Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\IMS64.dll.dll,main
|
 |
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\IMS64.dll.dll",#1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\IMS64.dll.dll",main
|
|
|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\IMS64.dll.dll"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\IMS64.dll.dll",#1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://javaforyouedu.in/rofl/admin
|
43.206.237.192
|
|
|
|
https://javaforyouedu.in/rofl/admin8x
|
unknown
|
||
|
https://javaforyouedu.in/rofl/admin9
|
unknown
|
||
|
https://javaforyouedu.in/rofl/adminy
|
unknown
|
||
|
https://javaforyouedu.in/
|
unknown
|
||
|
https://javaforyouedu.in/rofl/admin=
|
unknown
|
||
|
https://javaforyouedu.in/rofl/admino
|
unknown
|
||
|
https://javaforyouedu.in/rofl/admin4
|
unknown
|
||
|
https://javaforyouedu.in/rofl/admins
|
unknown
|
||
|
https://javaforyouedu.in/rofl/admin2
|
unknown
|
||
|
https://javaforyouedu.in/wA
|
unknown
|
||
|
https://javaforyouedu.in/rofl/adminM
|
unknown
|
||
|
https://javaforyouedu.in/rofl/adminL
|
unknown
|
||
|
https://javaforyouedu.in/rofl/adminxcn(
|
unknown
|
||
|
https://javaforyouedu.in/rofl/adminA
|
unknown
|
||
|
https://javaforyouedu.in/rofl/admin~
|
unknown
|
||
|
https://javaforyouedu.in/O
|
unknown
|
||
|
https://javaforyouedu.in/rofl/adminD
|
unknown
|
||
|
https://javaforyouedu.in/rofl/adminYcM(
|
unknown
|
||
|
https://javaforyouedu.in/H
|
unknown
|
||
|
https://javaforyouedu.in/rofl/adminN
|
unknown
|
||
|
https://javaforyouedu.in/rofl/admini
|
unknown
|
||
|
https://javaforyouedu.in/rofl/admink
|
unknown
|
||
|
https://javaforyouedu.in/-
|
unknown
|
||
|
https://javaforyouedu.in/rofl/admin#
|
unknown
|
||
|
https://javaforyouedu.in/rofl/adminux
|
unknown
|
There are 16 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
javaforyouedu.in
|
43.206.237.192
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
43.206.237.192
|
javaforyouedu.in
|
Japan
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1FB0D9BC000
|
heap
|
page read and write
|
||
|
1FB0D830000
|
heap
|
page read and write
|
||
|
1CDED21D000
|
heap
|
page read and write
|
||
|
1CDED280000
|
trusted library allocation
|
page read and write
|
||
|
1CDED148000
|
heap
|
page read and write
|
||
|
1CDED18A000
|
heap
|
page read and write
|
||
|
1E8C6C8B000
|
heap
|
page read and write
|
||
|
1CDEEBB0000
|
trusted library allocation
|
page read and write
|
||
|
1FB0DB60000
|
direct allocation
|
page execute read
|
||
|
1FB0D9BF000
|
heap
|
page read and write
|
||
|
1CDED0A0000
|
heap
|
page read and write
|
||
|
1E8C6CD6000
|
heap
|
page read and write
|
||
|
1FB0D9B1000
|
heap
|
page read and write
|
||
|
1FB0D9B6000
|
heap
|
page read and write
|
||
|
58A6FE000
|
stack
|
page read and write
|
||
|
1E8C6C88000
|
heap
|
page read and write
|
||
|
1E8C6CB6000
|
heap
|
page read and write
|
||
|
1E8C6C85000
|
heap
|
page read and write
|
||
|
1E8C6C49000
|
heap
|
page read and write
|
||
|
1CDED1DB000
|
heap
|
page read and write
|
||
|
1E8C6DE0000
|
heap
|
page read and write
|
||
|
7FFE13342000
|
unkown
|
page readonly
|
||
|
1E8C87A0000
|
heap
|
page readonly
|
||
|
1E8C6C88000
|
heap
|
page read and write
|
||
|
1E8C6CD6000
|
heap
|
page read and write
|
||
|
1FB0D9B6000
|
heap
|
page read and write
|
||
|
1CDED229000
|
heap
