Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Users\user\Desktop\MT Eagle Asia 11.exe
|
"C:\Users\user\Desktop\MT Eagle Asia 11.exe"
|
||
C:\Users\user\Desktop\MT Eagle Asia 11.exe
|
"C:\Users\user\Desktop\MT Eagle Asia 11.exe"
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://reallyfreegeoip.org
|
unknown
|
||
http://checkip.dyndns.org
|
unknown
|
||
http://checkip.dyndns.org/
|
193.122.130.0
|
||
https://reallyfreegeoip.org/xml/8.46.123.189
|
104.21.67.152
|
||
http://checkip.dyndns.com
|
unknown
|
||
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
http://checkip.dyndns.org/q
|
unknown
|
||
https://reallyfreegeoip.org/xml/8.46.123.189$
|
unknown
|
||
http://reallyfreegeoip.org
|
unknown
|
||
https://reallyfreegeoip.org/xml/
|
unknown
|
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
reallyfreegeoip.org
|
104.21.67.152
|
||
checkip.dyndns.com
|
193.122.130.0
|
||
checkip.dyndns.org
|
unknown
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
104.21.67.152
|
reallyfreegeoip.org
|
United States
|
||
193.122.130.0
|
checkip.dyndns.com
|
United States
|
Registry
Path
|
Value
|
Malicious
|
|
---|---|---|---|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MT Eagle Asia 11_RASAPI32
|
EnableFileTracing
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MT Eagle Asia 11_RASAPI32
|
EnableAutoFileTracing
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MT Eagle Asia 11_RASAPI32
|
EnableConsoleTracing
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MT Eagle Asia 11_RASAPI32
|
FileTracingMask
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MT Eagle Asia 11_RASAPI32
|
ConsoleTracingMask
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MT Eagle Asia 11_RASAPI32
|
MaxFileSize
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MT Eagle Asia 11_RASAPI32
|
FileDirectory
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MT Eagle Asia 11_RASMANCS
|
EnableFileTracing
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MT Eagle Asia 11_RASMANCS
|
EnableAutoFileTracing
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MT Eagle Asia 11_RASMANCS
|
EnableConsoleTracing
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MT Eagle Asia 11_RASMANCS
|
FileTracingMask
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MT Eagle Asia 11_RASMANCS
|
ConsoleTracingMask
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MT Eagle Asia 11_RASMANCS
|
MaxFileSize
|
||
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\MT Eagle Asia 11_RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
402000
|
remote allocation
|
page execute and read and write
|
||
2DAB000
|
trusted library allocation
|
page read and write
|
||
3B29000
|
trusted library allocation
|
page read and write
|
||
2C01000
|
trusted library allocation
|
page read and write
|
||
D90000
|
trusted library allocation
|
page read and write
|
||
107E000
|
stack
|
page read and write
|
||
2DA6000
|
trusted library allocation
|
page read and write
|
||
52D0000
|
heap
|
page read and write
|
||
D70000
|
trusted library allocation
|
page read and write
|
||
5160000
|
heap
|
page execute and read and write
|
||
D9A000
|
trusted library allocation
|
page execute and read and write
|
||
2D40000
|
trusted library allocation
|
page read and write
|
||
2E76000
|
trusted library allocation
|
page read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
E53000
|
heap
|
page read and write
|
||
12A6000
|
trusted library allocation
|
page read and write
|
||
2CB2000
|
trusted library allocation
|
page read and write
|
||
4F60000
|
trusted library allocation
|
page read and write
|
||
6930000
|
trusted library allocation
|
page execute and read and write
|
||
682E000
|
stack
|
page read and write
|
||
1090000
|
trusted library allocation
|
page read and write
|
||
52C3000
|
heap
|
page read and write
|
||
12A1000
|
trusted library allocation
|
page read and write
|
||
3C89000
|
trusted library allocation
|
page read and write
|
||
2E2A000
|
trusted library allocation
|
page read and write
|
||
7612000
|
trusted library allocation
|
page read and write
|
||
50A0000
|
trusted library allocation
|
page execute and read and write
|
||
2E70000
|
trusted library allocation
|
page read and write
|
||
