Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\z64BLPL.exe
|
"C:\Users\user\Desktop\z64BLPL.exe"
|
 |
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://aborters.duckdns.org:8081
|
unknown
|
|
|
|
http://anotherarmy.dns.army:8081
|
unknown
|
|
|
|
https://www.office.com/
|
unknown
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=%20%0D%0A%0D%0APC%20Name:494126%0D%0ADate%20and%20Time:%2029/09/2024%20/%2005:52:51%0D%0ACountry%20Name:%20United%20States%0D%0A%5B%20494126%20Clicked%20on%20the%20File%20If%20you%20see%20nothing%20this's%20mean%20the%20system%20storage's%20empty.%20%5D
|
149.154.167.220
|
||
|
https://api.telegram.org
|
unknown
|
||
|
https://api.telegram.org/bot
|
unknown
|
||
|
https://www.office.com/lB
|
unknown
|
||
|
http://checkip.dyndns.org
|
unknown
|
||
|
https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016
|
unknown
|
||
|
https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.33
|
188.114.97.3
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=
|
unknown
|
||
|
https://chrome.google.com/webstore?hl=en
|
unknown
|
||
|
http://varders.kozow.com:8081
|
unknown
|
||
|
http://checkip.dyndns.org/
|
193.122.6.168
|
||
|
http://51.38.247.67:8081/_send_.php?L
|
unknown
|
||
|
https://api.telegram.org/bot/sendMessage?chat_id=&text=%20%0D%0A%0D%0APC%20Name:494126%0D%0ADate%20a
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.33$
|
unknown
|
||
|
https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17Install
|
unknown
|
||
|
http://checkip.dyndns.org/q
|
unknown
|
||
|
https://chrome.google.com/webstore?hl=enlB
|
unknown
|
||
|
https://reallyfreegeoip.org
|
unknown
|
||
|
https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016Examples
|
unknown
|
||
|
http://mail.electradubai.com
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://51.38.247.67:8081/_send_.php?LCapplication/x-www-form-urlencoded
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/
|
unknown
|
There are 17 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
mail.electradubai.com
|
192.250.231.25
|
|
|
|
reallyfreegeoip.org
|
188.114.97.3
|
|
|
|
api.telegram.org
|
149.154.167.220
|
|
|
|
checkip.dyndns.org
|
unknown
|
|
|
|
checkip.dyndns.com
|
193.122.6.168
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
149.154.167.220
|
api.telegram.org
|
United Kingdom
|
|
|
|
188.114.97.3
|
reallyfreegeoip.org
|
European Union
|
|
|
|
192.250.231.25
|
mail.electradubai.com
|
United States
|
|
|
|
193.122.6.168
|
checkip.dyndns.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z64BLPL_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z64BLPL_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z64BLPL_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z64BLPL_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z64BLPL_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z64BLPL_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z64BLPL_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z64BLPL_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z64BLPL_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z64BLPL_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z64BLPL_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z64BLPL_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z64BLPL_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z64BLPL_RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2A11000
|
trusted library allocation
|
page read and write
|
|
|
|
2B1D000
|
trusted library allocation
|
page read and write
|
|
|
|
692000
|
unkown
|
page readonly
|
|
|
|
67B6000
|
trusted library allocation
|
page read and write
|
||
|
D20000
|
trusted library allocation
|
page read and write
|
||
|
D50000
|
trusted library allocation
|
page read and write
|
||
|
E60000
|
trusted library allocation
|
page read and write
|
||
|
3BA4000
|
trusted library allocation
|
page read and write
|
||
|
EA0000
|
heap
|
page read and write
|
||
|
CC0000
|
trusted library allocation
|
page read and write
|
||
|
3C01000
|
trusted library allocation
|
page read and write
|
||
|
67E5000
|
trusted library allocation
|
page read and write
|
||
|
2AC5000
|
trusted library allocation
|
page read and write
|
||
|
3D4E000
|
trusted library allocation
|
page read and write
|
||
|
3C9F000
|
trusted library allocation
|
page read and write
|
||
|
2AC9000
|
trusted library allocation
|
page read and write
|
||
|
3BF5000
|
trusted library allocation
|