|
page read and write
|
||
|
1CDED16C000
|
heap
|
page read and write
|
||
|
1CDED240000
|
direct allocation
|
page execute read
|
||
|
C29BEFD000
|
unkown
|
page read and write
|
||
|
1E8C6CB6000
|
heap
|
page read and write
|
||
|
1FB0D930000
|
heap
|
page read and write
|
||
|
1CDED1CE000
|
heap
|
page read and write
|
||
|
1E8C6C8B000
|
heap
|
page read and write
|
||
|
58A27F000
|
unkown
|
page read and write
|
||
|
1CDED22A000
|
heap
|
page read and write
|
||
|
1FB0D991000
|
heap
|
page read and write
|
||
|
1FB0D966000
|
heap
|
page read and write
|
||
|
1FB0D96C000
|
heap
|
page read and write
|
||
|
1E8C6F40000
|
heap
|
page read and write
|
||
|
1FB0D9BA000
|
heap
|
page read and write
|
||
|
1E8C6C88000
|
heap
|
page read and write
|
||
|
1CDEECA0000
|
heap
|
page read and write
|
||
|
1F68FFF000
|
stack
|
page read and write
|
||
|
1E8C6CB6000
|
heap
|
page read and write
|
||
|
1E8C8B88000
|
heap
|
page read and write
|
||
|
1E8C6C88000
|
heap
|
page read and write
|
||
|
1DFACAF0000
|
heap
|
page read and write
|
||
|
C29C37D000
|
stack
|
page read and write
|
||
|
1FB0D991000
|
heap
|
page read and write
|
||
|
1CDED19B000
|
heap
|
page read and write
|
||
|
1FB0D9B0000
|
heap
|
page read and write
|
||
|
1E8C8700000
|
direct allocation
|
page execute read
|
||
|
1DFACB20000
|
heap
|
page read and write
|
||
|
1CDED19B000
|
heap
|
page read and write
|
||
|
1FB0D8F4000
|
heap
|
page read and write
|
||
|
1CDED163000
|
heap
|
page read and write
|
||
|
1DFACB00000
|
heap
|
page read and write
|
||
|
1E8C6CD6000
|
heap
|
page read and write
|
||
|
1FB0D9B6000
|
heap
|
page read and write
|
||
|
1CDED189000
|
heap
|
page read and write
|
||
|
5D2DEFD000
|
stack
|
page read and write
|
||
|
1FB0D966000
|
heap
|
page read and write
|
||
|
1CDED22A000
|
heap
|
page read and write
|
||
|
1CDED21D000
|
heap
|
page read and write
|
||
|
1CDED1DA000
|
heap
|
page read and write
|
||
|
1E8C6CE0000
|
heap
|
page read and write
|
||
|
1E8C6CD6000
|
heap
|
page read and write
|
||
|
7FFE13301000
|
unkown
|
page execute read
|
||
|
1CDED202000
|
heap
|
page read and write
|
||
|
1E8C6CD5000
|
heap
|
page read and write
|
||
|
1E8C6CDD000
|
heap
|
page read and write
|
||
|
1E8C87E0000
|
heap
|
page read and write
|
||
|
1E8C6C07000
|
heap
|
page read and write
|
||
|
1E8C877E000
|
trusted library allocation
|
page read and write
|
||
|
1DFACB68000
|
heap
|
page read and write
|
||
|
1CDED1D0000
|
heap
|
page read and write
|
||
|
1DFACB5D000
|
heap
|
page read and write
|
||
|
1FB0D9B7000
|
heap
|
page read and write
|
||
|
1E8C6C85000
|
heap
|
page read and write
|
||
|
1CDED21D000
|
heap
|
page read and write
|
||
|
1FB0D850000
|
heap
|
page read and write
|
||
|
1FB0D8F7000
|
heap
|
page read and write
|
||
|
1CDED1D4000
|
heap
|
page read and write
|
||
|
1FB0D929000
|
heap
|
page read and write
|
||
|
1FB0D930000
|
heap
|
page read and write
|
||
|
1CDED1DB000
|
heap
|
page read and write
|
||
|
1E8C8B70000
|
remote allocation
|
page read and write
|
||
|
1E8C878C000
|
trusted library allocation
|
page read and write
|
||
|
1E8C8B70000
|
remote allocation
|
page read and write
|
||
|
1E8C6C27000
|
heap
|
page read and write
|
||
|
1FB0D9B5000
|
heap
|
page read and write
|
||
|
1FB0D991000
|
heap
|
page read and write
|
||
|
1FB0D96C000
|
heap
|
page read and write
|
||