3C01000
|
trusted library allocation
|
page read and write
|
||
62AE000
|
stack
|
page read and write
|
||
4FF0000
|
heap
|
page execute and read and write
|
||
ED0000
|
heap
|
page read and write
|
||
106A000
|
trusted library allocation
|
page execute and read and write
|
||
53E0000
|
trusted library section
|
page read and write
|
||
2EB3000
|
trusted library allocation
|
page read and write
|
||
3C97000
|
trusted library allocation
|
page read and write
|
||
8E60000
|
trusted library allocation
|
page read and write
|
||
1280000
|
trusted library allocation
|
page read and write
|
||
4FE0000
|
trusted library allocation
|
page read and write
|
||
CD0000
|
heap
|
page read and write
|
||
12AD000
|
trusted library allocation
|
page read and write
|
||
5493000
|
heap
|
page read and write
|
||
652F000
|
stack
|
page read and write
|
||
10DE000
|
stack
|
page read and write
|
||
2D50000
|
trusted library allocation
|
page read and write
|
||
D96000
|
trusted library allocation
|
page execute and read and write
|
||
1210000
|
heap
|
page read and write
|
||
DB8000
|
heap
|
page read and write
|
||
1140000
|
trusted library allocation
|
page read and write
|
||
4FD0000
|
heap
|
page read and write
|
||
2E78000
|
trusted library allocation
|
page read and write
|
||
55B0000
|
trusted library section
|
page readonly
|
||
2E25000
|
trusted library allocation
|
page read and write
|
||
2E82000
|
trusted library allocation
|
page read and write
|
||
4D9E000
|
stack
|
page read and write
|
||
6870000
|
trusted library allocation
|
page read and write
|
||
1072000
|
trusted library allocation
|
page read and write
|
||
6F1E000
|
heap
|
page read and write
|
||
E9E000
|
heap
|
page read and write
|
||
5D85000
|
heap
|
page read and write
|
||
5D6E000
|
stack
|
page read and write
|
||
4FEE000
|
trusted library allocation
|
page read and write
|
||
6830000
|
trusted library allocation
|
page execute and read and write
|
||
2ABE000
|
stack
|
page read and write
|
||
2AC0000
|
trusted library allocation
|
page read and write
|
||
2D48000
|
trusted library allocation
|
page read and write
|
||
D74000
|
trusted library allocation
|
page read and write
|
||
10F0000
|
heap
|
page read and write
|
||
1077000
|
trusted library allocation
|
page execute and read and write
|
||
E1A000
|
heap
|
page read and write
|
||
2CA1000
|
trusted library allocation
|
page read and write
|
||
2D8A000
|
trusted library allocation
|
page read and write
|
||
2D04000
|
trusted library allocation
|
page read and write
|
||
56B0000
|
trusted library allocation
|
page execute and read and write
|
||
587B000
|
trusted library allocation
|
page read and write
|
||
1178000
|
trusted library allocation
|
page read and write
|
||
6860000
|
trusted library allocation
|
page execute and read and write
|
||
E10000
|
heap
|
page read and write
|
||
6C2000
|
unkown
|
page readonly
|
||
DA2000
|
trusted library allocation
|
page read and write
|
||
63E5000
|
heap
|
page read and write
|
||
672E000
|
stack
|
page read and write
|
||
DF0000
|
trusted library allocation
|
page read and write
|
||
9D0000
|
heap
|
page read and write
|
||
E9F000
|
heap
|
page read and write
|
||
2AE1000
|
trusted library allocation
|
page read and write
|
||
6F10000
|
heap
|
page read and write
|
||
2D61000
|
trusted library allocation
|
page read and write
|
||
1144000
|
trusted library allocation
|
page read and write
|
||
129A000
|
trusted library allocation
|
page read and write
|
||
50EA000
|
trusted library allocation
|
page read and write
|
||
5187000
|
trusted library allocation
|
page read and write
|
||
113E000
|
stack
|
page read and write
|
||
4F90000
|
trusted library allocation
|
page read and write
|
||
5455000
|
heap
|
page read and write
|
||
3C95000
|
trusted library allocation
|
page read and write
|
||
2E7C000
|
trusted library allocation
|
page read and write
|
||
1170000
|
heap
|
page read and write
|
||
2B00000
|
trusted library allocation
|
page read and write
|
||
D60000
|
trusted library allocation
|
page read and write
|
||
666F000
|
stack
|
page read and write
|
||
1160000
|
trusted library allocation
|
page read and write
|
||
5DAA000
|
heap
|
page read and write
|
||
111E000
|
stack
|
page read and write
|
