
|
29A0000
|
heap
|
page read and write
|
||
|
136B000
|
unkown
|
page write copy
|
||
|
1B4B000
|
unkown
|
page execute and read and write
|
||
|
4F20000
|
direct allocation
|
page read and write
|
||
|
426000
|
unkown
|
page readonly
|
||
|
15F1000
|
unkown
|
page execute and read and write
|
||
|
2D00000
|
direct allocation
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
1D58000
|
unkown
|
page execute and read and write
|
||
|
4AE1000
|
heap
|
page read and write
|
||
|
2057000
|
unkown
|
page execute read
|
||
|
4F92000
|
direct allocation
|
page read and write
|
||
|
15D1000
|
unkown
|
page execute and read and write
|
||
|
503C000
|
direct allocation
|
page read and write
|
||
|
15C3000
|
unkown
|
page execute and read and write
|
||
|
3283000
|
heap
|
page read and write
|
||
|
19E3000
|
unkown
|
page execute and read and write
|
||
|
19C3000
|
unkown
|
page execute and read and write
|
||
|
1B8B000
|
unkown
|
page execute and read and write
|
||
|
B6C000
|
unkown
|
page readonly
|
||
|
15BF000
|
unkown
|
page execute and read and write
|
||
|
4F5E000
|
direct allocation
|
page read and write
|
||
|
41F000
|
unkown
|
page write copy
|
||
|
19B9000
|
unkown
|
page execute and read and write
|
||
|
4F9A000
|
direct allocation
|
page read and write
|
||
|
4FE4000
|
direct allocation
|
page read and write
|
||
|
2D00000
|
direct allocation
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
4F49000
|
direct allocation
|
page read and write
|
||
|
4FC000
|
unkown
|
page readonly
|
||
|
5034000
|
direct allocation
|
page read and write
|
||
|
A1000
|
unkown
|
page execute read
|
||
|
19DD000
|
unkown
|
page execute and read and write
|
||
|
29A5000
|
heap
|
page read and write
|
||
|
418000
|
unkown
|
page read and write
|
||
|
15A5000
|
unkown
|
page execute and read and write
|
||
|
428000
|
unkown
|
page readonly
|
||
|
525000
|
unkown
|
page readonly
|
||
|
2D00000
|
direct allocation
|
page read and write
|
||
|
4AE1000
|
heap
|
page read and write
|
||
|
4F86000
|
direct allocation
|
page read and write
|
||
|
50CB000
|
direct allocation
|
page read and write
|
||
|
15E1000
|
unkown
|
page execute and read and write
|
||
|
4F80000
|
direct allocation
|
page read and write
|
||
|
1DC0000
|
unkown
|
page execute and read and write
|
||
|
470000
|
unkown
|
page readonly
|
||
|
3280000
|
heap
|
page read and write
|
||
|
4F96000
|
direct allocation
|
page read and write
|
||
|
15F5000
|
unkown
|
page execute and read and write
|
||
|
15DF000
|
unkown
|
page execute and read and write
|
||
|
15B3000
|
unkown
|
page execute and read and write
|
||
|
61B000
|
unkown
|
page readonly
|
||
|
4AE1000
|
heap
|
page read and write
|
||
|
3280000
|
direct allocation
|
page read and write
|
||
|
4F50000
|
direct allocation
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
5EF000
|
unkown
|
page readonly
|
||
|
64F000
|
unkown
|
page readonly
|
||
|
2D00000
|
direct allocation
|
page read and write
|
||
|
52CE000
|
stack
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
540000
|
unkown
|
page readonly
|
||
|
2CFB000
|
stack
|
page read and write
|
||
|
1BA1000
|
unkown
|
page execute and read and write
|
||
|
470000
|
unkown
|
page readonly
|
||
|
4F57000
|
direct allocation
|
page read and write
|
||
|
15AD000
|
unkown
|
page execute and read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
4AE1000
|
heap
|
page read and write
|
||
|
19B7000
|
unkown
|
page execute and read and write
|
||
|
19D7000
|
unkown
|
page execute and read and write
|
||
|
1B8F000
|
unkown
|
page execute and read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
1D5C000
|
unkown
|
page execute and read and write
|
||
|
4FCE000
|
direct allocation
|
page read and write
|
||
|
1DB9000
|
unkown
|
page execute and read and write
|
||
|
485000
|
unkown
|
page readonly
|
||
|
5043000
|
direct allocation
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
4F75000
|
direct allocation
|
page read and write
|
||
|
477000
|
unkown
|
page readonly
|
||
|
4F6D000
|
direct allocation
|
page read and write
|
||
|
2D00000
|
direct allocation
|
page read and write
|
||
|
1B91000
|
unkown
|
page execute and read and write
|
||
|
2D00000
|
direct allocation
|
page read and write
|
||
|
4AE1000
|
heap
|
page read and write
|
||
|
1D60000
|
unkown
|
page execute and read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
4FF3000
|
direct allocation
|
page read and write
|
||
|
4AE1000
|
heap
|
page read and write
|
||
|
19D9000
|
unkown
|
page execute and read and write
|
||
|
13F9000
|
unkown
|
page execute and read and write
|
||
|
19C5000
|
unkown
|
page execute and read and write
|
||
|
19BF000
|
unkown
|
page execute and read and write
|
||
|
2D30000
|
heap
|
page read and write
|
||
|
4F3A000
|
direct allocation
|
page read and write
|
||
|
1400000
|
unkown
|
page execute and read and write
|
||
|
5018000
|
direct allocation
|
page read and write
|
||
|
