Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Orden de compra.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Orden de compra.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Orden de compra.exe
|
"C:\Users\user\Desktop\Orden de compra.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe"
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
64D1000
|
trusted library allocation
|
page read and write
|
|
|
|
76D0000
|
trusted library section
|
page read and write
|
|
|
|
3361000
|
trusted library allocation
|
page read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
EF0000
|
direct allocation
|
page read and write
|
|
|
|
1139000
|
direct allocation
|
page execute and read and write
|
||
|
581E000
|
stack
|
page read and write
|
||
|
1625000
|
trusted library allocation
|
page execute and read and write
|
||
|
FD44000
|
trusted library allocation
|
page read and write
|
||
|
FC9E000
|
trusted library allocation
|
page read and write
|
||
|
A210000
|
heap
|
page read and write
|
||
|
31F0000
|
heap
|
page execute and read and write
|
||
|
9E00000
|
trusted library allocation
|
page execute and read and write
|
||
|
348B000
|
trusted library allocation
|
page read and write
|
||
|
FCD7000
|
trusted library allocation
|
page read and write
|
||
|
18F0000
|
heap
|
page read and write
|
||
|
FC44000
|
trusted library allocation
|
page read and write
|
||
|
162B000
|
trusted library allocation
|
page execute and read and write
|
||
|
9E3A000
|
heap
|
page read and write
|
||
|
3472000
|
trusted library allocation
|
page read and write
|
||
|
3461000
|
trusted library allocation
|
page read and write
|
||
|
FD55000
|
trusted library allocation
|
page read and write
|
||
|
1082000
|
unkown
|
page execute read
|
||
|
A246000
|
heap
|
page read and write
|
||
|
9EF6000
|
heap
|
page read and write
|
||
|
5D3E000
|
stack
|
page read and write
|
||
|
3422000
|
trusted library allocation
|
page read and write
|
||
|
1452000
|
heap
|
page read and write
|
||
|
30FD000
|
stack
|
page read and write
|
||
|
FD46000
|
trusted library allocation
|
page read and write
|
||
|
1197000
|
stack
|
page read and write
|
||
|
A1FD000
|
stack
|
page read and write
|
||
|
487E000
|
trusted library allocation
|
page read and write
|
||
|
5C20000
|
trusted library allocation
|
page read and write
|
||
|
FC16000
|
trusted library allocation
|
page read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
141E000
|
heap
|
page read and write
|
||
|
9E4D000
|
heap
|
page read and write
|
||
|
E40000
|
unkown
|
page readonly
|
||
|
1358000
|
direct allocation
|
page execute and read and write
|
||
|
5B3F000
|
trusted library allocation
|
page read and write
|
||
|
5ED0000
|
trusted library allocation
|
page read and write
|
||
|
FC4C000
|
trusted library allocation
|
page read and write
|
||
|
FC92000
|
trusted library allocation
|
page read and write
|
||
|
5B10000
|
heap
|
page read and write
|
||
|
1027000
|
unkown
|
page execute read
|
||
|
FD29000
|
trusted library allocation
|
page read and write
|
||
|
FCCA000
|
trusted library allocation
|
page read and write
|
||
|
5A90000
|
trusted library section
|
page read and write
|
||
|
179E000
|
stack
|
page read and write
|
||
|
9E52000
|
heap
|
page read and write
|
||
|
18DB000
|
stack
|
page read and write
|
||
|
5B95000
|
heap
|
page read and write
|
||
|
BB7000
|
heap
|
page read and write
|
||
|
FD98000
|
trusted library allocation
|
page read and write
|
||
|
BA20000
|
heap
|
page read and write
|
||
|
A200000
|
heap
|
page read and write
|
||
|
5E7E000
|
stack
|
page read and write
|
||
|
FD3E000
|
trusted library allocation
|
page read and write
|
||
|
FC46000
|
trusted library allocation
|
page read and write
|
||
|
FD4F000
|
trusted library allocation
|
page read and write
|
||
|
319E000
|
trusted library allocation