page read and write
|
||
|
5570000
|
trusted library allocation
|
page read and write
|
||
|
D07000
|
trusted library allocation
|
page execute and read and write
|
||
|
6113000
|
heap
|
page read and write
|
||
|
D6A000
|
heap
|
page read and write
|
||
|
4B4D000
|
stack
|
page read and write
|
||
|
BE0000
|
trusted library allocation
|
page read and write
|
||
|
D6E000
|
heap
|
page read and write
|
||
|
3D06000
|
trusted library allocation
|
page read and write
|
||
|
2BC6000
|
trusted library allocation
|
page read and write
|
||
|
3AEF000
|
trusted library allocation
|
page read and write
|
||
|
2D59000
|
trusted library allocation
|
page read and write
|
||
|
AF7000
|
stack
|
page read and write
|
||
|
60BE000
|
stack
|
page read and write
|
||
|
3D72000
|
trusted library allocation
|
page read and write
|
||
|
2BC2000
|
trusted library allocation
|
page read and write
|
||
|
667E000
|
stack
|
page read and write
|
||
|
3BBC000
|
trusted library allocation
|
page read and write
|
||
|
6770000
|
trusted library allocation
|
page read and write
|
||
|
3A33000
|
trusted library allocation
|
page read and write
|
||
|
3B3D000
|
trusted library allocation
|
page read and write
|
||
|
2BAD000
|
trusted library allocation
|
page read and write
|
||
|
4EAE000
|
trusted library allocation
|
page read and write
|
||
|
3AF3000
|
trusted library allocation
|
page read and write
|
||
|
2AD1000
|
trusted library allocation
|
page read and write
|
||
|
2E3D000
|
trusted library allocation
|
page read and write
|
||
|
2A73000
|
trusted library allocation
|
page read and write
|
||
|
3AD0000
|
trusted library allocation
|
page read and write
|
||
|
3D49000
|
trusted library allocation
|
page read and write
|
||
|
3B64000
|
trusted library allocation
|
page read and write
|
||
|
66C0000
|
trusted library allocation
|
page read and write
|
||
|
E2B000
|
heap
|
page read and write
|
||
|
633E000
|
stack
|
page read and write
|
||
|
5584000
|
trusted library allocation
|
page read and write
|
||
|
2BC8000
|
trusted library allocation
|
page read and write
|
||
|
2C01000
|
trusted library allocation
|
page read and write
|
||
|
2D86000
|
trusted library allocation
|
page read and write
|
||
|
66A0000
|
trusted library allocation
|
page read and write
|
||
|
3CA3000
|
trusted library allocation
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
3B43000
|
trusted library allocation
|
page read and write
|
||
|
3D34000
|
trusted library allocation
|
page read and write
|
||
|
653E000
|
stack
|
page read and write
|
||
|
3CD1000
|
trusted library allocation
|
page read and write
|
||
|
28F0000
|
trusted library allocation
|
page read and write
|
||
|
637E000
|
stack
|
page read and write
|
||
|
5FBE000
|
stack
|
page read and write
|
||
|
C85000
|
heap
|
page read and write
|
||
|
2A87000
|
trusted library allocation
|
page read and write
|
||
|
668D000
|
trusted library allocation
|
page read and write
|
||
|
BD0000
|
trusted library allocation
|
page read and write
|
||
|
6760000
|
trusted library allocation
|
page execute and read and write
|
||
|
61FE000
|
stack
|
page read and write
|
||
|
66E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C72000
|
trusted library allocation
|
page read and write
|
||
|
2E0F000
|
trusted library allocation
|
page read and write
|
||
|
3CC3000
|
trusted library allocation
|
page read and write
|
||
|
3B45000
|
trusted library allocation
|
page read and write
|
||
|
3AE7000
|
trusted library allocation
|
page read and write
|
||
|
3B03000
|
trusted library allocation
|
page read and write
|
||
|
E1B000
|
heap
|
page read and write
|
||
|
67E0000
|
trusted library allocation
|
page read and write
|
||
|
2BCA000
|
trusted library allocation
|
page read and write
|
||
|
2EF6000
|
trusted library allocation
|
page read and write
|
||
|
3D7D000
|
trusted library allocation
|
page read and write
|
||
|
2C2D000
|
trusted library allocation
|
page read and write
|
||
|
2E99000
|
trusted library allocation
|
page read and write
|
||
|
CF6000
|
trusted library allocation
|
page execute and read and write
|
||
|
2AB9000
|
trusted library allocation
|
page read and write
|
||
|
5080000
|
trusted library allocation
|
page read and write
|
||
|
3ACE000
|
trusted library allocation
|
page read and write
|
||
|
2BD5000
|
trusted library allocation
|
page read and write
|
||
|
3BC5000
|
trusted library allocation
|
page read and write
|
||
|
2A83000
|
