Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SWIFT.exe
|
"C:\Users\user\Desktop\SWIFT.exe"
|
 |
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
18D0000
|
direct allocation
|
page read and write
|
|
|
|
EF1000
|
unkown
|
page execute and read and write
|
|
|
|
13CE000
|
heap
|
page read and write
|
||
|
14F4000
|
heap
|
page read and write
|
||
|
192A000
|
heap
|
page read and write
|
||
|
13CE000
|
heap
|
page read and write
|
||
|
14B0000
|
direct allocation
|
page read and write
|
||
|
18CF000
|
stack
|
page read and write
|
||
|
13C9000
|
heap
|
page read and write
|
||
|
1940000
|
direct allocation
|
page execute and read and write
|
||
|
12FD000
|
stack
|
page read and write
|
||
|
14B0000
|
direct allocation
|
page read and write
|
||
|
137E000
|
stack
|
page read and write
|
||
|
1A6D000
|
direct allocation
|
page execute and read and write
|
||
|
13D4000
|
heap
|
page read and write
|
||
|
13C3000
|
heap
|
page read and write
|
||
|
13D4000
|
heap
|
page read and write
|
||
|
14F0000
|
heap
|
page read and write
|
||
|
13CE000
|
heap
|
page read and write
|
||
|
1A69000
|
direct allocation
|
page execute and read and write
|
||
|
15D0000
|
heap
|
page read and write
|
||
|
15D1000
|
heap
|
page read and write
|
||
|
13CE000
|
heap
|
page read and write
|
||
|
13CE000
|
heap
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
13BA000
|
heap
|
page read and write
|
||
|
13C9000
|
heap
|
page read and write
|
||
|
133E000
|
stack
|
page read and write
|
||
|
14B0000
|
direct allocation
|
page read and write
|
||
|
EF0000
|
unkown
|
page readonly
|
||
|
14B0000
|
direct allocation
|
page read and write
|
||
|
14B0000
|
direct allocation
|
page read and write
|
||
|
178C000
|
heap
|
page read and write
|
||
|
18B9000
|
heap
|
page read and write
|
||
|
13CE000
|
heap
|
page read and write
|
||
|
1C0D000
|
direct allocation
|
page execute and read and write
|
||
|
F7D000
|
stack
|
page read and write
|
||
|
13BE000
|
heap
|
page read and write
|
||
|
15DF000
|
heap
|
page read and write
|
||
|
13B0000
|
heap
|
page read and write
|
||
|
1C11000
|
direct allocation
|
page execute and read and write
|
||
|
1300000
|
direct allocation
|
page read and write
|
||
|
1DD0000
|
heap
|
page read and write
|
||
|
EF0000
|
unkown
|
page readonly
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
17CF000
|
stack
|
page read and write
|
||
|
14F4000
|
heap
|
page read and write
|
||
|
1C82000
|
direct allocation
|
page execute and read and write
|
||
|
EF1000
|
unkown
|
page execute read
|
||
|
14B0000
|
direct allocation
|
page read and write
|
||
|
18B5000
|
heap
|
page read and write
|
||
|
1ADE000
|
direct allocation
|
page execute and read and write
|
||
|
1702000
|
heap
|
page read and write
|
||
|
15D1000
|
heap
|
page read and write
|
||
|
13C3000
|
heap
|
page read and write
|
There are 45 hidden memdumps, click here to show them.