|
1CDED198000
|
heap
|
page read and write
|
||
|
1E8C6C85000
|
heap
|
page read and write
|
||
|
1CDED1D9000
|
heap
|
page read and write
|
||
|
1E8C6C85000
|
heap
|
page read and write
|
||
|
1CDED163000
|
heap
|
page read and write
|
||
|
1CDED140000
|
heap
|
page read and write
|
||
|
1E8C6CD6000
|
heap
|
page read and write
|
||
|
1FB0F6E0000
|
remote allocation
|
page read and write
|
||
|
1E8C8778000
|
trusted library allocation
|
page readonly
|
||
|
7FFE13342000
|
unkown
|
page readonly
|
||
|
58A4D6000
|
stack
|
page read and write
|
||
|
1E8C6C88000
|
heap
|
page read and write
|
||
|
1E8C6C8B000
|
heap
|
page read and write
|
||
|
1FB0D995000
|
heap
|
page read and write
|
||
|
1E8C6F45000
|
heap
|
page read and write
|
||
|
1CDED230000
|
heap
|
page read and write
|
||
|
1FB0D966000
|
heap
|
page read and write
|
||
|
1E8C6CD6000
|
heap
|
page read and write
|
||
|
1CDED22A000
|
heap
|
page read and write
|
||
|
1FB0F6E0000
|
remote allocation
|
page read and write
|
||
|
1E8C6C8B000
|
heap
|
page read and write
|
||
|
1FB0D962000
|
heap
|
page read and write
|
||
|
1FB0D9B0000
|
heap
|
page read and write
|
||
|
5D2E156000
|
stack
|
page read and write
|
||
|
1E8C878E000
|
trusted library allocation
|
page read and write
|
||
|
5D2E2FB000
|
stack
|
page read and write
|
||
|
1FB0D928000
|
heap
|
page read and write
|
||
|
1E8C6CD6000
|
heap
|
page read and write
|
||
|
1FB0D935000
|
heap
|
page read and write
|
||
|
1FB0D995000
|
heap
|
page read and write
|
||
|
C29BE7C000
|
stack
|
page read and write
|
||
|
1CDED202000
|
heap
|
page read and write
|
||
|
1CDED1D1000
|
heap
|
page read and write
|
||
|
1FB0DBA5000
|
heap
|
page read and write
|
||
|
1FB0F1C0000
|
trusted library allocation
|
page read and write
|
||
|
1FB0D9A8000
|
heap
|
page read and write
|
||
|
1E8C6C85000
|
heap
|
page read and write
|
||
|
1E8C6C56000
|
heap
|
page read and write
|
||
|
589FCC000
|
stack
|
page read and write
|
||
|
1CDED228000
|
heap
|
page read and write
|
||
|
1E8C6BE8000
|
heap
|
page read and write
|
||
|
5D2E37F000
|
stack
|
page read and write
|
||
|
1DFACB20000
|
heap
|
page read and write
|
||
|
1E8C6C06000
|
heap
|
page read and write
|
||
|
1E8C6C39000
|
heap
|
page read and write
|
||
|
1E8C8B70000
|
remote allocation
|
page read and write
|
||
|
1FB0F250000
|
heap
|
page read and write
|
||
|
C29BFFE000
|
stack
|
page read and write
|
||
|
1E8C6CD6000
|
heap
|
page read and write
|
||
|
1FB0D991000
|
heap
|
page read and write
|
||
|
58A375000
|
stack
|
page read and write
|
||
|
1E8C6CB6000
|
heap
|
page read and write
|
||
|
1FB0F220000
|
heap
|
page readonly
|
||
|
1E8C6C03000
|
heap
|
page read and write
|
||
|
1FB0D8D0000
|
heap
|
page read and write
|
||
|
1FB0D96B000
|
heap
|
page read and write
|
||
|
1E8C6CD6000
|
heap
|
page read and write
|
||
|
C29C3FE000
|
stack
|
page read and write
|
||
|
1CDED1D4000
|
heap
|
page read and write
|
||
|
1E8C6C85000
|
heap
|
page read and write
|
||
|
7FFE13347000
|
unkown
|
page read and write
|
||
|
1CDEEBE0000
|
remote allocation
|
page read and write
|
||
|
1FB0D991000
|
heap
|
page read and write
|
||
|
1E8C6C8B000
|
heap
|
page read and write
|
||
|
1FB0D991000
|
heap
|
page read and write
|
||
|
1FB0D8F7000
|
heap
|
page read and write
|
||
|
1FB0D918000
|
heap
|
page read and write
|
||
|
58A37E000
|
stack
|