trusted library allocation
|
page read and write
|
||
|
3AFF000
|
trusted library allocation
|
page read and write
|
||
|
3C19000
|
trusted library allocation
|
page read and write
|
||
|
3A1B000
|
trusted library allocation
|
page read and write
|
||
|
CB0000
|
trusted library allocation
|
page read and write
|
||
|
3B2D000
|
trusted library allocation
|
page read and write
|
||
|
536F000
|
stack
|
page read and write
|
||
|
3A39000
|
trusted library allocation
|
page read and write
|
||
|
66D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2ACD000
|
trusted library allocation
|
page read and write
|
||
|
3AF5000
|
trusted library allocation
|
page read and write
|
||
|
DEB000
|
heap
|
page read and write
|
||
|
3C84000
|
trusted library allocation
|
page read and write
|
||
|
4EC5000
|
trusted library allocation
|
page read and write
|
||
|
CC3000
|
trusted library allocation
|
page execute and read and write
|
||
|
CC4000
|
trusted library allocation
|
page read and write
|
||
|
C00000
|
trusted library allocation
|
page read and write
|
||
|
2BA3000
|
trusted library allocation
|
page read and write
|
||
|
4E96000
|
trusted library allocation
|
page read and write
|
||
|
2D2C000
|
trusted library allocation
|
page read and write
|
||
|
3D6A000
|
trusted library allocation
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
D40000
|
trusted library allocation
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
2AC1000
|
trusted library allocation
|
page read and write
|
||
|
CF0000
|
trusted library allocation
|
page read and write
|
||
|
2BF7000
|
trusted library allocation
|
page read and write
|
||
|
4EA2000
|
trusted library allocation
|
page read and write
|
||
|
2CFC000
|
trusted library allocation
|
page read and write
|
||
|
67E2000
|
trusted library allocation
|
page read and write
|
||
|
DA2000
|
heap
|
page read and write
|
||
|
3DA8000
|
trusted library allocation
|
page read and write
|
||
|
3B5C000
|
trusted library allocation
|
page read and write
|
||
|
283E000
|
stack
|
page read and write
|
||
|
3C99000
|
trusted library allocation
|
page read and write
|
||
|
D05000
|
trusted library allocation
|
page execute and read and write
|
||
|
3AFB000
|
trusted library allocation
|
page read and write
|
||
|
3BC7000
|
trusted library allocation
|
page read and write
|
||
|
3CE1000
|
trusted library allocation
|
page read and write
|
||
|
4ED0000
|
heap
|
page read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
2BF9000
|
trusted library allocation
|
page read and write
|
||
|
657E000
|
stack
|
page read and write
|
||
|
67F0000
|
trusted library allocation
|
page read and write
|
||
|
3D92000
|
trusted library allocation
|
page read and write
|
||
|
3D64000
|
trusted library allocation
|
page read and write
|
||
|
4FD3000
|
heap
|
page read and write
|
||
|
2DB4000
|
trusted library allocation
|
page read and write
|
||
|
60C0000
|
heap
|
page read and write
|
||
|
5260000
|
heap
|
page execute and read and write
|
||
|
105E000
|
stack
|
page read and write
|
||
|
3CE3000
|
trusted library allocation
|
page read and write
|
||
|
2850000
|
trusted library allocation
|
page read and write
|
||
|
62FF000
|
stack
|
page read and write
|
||
|
2C5E000
|
trusted library allocation
|
page read and write
|
||
|
523D000
|
stack
|
page read and write
|
||
|
2A8B000
|
trusted library allocation
|
page read and write
|
||
|
3AE0000
|
trusted library allocation
|
page read and write
|
||
|
2BFB000
|
trusted library allocation
|
page read and write
|
||
|
3ACA000
|
trusted library allocation
|
page read and write
|
||
|
3B3F000
|
trusted library allocation
|
page read and write
|
||
|
546F000
|
unkown
|
page read and write
|
||
|
2900000
|
heap
|
page execute and read and write
|
||
|
D30000
|
trusted library allocation
|
page execute and read and write
|
||
|
3D8B000
|
trusted library allocation
|
page read and write
|
||
|
2AFA000
|
trusted library allocation
|
page read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
3D55000
|
trusted library allocation
|
page read and write
|
||
|
4EB6000
|
trusted library allocation
|
page read and write
|
||
|
6700000
|
trusted library allocation
|
page execute and read and write
|
||
|
66B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3D98000
|
trusted library allocation
|
page read and write
|
||
|
4EBD000
|
trusted library allocation
|
page read and write
|
||
|
64BE000
|
stack
|
page read and write
|
||
|
2DE1000
|