|
page read and write
|
||
|
3150000
|
trusted library allocation
|
page read and write
|
||
|
FC94000
|
trusted library allocation
|
page read and write
|
||
|
5EC0000
|
heap
|
page read and write
|
||
|
FCB1000
|
trusted library allocation
|
page read and write
|
||
|
5ADE000
|
stack
|
page read and write
|
||
|
FCCE000
|
trusted library allocation
|
page read and write
|
||
|
FD81000
|
trusted library allocation
|
page read and write
|
||
|
12DD000
|
direct allocation
|
page execute and read and write
|
||
|
5960000
|
heap
|
page read and write
|
||
|
3439000
|
trusted library allocation
|
page read and write
|
||
|
A90000
|
heap
|
page read and write
|
||
|
1690000
|
heap
|
page read and write
|
||
|
4769000
|
trusted library allocation
|
page read and write
|
||
|
FD27000
|
trusted library allocation
|
page read and write
|
||
|
3165000
|
trusted library allocation
|
page read and write
|
||
|
5B30000
|
trusted library allocation
|
page read and write
|
||
|
FCE3000
|
trusted library allocation
|
page read and write
|
||
|
FD23000
|
trusted library allocation
|
page read and write
|
||
|
113D000
|
direct allocation
|
page execute and read and write
|
||
|
FD63000
|
trusted library allocation
|
page read and write
|
||
|
313C000
|
stack
|
page read and write
|
||
|
5EBD000
|
stack
|
page read and write
|
||
|
FD78000
|
trusted library allocation
|
page read and write
|
||
|
FD31000
|
trusted library allocation
|
page read and write
|
||
|
15F5000
|
heap
|
page read and write
|
||
|
5B60000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B20000
|
trusted library allocation
|
page read and write
|
||
|
FD7F000
|
trusted library allocation
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
5B70000
|
trusted library allocation
|
page execute and read and write
|
||
|
A60000
|
heap
|
page read and write
|
||
|
3445000
|
trusted library allocation
|
page read and write
|
||
|
104F000
|
unkown
|
page execute read
|
||
|
BB20000
|
heap
|
page read and write
|
||
|
FCB3000
|
trusted library allocation
|
page read and write
|
||
|
3160000
|
trusted library allocation
|
page read and write
|
||
|
FC4E000
|
trusted library allocation
|
page read and write
|
||
|
15E0000
|
trusted library allocation
|
page read and write
|
||
|
12C1000
|
direct allocation
|
page execute and read and write
|
||
|
3180000
|
trusted library allocation
|
page read and write
|
||
|
FC35000
|
trusted library allocation
|
page read and write
|
||
|
FC23000
|
trusted library allocation
|
page read and write
|
||
|
FD5D000
|
trusted library allocation
|
page read and write
|
||
|
5F00000
|
trusted library allocation
|
page execute and read and write
|
||
|
3483000
|
trusted library allocation
|
page read and write
|
||
|
3231000
|
trusted library allocation
|
page read and write
|
||
|
FD0E000
|
trusted library allocation
|
page read and write
|
||
|
FC37000
|
trusted library allocation
|
page read and write
|
||
|
5B90000
|
heap
|
page read and write
|
||
|
347E000
|
trusted library allocation
|
page read and write
|
||
|
12D6000
|
direct allocation
|
page execute and read and write
|
||
|
335F000
|
stack
|
page read and write
|
||
|
FC7F000
|
trusted library allocation
|
page read and write
|
||
|
FC79000
|
trusted library allocation
|
page read and write
|
||
|
1038000
|
unkown
|
page execute read
|
||
|
B46C000
|
heap
|
page read and write
|
||
|
161A000
|
trusted library allocation
|
page execute and read and write
|
||
|
30A0000
|
trusted library section
|
page read and write
|
||
|
9CED000
|
stack
|
page read and write
|
||
|
9BED000
|
stack
|
page read and write
|
||
|
D5A000
|
stack
|
page read and write
|
||
|
545C000
|
stack
|
page read and write
|
||
|
FD25000
|
trusted library allocation
|
page read and write
|
||
|
3220000
|
trusted library allocation
|