page read and write
|
||
|
1E8C6C00000
|
heap
|
page read and write
|
||
|
1FB0D966000
|
heap
|
page read and write
|
||
|
1CDED22A000
|
heap
|
page read and write
|
||
|
1CDED202000
|
heap
|
page read and write
|
||
|
5D2E17E000
|
stack
|
page read and write
|
||
|
1FB0D991000
|
heap
|
page read and write
|
||
|
C29C158000
|
stack
|
page read and write
|
||
|
1CDED22A000
|
heap
|
page read and write
|
||
|
1FB0F350000
|
trusted library allocation
|
page read and write
|
||
|
1CDED1D9000
|
heap
|
page read and write
|
||
|
1E8C6CD6000
|
heap
|
page read and write
|
||
|
1FB0D966000
|
heap
|
page read and write
|
||
|
1E8C6CD6000
|
heap
|
page read and write
|
||
|
1CDED228000
|
heap
|
page read and write
|
||
|
1FB0D9B6000
|
heap
|
page read and write
|
||
|
1CDED1D4000
|
heap
|
page read and write
|
||
|
1FB0D962000
|
heap
|
page read and write
|
||
|
1FB0D994000
|
heap
|
page read and write
|
||
|
1FB0D9B1000
|
heap
|
page read and write
|
||
|
1FB0D9BC000
|
heap
|
page read and write
|
||
|
7FFE13300000
|
unkown
|
page readonly
|
||
|
1FB0D8EE000
|
heap
|
page read and write
|
||
|
1CDED19B000
|
heap
|
page read and write
|
||
|
1CDED202000
|
heap
|
page read and write
|
||
|
1CDED15D000
|
heap
|
page read and write
|
||
|
1CDED227000
|
heap
|
page read and write
|
||
|
1E8C6C4B000
|
heap
|
page read and write
|
||
|
1CDED19F000
|
heap
|
page read and write
|
||
|
1CDED19F000
|
heap
|
page read and write
|
||
|
1FB0D96C000
|
heap
|
page read and write
|
||
|
1E8C6BE0000
|
heap
|
page read and write
|
||
|
C29BFF5000
|
stack
|
page read and write
|
||
|
1FB0D918000
|
heap
|
page read and write
|
||
|
7FFE13347000
|
unkown
|
page read and write
|
||
|
1CDED202000
|
heap
|
page read and write
|
||
|
1FB0D991000
|
heap
|
page read and write
|
||
|
1CDED1DB000
|
heap
|
page read and write
|
||
|
1FB0D9BA000
|
heap
|
page read and write
|
||
|
5D2DE7C000
|
stack
|
page read and write
|
||
|
1E8C87F0000
|
trusted library allocation
|
page read and write
|
||
|
1F68EFC000
|
stack
|
page read and write
|
||
|
1FB0D96C000
|
heap
|
page read and write
|
||
|
1CDED202000
|
heap
|
page read and write
|
||
|
1FB0D96C000
|
heap
|
page read and write
|
||
|
1CDED1DB000
|
heap
|
page read and write
|
||
|
1CDED22A000
|
heap
|
page read and write
|
||
|
1FB0D9B0000
|
heap
|
page read and write
|
||
|
1FB0D8D8000
|
heap
|
page read and write
|
||
|
1DFACDE0000
|
heap
|
page read and write
|
||
|
1E8C87B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFE13347000
|
unkown
|
page read and write
|
||
|
1CDED315000
|
heap
|
page read and write
|
||
|
1FB0D96C000
|
heap
|
page read and write
|
||
|
1FB0F230000
|
trusted library allocation
|
page read and write
|
||
|
1CDED310000
|
heap
|
page read and write
|
||
|
1CDED166000
|
heap
|
page read and write
|
||
|
1FB0D994000
|
heap
|
page read and write
|
||
|
1E8C8788000
|
trusted library allocation
|
page read and write
|
||
|
1FB0D96C000
|
heap
|
page read and write
|
||
|
1FB0D9BC000
|
heap
|
page read and write
|
||
|
1E8C6C8B000
|
heap
|
page read and write
|
||
|
1FB0D750000
|
heap
|
page read and write
|
||
|
1CDEEBE0000
|
remote allocation
|
page read and write
|
||
|
7FFE13300000
|
unkown
|
page readonly
|
||
|
1FB0D995000
|
heap
|
page read and write
|
||
|
1E8C8740000
|
trusted library allocation
|
page readonly
|
||
|
1CDED1DB000
|
heap