||
2CEE000
|
trusted library allocation
|
page read and write
|
||
5860000
|
trusted library allocation
|
page read and write
|
||
5DA0000
|
heap
|
page read and write
|
||
C60000
|
heap
|
page read and write
|
||
51A0000
|
heap
|
page read and write
|
||
2E3A000
|
trusted library allocation
|
page read and write
|
||
2CD9000
|
trusted library allocation
|
page read and write
|
||
6C0000
|
unkown
|
page readonly
|
||
2B0F000
|
trusted library allocation
|
page read and write
|
||
E1E000
|
heap
|
page read and write
|
||
D7D000
|
trusted library allocation
|
page execute and read and write
|
||
66EE000
|
stack
|
page read and write
|
||
5850000
|
trusted library allocation
|
page execute and read and write
|
||
2E4C000
|
trusted library allocation
|
page read and write
|
||
50F0000
|
trusted library allocation
|
page read and write
|
||
919000
|
stack
|
page read and write
|
||
3C29000
|
trusted library allocation
|
page read and write
|
||
2E48000
|
trusted library allocation
|
page read and write
|
||
1150000
|
trusted library allocation
|
page read and write
|
||
DB0000
|
heap
|
page read and write
|
||
9F0000
|
heap
|
page read and write
|
||
6880000
|
trusted library allocation
|
page read and write
|
||
2B21000
|
trusted library allocation
|
page read and write
|
||
D80000
|
trusted library allocation
|
page read and write
|
||
50D0000
|
trusted library allocation
|
page read and write
|
||
127F000
|
stack
|
page read and write
|
||
9CE000
|
stack
|
page read and write
|
||
2B80000
|
trusted library allocation
|
page read and write
|
||
2D00000
|
trusted library allocation
|
page read and write
|
||
A38000
|
stack
|
page read and write
|
||
DAB000
|
trusted library allocation
|
page execute and read and write
|
||
E03000
|
trusted library allocation
|
page execute and read and write
|
||
5870000
|
trusted library allocation
|
page read and write
|
||
4FE2000
|
trusted library allocation
|
page read and write
|
||
E71000
|
heap
|
page read and write
|
||
E44000
|
heap
|
page read and write
|
||
5D80000
|
heap
|
page read and write
|
||
5540000
|
trusted library allocation
|
page read and write
|
||
2AE6000
|
trusted library allocation
|
page read and write
|
||
52B0000
|
trusted library allocation
|
page read and write
|
||
63B0000
|
heap
|
page read and write
|
||
DA7000
|
trusted library allocation
|
page execute and read and write
|
||
1070000
|
trusted library allocation
|
page read and write
|
||
12C0000
|
heap
|
page read and write
|
||
1050000
|
trusted library allocation
|
page read and write
|
||
2D6F000
|
trusted library allocation
|
page read and write
|
||
D92000
|
trusted library allocation
|
page read and write
|
||
1060000
|
trusted library allocation
|
page read and write
|
||
128B000
|
trusted library allocation
|
page read and write
|
||
6840000
|
trusted library allocation
|
page read and write
|
||
B37000
|
stack
|
page read and write
|
||
55C0000
|
heap
|
page read and write
|
||
DE7000
|
heap
|
page read and write
|
||
2ACB000
|
trusted library allocation
|
page read and write
|
||
684A000
|
trusted library allocation
|
page read and write
|
||
1160000
|
heap
|
page execute and read and write
|
||
586E000
|
trusted library allocation
|
page read and write
|
||
5DC5000
|
heap
|
page read and write
|
||
4F65000
|
trusted library allocation
|
page read and write
|
||
5670000
|
heap
|
page read and write
|
||
2CBE000
|
trusted library allocation
|
page read and write
|
||
2CF8000
|
trusted library allocation
|
page read and write
|
||
10DE000
|
stack
|
page read and write
|
||
5100000
|
heap
|
page read and write
|
||
50E0000
|
heap
|
page read and write
|
||
1120000
|
trusted library allocation
|
page execute and read and write
|
||
1140000
|
trusted library allocation
|
page read and write
|
||
6E50000
|
heap
|
page read and write
|
||
6410000
|
heap
|
page read and write
|
||
12B2000
|
trusted library allocation
|
page read and write
|
||
2BF0000
|
heap
|
page execute and read and write
|
||
5181000
|
trusted library allocation
|
page read and write
|
||
63E3000
|
heap
|
page read and write
|
||
2E43000
|
trusted library allocation
|
page read and write
|
||
DCE000
|
heap
|
page read and write
|
||
E50000
|
heap
|
page read and write
|
||