page read and write
|
||
|
5A80000
|
trusted library allocation
|
page read and write
|
||
|
FD42000
|
trusted library allocation
|
page read and write
|
||
|
EEE000
|
stack
|
page read and write
|
||
|
A235000
|
heap
|
page read and write
|
||
|
15E3000
|
trusted library allocation
|
page execute and read and write
|
||
|
3478000
|
trusted library allocation
|
page read and write
|
||
|
FD76000
|
trusted library allocation
|
page read and write
|
||
|
1056000
|
unkown
|
page execute read
|
||
|
A21F000
|
heap
|
page read and write
|
||
|
3456000
|
trusted library allocation
|
page read and write
|
||
|
FC33000
|
trusted library allocation
|
page read and write
|
||
|
FC7B000
|
trusted library allocation
|
page read and write
|
||
|
5C10000
|
heap
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
11AE000
|
direct allocation
|
page execute and read and write
|
||
|
3184000
|
trusted library allocation
|
page read and write
|
||
|
FCB9000
|
trusted library allocation
|
page read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
5B00000
|
trusted library allocation
|
page execute and read and write
|
||
|
FC7D000
|
trusted library allocation
|
page read and write
|
||
|
1010000
|
direct allocation
|
page execute and read and write
|
||
|
1032000
|
unkown
|
page execute read
|
||
|
FD0C000
|
trusted library allocation
|
page read and write
|
||
|
1049000
|
unkown
|
page execute read
|
||
|
31C0000
|
trusted library allocation
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
1060000
|
unkown
|
page execute read
|
||
|
FC83000
|
trusted library allocation
|
page read and write
|
||
|
FD7A000
|
trusted library allocation
|
page read and write
|
||
|
FCD2000
|
trusted library allocation
|
page read and write
|
||
|
F7BD000
|
stack
|
page read and write
|
||
|
1445000
|
heap
|
page read and write
|
||
|
B466000
|
heap
|
page read and write
|
||
|
FD7D000
|
trusted library allocation
|
page read and write
|
||
|
3433000
|
trusted library allocation
|
page read and write
|
||
|
6FD000
|
stack
|
page read and write
|
||
|
5BF0000
|
heap
|
page read and write
|
||
|
31D0000
|
trusted library allocation
|
page read and write
|
||
|
FD0A000
|
trusted library allocation
|
page read and write
|
||
|
1043000
|
unkown
|
page execute read
|
||
|
5A83000
|
trusted library allocation
|
page read and write
|
||
|
FCA0000
|
trusted library allocation
|
page read and write
|
||
|
FCB5000
|
trusted library allocation
|
page read and write
|
||
|
345B000
|
trusted library allocation
|
page read and write
|
||
|
3170000
|
heap
|
page read and write
|
||
|
FC4A000
|
trusted library allocation
|
page read and write
|
||
|
5A70000
|
trusted library allocation
|
page read and write
|
||
|
FC81000
|
trusted library allocation
|
page read and write
|
||
|
FD15000
|
trusted library allocation
|
page read and write
|
||
|
FCEB000
|
trusted library allocation
|
page read and write
|
||
|
15F0000
|
heap
|
page read and write
|
||
|
1077000
|
unkown
|
page execute read
|
||
|
FC39000
|
trusted library allocation
|
page read and write
|
||
|
B3F4000
|
heap
|
page read and write
|
||
|
9EE4000
|
heap
|
page read and write
|
||
|
FC96000
|
trusted library allocation
|
page read and write
|
||
|
76CE000
|
stack
|
page read and write
|
||
|
7FD000
|
stack
|
page read and write
|
||
|
1616000
|
trusted library allocation
|
page execute and read and write
|
||
|
5BDB000
|
stack
|
page read and write
|
||
|
1610000
|
trusted library allocation
|
page read and write
|
||
|
103E000
|
unkown
|
page execute read
|
||
|
1627000
|
trusted library allocation
|
page execute and read and write
|
||
|
FD9A000
|
trusted library allocation
|
page read and write
|
||
|
5963000
|
heap
|
page read and write
|
||
|
FD1B000
|
trusted library allocation
|
page read and write
|
||
|
9E57000
|
heap
|
page read and write
