Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
7uJ95NO82G.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
||
C:\Users\user\AppData\Roaming\Windata\svhost.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Users\user\Desktop\7uJ95NO82G.exe
|
"C:\Users\user\Desktop\7uJ95NO82G.exe"
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
http://www.autoitscript.com/autoit3/files/beta/autoit/archive/sqlite/SQLite3
|
unknown
|
||
http://ip-score.com/checkip/z
|
unknown
|
||
http://checkip.amazonaws.com/
|
unknown
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
172.232.216.250
|
unknown
|
United States
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
4607000
|
heap
|
page read and write
|
||
3EB1000
|
heap
|
page read and write
|
||
38AE000
|
stack
|
page read and write
|
||
3160000
|
heap
|
page read and write
|
||
3033000
|
heap
|
page read and write
|
||
46EE000
|
stack
|
page read and write
|
||
1810000
|
heap
|
page read and write
|
||
490000
|
unkown
|
page write copy
|
||
4390000
|
heap
|
page read and write
|
||
4716000
|
heap
|
page read and write
|
||
A00000
|
heap
|
page read and write
|
||
3070000
|
heap
|
page read and write
|
||
9D0000
|
heap
|
page read and write
|
||
1815000
|
heap
|
page read and write
|
||
3D24000
|
heap
|
page read and write
|
||
9CE000
|
stack
|
page read and write
|
||
3E48000
|
heap
|
page read and write
|
||
30C3000
|
heap
|
page read and write
|
||
AA0000
|
heap
|
page read and write
|
||
3EB0000
|
heap
|
page read and write
|
||
4840000
|
heap
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
9A000
|
stack
|
page read and write
|
||
491000
|
unkown
|
page write copy
|
||
46AF000
|
stack
|
page read and write
|
||
482000
|
unkown
|
page readonly
|
||
3052000
|
heap
|
page read and write
|
||
135000
|
heap
|
page read and write
|
||
5170000
|
heap
|
page read and write
|
||
4AB000
|
unkown
|
page readonly
|
||
8AF000
|
stack
|
page read and write
|
||
1C0000
|
heap
|
page read and write
|
||
514F000
|
stack
|
page read and write
|
||
ADC000
|
heap
|
page read and write
|
||
4A7000
|
unkown
|
page read and write
|
||
2FC1000
|
heap
|
page read and write
|
||
3CE8000
|
heap
|
page read and write
|
||
100000
|
heap
|
page read and write
|
||
A4E000
|
stack
|
page read and write
|
||
3D07000
|
heap
|
page read and write
|
||
3E71000
|
heap
|
page read and write
|
||
110000
|
heap
|
page read and write
|
||
73D2D000
|
unkown
|
page read and write
|
||
434F000
|
heap
|
page read and write
|
||
A80000
|
heap
|
page read and write
|
||
490000
|
unkown
|
page read and write
|
||
AAE000
|
heap
|
page read and write
|
||
5171000
|
heap
|
page read and write
|
||
42BA000
|
heap
|
page read and write
|
||
42B9000
|
heap
|
page read and write
|
||
B0A000
|
heap
|
page read and write
|
||
3F15000
|
heap
|
page read and write
|
||
16A9000
|
heap
|
page read and write
|
||
482000
|
unkown
|
page readonly
|
||
130000
|
heap
|
page read and write
|
||
3CB0000
|
heap
|
page read and write
|
||
30AA000
|
heap
|
page read and write
|
||
492000
|
unkown
|
page read and write
|
||
4AB000
|
unkown
|
page readonly
|
||
137000
|
heap
|
page read and write
|
||
73D10000
|
unkown
|
page readonly
|
||
2FC0000
|
heap
|
page read and write
|
||
73D2F000
|
unkown
|
page readonly
|
||
400000
|
unkown
|
page readonly
|
||
401000
|
unkown
|
page execute read
|
||
73D11000
|
unkown
|
page execute read
|
||
43D0000
|
heap
|
page read and write
|
||
3CBA000
|
heap
|
page read and write
|
||
3E66000
|
heap
|
page read and write
|
||
A04000
|
heap
|
page read and write
|
||
AAA000
|
heap
|
page read and write
|
||
434E000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
3E89000
|
heap
|
page read and write
|
||
3165000
|
heap
|
page read and write
|
||
B06000
|
heap
|
page read and write
|
||
5270000
|
trusted library allocation
|
page read and write
|
||
311E000
|
stack
|
page read and write
|
||
30D0000
|
heap
|
page read and write
|
||
73D26000
|
unkown
|
page readonly
|
||
3CAF000
|
stack
|
page read and write
|
||
4465000
|
heap
|
page read and write
|
||
44DD000
|
heap
|
page read and write
|
||
4425000
|
heap
|
page read and write
|
There are 74 hidden memdumps, click here to show them.