2D3C000
|
trusted library allocation
|
page read and write
|
||
55AB000
|
stack
|
page read and write
|
||
E37000
|
heap
|
page read and write
|
||
4C1E000
|
stack
|
page read and write
|
||
1217000
|
heap
|
page read and write
|
||
2CFC000
|
trusted library allocation
|
page read and write
|
||
D8D000
|
trusted library allocation
|
page execute and read and write
|
||
2D44000
|
trusted library allocation
|
page read and write
|
||
3B21000
|
trusted library allocation
|
page read and write
|
||
56A0000
|
trusted library allocation
|
page read and write
|
||
D73000
|
trusted library allocation
|
page execute and read and write
|
||
2AED000
|
trusted library allocation
|
page read and write
|
||
2D54000
|
trusted library allocation
|
page read and write
|
||
68E0000
|
trusted library allocation
|
page read and write
|
||
128E000
|
trusted library allocation
|
page read and write
|
||
684F000
|
trusted library allocation
|
page read and write
|
||
CF7000
|
stack
|
page read and write
|
||
2D4C000
|
trusted library allocation
|
page read and write
|
||
50EC000
|
trusted library allocation
|
page read and write
|
||
5876000
|
trusted library allocation
|
page read and write
|
||
D3E000
|
stack
|
page read and write
|
||
1130000
|
trusted library allocation
|
page read and write
|
||
2B10000
|
heap
|
page read and write
|
||
5430000
|
heap
|
page read and write
|
||
2ADE000
|
trusted library allocation
|
page read and write
|
||
129E000
|
trusted library allocation
|
page read and write
|
||
6910000
|
heap
|
page read and write
|
||
1090000
|
trusted library allocation
|
page read and write
|
||
3C64000
|
trusted library allocation
|
page read and write
|
||
E00000
|
trusted library allocation
|
page read and write
|
||
2CC1000
|
trusted library allocation
|
page read and write
|
||
B80000
|
heap
|
page read and write
|
||
2BED000
|
stack
|
page read and write
|
||
5D90000
|
heap
|
page read and write
|
||
4F70000
|
trusted library allocation
|
page read and write
|
||
4FEC000
|
trusted library allocation
|
page read and write
|
||
5465000
|
heap
|
page read and write
|
||
2E30000
|
trusted library allocation
|
page read and write
|
||
E0D000
|
trusted library allocation
|
page execute and read and write
|
||
1066000
|
trusted library allocation
|
page execute and read and write
|
||
DDA000
|
heap
|
page read and write
|
||
5103000
|
heap
|
page read and write
|
||
52DE000
|
stack
|
page read and write
|
||
105D000
|
trusted library allocation
|
page execute and read and write
|
||
E93000
|
heap
|
page read and write
|
||
6843000
|
trusted library allocation
|
page read and write
|
||
5190000
|
trusted library section
|
page read and write
|
||
5530000
|
trusted library allocation
|
page execute and read and write
|
||
2B6E000
|
stack
|
page read and write
|
||
53DE000
|
stack
|
page read and write
|
||
DA5000
|
trusted library allocation
|
page execute and read and write
|
||
1150000
|
heap
|
page read and write
|
||
10E0000
|
trusted library allocation
|
page execute and read and write
|
||
2CA9000
|
trusted library allocation
|
page read and write
|
||
50E7000
|
trusted library allocation
|
page read and write
|
||
1286000
|
trusted library allocation
|
page read and write
|
||
63AE000
|
stack
|
page read and write
|
||
656E000
|
stack
|
page read and write
|
||
66AE000
|
stack
|
page read and write
|
||
64ED000
|
stack
|
page read and write
|
||
2CF0000
|
trusted library allocation
|
page read and write
|
||
5878000
|
trusted library allocation
|
page read and write
|
||
8DE0000
|
trusted library allocation
|
page read and write
|
||
3C7F000
|
trusted library allocation
|
page read and write
|
||
4FEA000
|
trusted library allocation
|
page read and write
|
||
560E000
|
stack
|
page read and write
|
||
E04000
|
trusted library allocation
|
page read and write
|
||
6850000
|
trusted library allocation
|
page execute and read and write
|
||
50E0000
|
trusted library allocation
|
page read and write
|
||
107B000
|
trusted library allocation
|
page execute and read and write
|
||
980000
|
heap
|
page read and write
|
||
5550000
|
trusted library allocation
|
page read and write
|
||
52C0000
|
heap
|
page read and write
|
There are 243 hidden memdumps, click here to show them.