15CB000
|
unkown
|
page execute and read and write
|
||
|
32B0000
|
heap
|
page read and write
|
||
|
5026000
|
direct allocation
|
page read and write
|
||
|
15C9000
|
unkown
|
page execute and read and write
|
||
|
15BD000
|
unkown
|
page execute and read and write
|
||
|
15A7000
|
unkown
|
page execute and read and write
|
||
|
51CC000
|
stack
|
page read and write
|
||
|
2D00000
|
direct allocation
|
page read and write
|
||
|
15D5000
|
unkown
|
page execute and read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
15E5000
|
unkown
|
page execute and read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
4AE1000
|
heap
|
page read and write
|
||
|
2D00000
|
direct allocation
|
page read and write
|
||
|
A0000
|
unkown
|
page readonly
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
1763000
|
unkown
|
page execute and read and write
|
||
|
19D5000
|
unkown
|
page execute and read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
41F000
|
unkown
|
page read and write
|
||
|
4FC7000
|
direct allocation
|
page read and write
|
||
|
15C7000
|
unkown
|
page execute and read and write
|
||
|
501F000
|
direct allocation
|
page read and write
|
||
|
3ED000
|
unkown
|
page execute read
|
||
|
2D00000
|
direct allocation
|
page read and write
|
||
|
4F27000
|
direct allocation
|
page read and write
|
||
|
15B5000
|
unkown
|
page execute and read and write
|
||
|
4F93000
|
direct allocation
|
page read and write
|
||
|
1765000
|
unkown
|
page execute and read and write
|
||
|
13FB000
|
unkown
|
page execute and read and write
|
||
|
64F000
|
unkown
|
page readonly
|
||
|
1B8D000
|
unkown
|
page execute and read and write
|
||
|
1761000
|
unkown
|
page execute and read and write
|
||
|
A0000
|
unkown
|
page readonly
|
||
|
4FDD000
|
direct allocation
|
page read and write
|
||
|
4F2000
|
unkown
|
page readonly
|
||
|
2D38000
|
heap
|
page read and write
|
||
|
1373000
|
unkown
|
page execute and read and write
|
||
|
632000
|
unkown
|
page readonly
|
||
|
403000
|
unkown
|
page read and write
|
||
|
15DD000
|
unkown
|
page execute and read and write
|
||
|
2970000
|
heap
|
page read and write
|
||
|
530C000
|
stack
|
page read and write
|
||
|
504A000
|
direct allocation
|
page read and write
|
||
|
4F42000
|
direct allocation
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
2980000
|
heap
|
page read and write
|
||
|
2D00000
|
direct allocation
|
page read and write
|
||
|
1977000
|
unkown
|
page execute and read and write
|
||
|
4F7D000
|
direct allocation
|
page read and write
|
||
|
1BA3000
|
unkown
|
page execute and read and write
|
||
|
5051000
|
direct allocation
|
page read and write
|
||
|
41B000
|
unkown
|
page write copy
|
||
|
3336000
|
heap
|
page read and write
|
||
|
2D00000
|
direct allocation
|
page read and write
|
||
|
2D00000
|
direct allocation
|
page read and write
|
||
|
502D000
|
direct allocation
|
page read and write
|
||
|
1767000
|
unkown
|
page execute and read and write
|
||
|
4FEB000
|
direct allocation
|
page read and write
|
||
|
4FD5000
|
direct allocation
|
page read and write
|
||
|
1B4F000
|
unkown
|
page execute and read and write
|
||
|
543D000
|
direct allocation
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
2FFF000
|
stack
|
page read and write
|
||
|
4AE1000
|
heap
|
page read and write
|
||
|
1975000
|
unkown
|
page execute and read and write
|
||
|
509F000
|
direct allocation
|
page read and write
|
||
|
3330000
|
heap
|
page read and write
|
||
|
29EE000
|
stack
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
5010000
|
direct allocation
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
4F76000
|
direct allocation
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
3280000
|
trusted library allocation
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
426000
|
unkown
|
page readonly
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
4FD5000
|
direct allocation
|
page read and write
|
||
|
2D00000
|
direct allocation
|
page read and write
|
||
|
4F20000
|
direct allocation
|
page read and write
|
||
|
2D00000
|
direct allocation
|
page read and write
|
||
|
554E000
|
stack
|
page read and write
|
||
|
5180000
|
heap
|
page read and write
|
||
|
4AE1000
|
heap
|
page read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
4AE1000
|
heap
|
page read and write
|
||
|
428000
|
unkown
|
page readonly
|
||
|
2D00000
|
direct allocation
|
page read and write
|
||
|
4AE1000
|
heap
|
page read and write
|
||
|
2D00000
|
direct allocation
|
page read and write
|
||
|
1D21000
|
unkown
|
page execute and read and write
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
A1000
|
unkown
|
page execute read
|
||
|
136A000
|
unkown
|
page readonly
|
||
|
29A4000
|
heap
|
page read and write
|
||
|
555000
|
unkown
|
page readonly
|
||
|
3F0000
|
unkown
|
page write copy
|
||
|
136D000
|
unkown
|
page readonly
|
There are 260 hidden memdumps, click here to show them.