|
||
|
1071000
|
unkown
|
page execute read
|
||
|
B435000
|
heap
|
page read and write
|
||
|
FCE9000
|
trusted library allocation
|
page read and write
|
||
|
FCE7000
|
trusted library allocation
|
page read and write
|
||
|
4369000
|
trusted library allocation
|
page read and write
|
||
|
FD59000
|
trusted library allocation
|
page read and write
|
||
|
FCB7000
|
trusted library allocation
|
page read and write
|
||
|
FCE5000
|
trusted library allocation
|
page read and write
|
||
|
B380000
|
heap
|
page read and write
|
||
|
11A0000
|
heap
|
page read and write
|
||
|
4B29000
|
trusted library allocation
|
page read and write
|
||
|
F7C1000
|
trusted library allocation
|
page read and write
|
||
|
FCD5000
|
trusted library allocation
|
page read and write
|
||
|
D1A2000
|
trusted library allocation
|
page read and write
|
||
|
FC1A000
|
trusted library allocation
|
page read and write
|
||
|
E42000
|
unkown
|
page execute read
|
||
|
FCC0000
|
trusted library allocation
|
page read and write
|
||
|
BDAE000
|
stack
|
page read and write
|
||
|
FD57000
|
trusted library allocation
|
page read and write
|
||
|
FCAF000
|
trusted library allocation
|
page read and write
|
||
|
346D000
|
trusted library allocation
|
page read and write
|
||
|
FCD0000
|
trusted library allocation
|
page read and write
|
||
|
FC14000
|
trusted library allocation
|
page read and write
|
||
|
31F3000
|
heap
|
page execute and read and write
|
||
|
3428000
|
trusted library allocation
|
page read and write
|
||
|
9E88000
|
heap
|
page read and write
|
||
|
FD2B000
|
trusted library allocation
|
page read and write
|
||
|
FD3C000
|
trusted library allocation
|
page read and write
|
||
|
5EE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
FD66000
|
trusted library allocation
|
page read and write
|
||
|
5C00000
|
heap
|
page read and write
|
||
|
18E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5BE0000
|
trusted library section
|
page readonly
|
||
|
FC77000
|
trusted library allocation
|
page read and write
|
||
|
BA10000
|
trusted library allocation
|
page execute and read and write
|
||
|
FD10000
|
trusted library allocation
|
page read and write
|
||
|
344A000
|
trusted library allocation
|
page read and write
|
||
|
145F000
|
stack
|
page read and write
|
||
|
1620000
|
trusted library allocation
|
page read and write
|
||
|
BF9E000
|
stack
|
page read and write
|
||
|
FCE1000
|
trusted library allocation
|
page read and write
|
||
|
15E4000
|
trusted library allocation
|
page read and write
|
||
|
101B000
|
unkown
|
page execute read
|
||
|
591E000
|
stack
|
page read and write
|
||
|
317D000
|
heap
|
page read and write
|
||
|
1410000
|
heap
|
page read and write
|
||
|
1622000
|
trusted library allocation
|
page read and write
|
||
|
1640000
|
trusted library allocation
|
page read and write
|
||
|
FD2F000
|
trusted library allocation
|
page read and write
|
||
|
1437000
|
heap
|
page read and write
|
||
|
15ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
E0D000
|
stack
|
page read and write
|
||
|
FD2D000
|
trusted library allocation
|
page read and write
|
||
|
5B50000
|
heap
|
page execute and read and write
|
||
|
105A000
|
unkown
|
page execute read
|
||
|
5A50000
|
trusted library section
|
page read and write
|
||
|
FD48000
|
trusted library allocation
|
page read and write
|
||
|
3250000
|
heap
|
page execute and read and write
|
||
|
3467000
|
trusted library allocation
|
page read and write
|
||
|
5820000
|
trusted library allocation
|
page read and write
|
||
|
9EC3000
|
heap
|
page read and write
|
||
|
FCA3000
|
trusted library allocation
|
page read and write
|
||
|
1600000
|
trusted library allocation
|
page read and write
|
||
|
FC1F000
|
trusted library allocation
|
page read and write
|
||
|
BDEE000
|
stack
|
page read and write
|