trusted library allocation
|
page read and write
|
||
|
3C8B000
|
trusted library allocation
|
page read and write
|
||
|
C7E000
|
stack
|
page read and write
|
||
|
2BD0000
|
trusted library allocation
|
page read and write
|
||
|
3C97000
|
trusted library allocation
|
page read and write
|
||
|
3B01000
|
trusted library allocation
|
page read and write
|
||
|
6B3E000
|
stack
|
page read and write
|
||
|
64FE000
|
stack
|
page read and write
|
||
|
2E6B000
|
trusted library allocation
|
page read and write
|
||
|
3CA5000
|
trusted library allocation
|
page read and write
|
||
|
BE7000
|
trusted library allocation
|
page read and write
|
||
|
6680000
|
trusted library allocation
|
page read and write
|
||
|
2BF3000
|
trusted library allocation
|
page read and write
|
||
|
3C74000
|
trusted library allocation
|
page read and write
|
||
|
6794000
|
trusted library allocation
|
page read and write
|
||
|
2EC7000
|
trusted library allocation
|
page read and write
|
||
|
D95000
|
heap
|
page read and write
|
||
|
2C06000
|
trusted library allocation
|
page read and write
|
||
|
2858000
|
trusted library allocation
|
page read and write
|
||
|
C30000
|
heap
|
page read and write
|
||
|
3C93000
|
trusted library allocation
|
page read and write
|
||
|
2A0E000
|
stack
|
page read and write
|
||
|
3A11000
|
trusted library allocation
|
page read and write
|
||
|
3D67000
|
trusted library allocation
|
page read and write
|
||
|
4A4C000
|
stack
|
page read and write
|
||
|
3CA7000
|
trusted library allocation
|
page read and write
|
||
|
CF2000
|
trusted library allocation
|
page read and write
|
||
|
3D04000
|
trusted library allocation
|
page read and write
|
||
|
4FD0000
|
heap
|
page read and write
|
||
|
558A000
|
trusted library allocation
|
page read and write
|
||
|
6690000
|
trusted library allocation
|
page execute and read and write
|
||
|
3B55000
|
trusted library allocation
|
page read and write
|
||
|
D0B000
|
trusted library allocation
|
page execute and read and write
|
||
|
E51000
|
heap
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
67A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3B1F000
|
trusted library allocation
|
page read and write
|
||
|
CCD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2ABD000
|
trusted library allocation
|
page read and write
|
||
|
CD0000
|
trusted library allocation
|
page read and write
|
||
|
CE0000
|
heap
|
page read and write
|
||
|
3DB6000
|
trusted library allocation
|
page read and write
|
||
|
6D6000
|
unkown
|
page readonly
|
||
|
2A6D000
|
trusted library allocation
|
page read and write
|
||
|
2AB5000
|
trusted library allocation
|
page read and write
|
||
|
2BAF000
|
trusted library allocation
|
page read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
690000
|
unkown
|
page readonly
|
||
|
2A79000
|
trusted library allocation
|
page read and write
|
||
|
6184000
|
heap
|
page read and write
|
||
|
6159000
|
heap
|
page read and write
|
||
|
683E000
|
stack
|
page read and write
|
||
|
4E9B000
|
trusted library allocation
|
page read and write
|
||
|
3CFB000
|
trusted library allocation
|
page read and write
|
||
|
4E90000
|
trusted library allocation
|
page read and write
|
||
|
E90000
|
heap
|
page read and write
|
||
|
2AF8000
|
trusted library allocation
|
page read and write
|
||
|
3DAF000
|
trusted library allocation
|
page read and write
|
||
|
4EB1000
|
trusted library allocation
|
page read and write
|
||
|
2A60000
|
trusted library allocation
|
page read and write
|
||
|
769000
|
stack
|
page read and write
|
||
|
D02000
|
trusted library allocation
|
page read and write
|
||
|
CFA000
|
trusted library allocation
|
page execute and read and write
|
||
|
BF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
CDD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2840000
|
heap
|
page read and write
|
||
|
4E9E000
|
trusted library allocation
|
page read and write
|
||
|
3C6E000
|
trusted library allocation
|
page read and write
|
||
|
63BE000
|
stack
|
page read and write
|
||
|
66F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3A7A000
|
trusted library allocation
|
page read and write
|
||
|
5586000
|
trusted library allocation
|
page read and write
|
||
|
4EC2000
|
trusted library allocation
|
page read and write
|
||
|
EFE000
|
stack
|
page read and write
|
||
|
2C8E000
|
trusted library allocation
|
page read and write
|
There are 228 hidden memdumps, click here to show them.