|
page read and write
|
||
|
1E8C6DC0000
|
heap
|
page read and write
|
||
|
C29C27F000
|
stack
|
page read and write
|
||
|
1E8C8741000
|
trusted library allocation
|
page execute read
|
||
|
1E8C6C85000
|
heap
|
page read and write
|
||
|
1FB0D8F4000
|
heap
|
page read and write
|
||
|
1CDED1D4000
|
heap
|
page read and write
|
||
|
1FB0D96C000
|
heap
|
page read and write
|
||
|
1F690FF000
|
stack
|
page read and write
|
||
|
7FFE13300000
|
unkown
|
page readonly
|
||
|
1E8C6CD6000
|
heap
|
page read and write
|
||
|
1CDED226000
|
heap
|
page read and write
|
||
|
1E8C6CB6000
|
heap
|
page read and write
|
||
|
1CDED120000
|
heap
|
page readonly
|
||
|
1FB0D991000
|
heap
|
page read and write
|
||
|
1CDED130000
|
trusted library allocation
|
page read and write
|
||
|
1E8C6BEF000
|
heap
|
page read and write
|
||
|
1DFACB50000
|
heap
|
page read and write
|
||
|
1FB0D994000
|
heap
|
page read and write
|
||
|
1CDED21D000
|
heap
|
page read and write
|
||
|
1E8C6CB6000
|
heap
|
page read and write
|
||
|
7FFE13301000
|
unkown
|
page execute read
|
||
|
1DFACED0000
|
heap
|
page read and write
|
||
|
1E8C6C04000
|
heap
|
page read and write
|
||
|
1CDED19F000
|
heap
|
page read and write
|
||
|
1E8C6C8B000
|
heap
|
page read and write
|
||
|
1CDED198000
|
heap
|
page read and write
|
||
|
1E8C6C3D000
|
heap
|
page read and write
|
||
|
1FB0DBA0000
|
heap
|
page read and write
|
||
|
1E8C8795000
|
trusted library allocation
|
page readonly
|
||
|
1FB0F6F0000
|
heap
|
page read and write
|
||
|
1CDECFA0000
|
heap
|
page read and write
|
||
|
1E8C8782000
|
trusted library allocation
|
page read and write
|
||
|
1E8C6C85000
|
heap
|
page read and write
|
||
|
1FB0D9B7000
|
heap
|
page read and write
|
||
|
1FB0D994000
|
heap
|
page read and write
|
||
|
1E8C6C8B000
|
heap
|
page read and write
|
||
|
1CDED207000
|
heap
|
page read and write
|
||
|
1E8C8B90000
|
heap
|
page read and write
|
||
|
1E8C8773000
|
trusted library allocation
|
page read and write
|
||
|
1E8C6C39000
|
heap
|
page read and write
|
||
|
1FB0D963000
|
heap
|
page read and write
|
||
|
58A57D000
|
stack
|
page read and write
|
||
|
1E8C6CB6000
|
heap
|
page read and write
|
||
|
1FB0D991000
|
heap
|
page read and write
|
||
|
1E8C8B80000
|
heap
|
page read and write
|
||
|
7FFE13301000
|
unkown
|
page execute read
|
||
|
1FB0D9B0000
|
heap
|
page read and write
|
||
|
1FB0D9A8000
|
heap
|
page read and write
|
||
|
1CDED1D4000
|
heap
|
page read and write
|
||
|
1CDED226000
|
heap
|
page read and write
|
||
|
1FB0D991000
|
heap
|
page read and write
|
||
|
1FB0D96C000
|
heap
|
page read and write
|
||
|
1E8C8792000
|
trusted library allocation
|
page read and write
|
||
|
1FB0D9BA000
|
heap
|
page read and write
|
||
|
7FFE13342000
|
unkown
|
page readonly
|
||
|
1FB0F6E0000
|
remote allocation
|
page read and write
|
||
|
C29C156000
|
stack
|
page read and write
|
||
|
1CDED166000
|
heap
|
page read and write
|
||
|
5D2E27F000
|
stack
|
page read and write
|
||
|
1CDEEBE0000
|
remote allocation
|
page read and write
|
||
|
1E8C6CB6000
|
heap
|
page read and write
|
||
|
58A5FF000
|
stack
|
page read and write
|
||
|
1CDED207000
|
heap
|
page read and write
|
||
|
1CDED080000
|
heap
|
page read and write
|
||
|
1E8C6CD6000
|
heap
|
page read and write
|
There are 284 hidden memdumps, click here to show them.