||
|
1603000
|
trusted library allocation
|
page read and write
|
||
|
FD08000
|
trusted library allocation
|
page read and write
|
||
|
A222000
|
heap
|
page read and write
|
||
|
A00D000
|
stack
|
page read and write
|
||
|
FC2B000
|
trusted library allocation
|
page read and write
|
||
|
B582000
|
trusted library allocation
|
page read and write
|
||
|
D192000
|
trusted library allocation
|
page read and write
|
||
|
FCAD000
|
trusted library allocation
|
page read and write
|
||
|
FC98000
|
trusted library allocation
|
page read and write
|
||
|
D161000
|
trusted library allocation
|
page read and write
|
||
|
B3FB000
|
heap
|
page read and write
|
||
|
FD4A000
|
trusted library allocation
|
page read and write
|
||
|
FD5F000
|
trusted library allocation
|
page read and write
|
||
|
141A000
|
heap
|
page read and write
|
||
|
BE10000
|
trusted library allocation
|
page execute and read and write
|
||
|
14C5000
|
heap
|
page read and write
|
||
|
5E3E000
|
stack
|
page read and write
|
||
|
FC31000
|
trusted library allocation
|
page read and write
|
||
|
3450000
|
trusted library allocation
|
page read and write
|
||
|
5C30000
|
trusted library allocation
|
page read and write
|
||
|
9E3E000
|
heap
|
page read and write
|
||
|
1612000
|
trusted library allocation
|
page read and write
|
||
|
595E000
|
stack
|
page read and write
|
||
|
3140000
|
trusted library allocation
|
page read and write
|
||
|
FC1C000
|
trusted library allocation
|
page read and write
|
||
|
75CE000
|
stack
|
page read and write
|
||
|
FC2D000
|
trusted library allocation
|
page read and write
|
||
|
FD61000
|
trusted library allocation
|
page read and write
|
||
|
31A1000
|
trusted library allocation
|
page read and write
|
||
|
343F000
|
trusted library allocation
|
page read and write
|
||
|
FCC8000
|
trusted library allocation
|
page read and write
|
||
|
342E000
|
trusted library allocation
|
page read and write
|
||
|
FC71000
|
trusted library allocation
|
page read and write
|
||
|
B433000
|
heap
|
page read and write
|
||
|
31A6000
|
trusted library allocation
|
page read and write
|
||
|
EAF000
|
stack
|
page read and write
|
||
|
FCD9000
|
trusted library allocation
|
page read and write
|
||
|
107D000
|
unkown
|
page execute read
|
||
|
E20000
|
heap
|
page read and write
|
||
|
9E10000
|
heap
|
page read and write
|
||
|
A230000
|
heap
|
page read and write
|
||
|
FC85000
|
trusted library allocation
|
page read and write
|
||
|
9EE9000
|
heap
|
page read and write
|
||
|
18F8000
|
heap
|
page read and write
|
||
|
11C0000
|
trusted library allocation
|
page read and write
|
||
|
BAE000
|
stack
|
page read and write
|
||
|
1400000
|
trusted library allocation
|
page read and write
|
||
|
FC48000
|
trusted library allocation
|
page read and write
|
||
|
FC18000
|
trusted library allocation
|
page read and write
|
||
|
F6BD000
|
stack
|
page read and write
|
||
|
1066000
|
unkown
|
page execute read
|
||
|
47AA000
|
trusted library allocation
|
page read and write
|
||
|
4361000
|
trusted library allocation
|
page read and write
|
||
|
A21C000
|
heap
|
page read and write
|
||
|
1021000
|
unkown
|
page execute read
|
||
|
160D000
|
trusted library allocation
|
page execute and read and write
|
||
|
E42000
|
unkown
|
page execute read
|
||
|
31AD000
|
trusted library allocation
|
page read and write
|
||
|
49DC000
|
trusted library allocation
|
page read and write
|
||
|
FD12000
|
trusted library allocation
|
page read and write
|
||
|
168E000
|
stack
|
page read and write
|
||
|
A25A000
|
heap
|
page read and write
|
||
|
3210000
|
trusted library allocation
|
page read and write
|
||
|
9CF0000
|
heap
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
FD5B000
|
trusted library allocation
|
page read and write
|
There are 314 hidden memdumps, click here to show them.