Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
Lic.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
||
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\Lic.exe.log
|
CSV text
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\9d157fef-9d80-4c40-8e32-b40db35317cb\AgileDotNetRT64.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Users\user\Desktop\Lic.exe
|
"C:\Users\user\Desktop\Lic.exe"
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://#/SCClientPing.php#Invalid
|
unknown
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
24B57815000
|
heap
|
page read and write
|
||
24B59160000
|
trusted library allocation
|
page read and write
|
||
7FFD9B860000
|
trusted library allocation
|
page read and write
|
||
24B5789E000
|
heap
|
page read and write
|
||
24B71CCB000
|
heap
|
page read and write
|
||
CE363FF000
|
stack
|
page read and write
|
||
24B57990000
|
trusted library allocation
|
page read and write
|
||
CE362FE000
|
stack
|
page read and write
|
||
CE35AFD000
|
stack
|
page read and write
|
||
24B71B60000
|
heap
|
page read and write
|
||
24B73730000
|
trusted library allocation
|
page read and write
|
||
CE35EFE000
|
stack
|
page read and write
|
||
24B578B1000
|
heap
|
page read and write
|
||
24B71B20000
|
heap
|
page execute and read and write
|
||
24B578DE000
|
heap
|
page read and write
|
||
7FFE13310000
|
unkown
|
page readonly
|
||
7FFD9B6C9000
|
trusted library allocation
|
page read and write
|
||
CE35DFF000
|
stack
|
page read and write
|
||
24B71B53000
|
heap
|
page read and write
|
||
24B5764E000
|
unkown
|
page readonly
|
||
24B57967000
|
heap
|
page read and write
|
||
7FFD9B6D0000
|
trusted library allocation
|
page read and write
|
||
24B5796C000
|
heap
|
page read and write
|
||
24B57954000
|
heap
|
page read and write
|
||
7FFD9B6C2000
|
trusted library allocation
|
page read and write
|
||
7FFD9B850000
|
trusted library allocation
|
page read and write
|
||
7FFD9B7D0000
|
trusted library allocation
|
page execute and read and write
|
||
7FFD9B6C7000
|
trusted library allocation
|
page read and write
|
||
7FFD9B6B3000
|
trusted library allocation
|
page execute and read and write
|
||
7FFE13301000
|
unkown
|
page execute read
|
||
24B578E5000
|
heap
|
page read and write
|
||
7FFE13312000
|
unkown
|
page read and write
|
||
CE359FE000
|
stack
|
page read and write
|
||
24B71B7C000
|
heap
|
page read and write
|
||
24B578B4000
|
heap
|
page read and write
|
||
7FFE13315000
|
unkown
|
page execute and read and write
|
||
7FFD9B6D4000
|
trusted library allocation
|
page read and write
|
||
24B577F0000
|
heap
|
page read and write
|
||
24B71B30000
|
heap
|
page read and write
|
||
24B719D2000
|
heap
|
page read and write
|
||
CE35CFB000
|
stack
|
page read and write
|
||
24B57632000
|
unkown
|
page readonly
|
||
7FFD9B70C000
|
trusted library allocation
|
page execute and read and write
|
||
CE35BFF000
|
stack
|
page read and write
|
||
24B579B0000
|
heap
|
page read and write
|
||
7FFD9B770000
|
trusted library allocation
|
page execute and read and write
|
||
24B57710000
|
heap
|
page read and write
|
||
7FFD9B6CD000
|
trusted library allocation
|
page execute and read and write
|
||
7FFD9B6DD000
|
trusted library allocation
|
page execute and read and write
|
||
24B57876000
|
heap
|
page read and write
|
||
CE358FE000
|
stack
|
page read and write
|
||
7FFD9B760000
|
trusted library allocation
|
page read and write
|
||
CE35FFE000
|
stack
|
page read and write
|
||
7FFE13300000
|
unkown
|
page readonly
|
||
24B5923A000
|
trusted library allocation
|
page read and write
|
||
24B57870000
|
heap
|
page read and write
|
||
24B57632000
|
unkown
|
page readonly
|
||
24B579B5000
|
heap
|
page read and write
|
||
24B57810000
|
heap
|
page read and write
|
||
24B5787C000
|
heap
|
page read and write
|
||
7FFD9B6DB000
|
trusted library allocation
|
page execute and read and write
|
||
24B578E0000
|
heap
|
page read and write
|
||
24B591F0000
|
heap
|
page read and write
|
||
7FF47D690000
|
trusted library allocation
|
page execute and read and write
|
||
7FFD9B6BD000
|
trusted library allocation
|
page execute and read and write
|
||
24B71B50000
|
heap
|
page read and write
|
||
CE357FE000
|
stack
|
page read and write
|
||
24B579BD000
|
heap
|
page read and write
|
||
24B57630000
|
unkown
|
page readonly
|
||
24B5793A000
|
heap
|
page read and write
|
||
7FFD9B6B4000
|
trusted library allocation
|
page read and write
|
||
24B59180000
|
heap
|
page execute and read and write
|
||
24B71DE0000
|
heap
|
page read and write
|
||
24B57630000
|
unkown
|
page readonly
|
||
7FFE13313000
|
unkown
|
page readonly
|
||
7FFD9B6C0000
|
trusted library allocation
|
page read and write
|
||
CE356F5000
|
stack
|
page read and write
|
||
24B578A6000
|
heap
|
page read and write
|
||
24B69254000
|
trusted library allocation
|
page read and write
|
||
24B57840000
|
heap
|
page read and write
|
||
CE361FE000
|
stack
|
page read and write
|
||
7FFD9B796000
|
trusted library allocation
|
page execute and read and write
|
||
24B69201000
|
trusted library allocation
|
page read and write
|
||
CE360FB000
|
stack
|
page read and write
|
||
24B57820000
|
heap
|
page read and write
|
||
24B578A1000
|
heap
|
page read and write
|
||
24B59201000
|
trusted library allocation
|
page read and write
|
||
7FFD9B76C000
|
trusted library allocation
|
page execute and read and write
|
||
7FFE13316000
|
unkown
|
page execute and write copy
|
There are 79 hidden memdumps, click here to show them.