Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Ziraat Bankasi Swift Mesaji.exe
|
"C:\Users\user\Desktop\Ziraat Bankasi Swift Mesaji.exe"
|
 |
|
|
C:\Users\user\Desktop\Ziraat Bankasi Swift Mesaji.exe
|
"C:\Users\user\Desktop\Ziraat Bankasi Swift Mesaji.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://reallyfreegeoip.org
|
unknown
|
||
|
http://checkip.dyndns.org
|
unknown
|
||
|
http://checkip.dyndns.org/
|
193.122.130.0
|
||
|
http://checkip.dyndns.com
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.33
|
188.114.97.3
|
||
|
https://reallyfreegeoip.org/xml/8.46.123.33$
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://checkip.dyndns.orgh
|
unknown
|
||
|
http://checkip.dyndns.org/q
|
unknown
|
||
|
https://reallyfreegeoip.orgh
|
unknown
|
||
|
http://reallyfreegeoip.org
|
unknown
|
||
|
https://reallyfreegeoip.org/xml/
|
unknown
|
There are 2 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
reallyfreegeoip.org
|
188.114.97.3
|
|
|
|
checkip.dyndns.org
|
unknown
|
|
|
|
checkip.dyndns.com
|
193.122.130.0
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
188.114.97.3
|
reallyfreegeoip.org
|
European Union
|
|
|
|
193.122.130.0
|
checkip.dyndns.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Ziraat Bankasi Swift Mesaji_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Ziraat Bankasi Swift Mesaji_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Ziraat Bankasi Swift Mesaji_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Ziraat Bankasi Swift Mesaji_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Ziraat Bankasi Swift Mesaji_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Ziraat Bankasi Swift Mesaji_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Ziraat Bankasi Swift Mesaji_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Ziraat Bankasi Swift Mesaji_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Ziraat Bankasi Swift Mesaji_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Ziraat Bankasi Swift Mesaji_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Ziraat Bankasi Swift Mesaji_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Ziraat Bankasi Swift Mesaji_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Ziraat Bankasi Swift Mesaji_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Ziraat Bankasi Swift Mesaji_RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2C3B000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
3669000
|
trusted library allocation
|
page read and write
|
|
|
|
2A71000
|
trusted library allocation
|
page read and write
|
|
|
|
2CF0000
|
trusted library allocation
|
page read and write
|
||
|
2CC2000
|
trusted library allocation
|
page read and write
|
||
|
64CE000
|
stack
|
page read and write
|
||
|
2630000
|
trusted library allocation
|
page read and write
|
||
|
966000
|
heap
|
page read and write
|
||
|
4F90000
|
trusted library allocation
|
page read and write
|
||
|
2BF1000
|
trusted library allocation
|
page read and write
|
||
|
3A71000
|
trusted library allocation
|
page read and write
|
||
|
F4E000
|
stack
|
page read and write
|
||
|
28CF000
|
trusted library allocation
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
2600000
|
trusted library allocation
|
page read and write
|
||
|
BC5000
|
heap
|
page read and write
|
||
|
FC0000
|
trusted library allocation
|
page read and write
|
||
|
C48000
|
heap
|
page read and write
|
||
|
25AB000
|
trusted library allocation
|
page read and write
|
||
|
BBD000
|
trusted library allocation
|
page execute and read and write
|
||
|
4ECA000
|
trusted library allocation
|
page read and write
|
||
|
66C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
610E000
|
stack
|
page read and write
|
||
|
4B24000
|
trusted library allocation
|
page read and write
|
||
|
820000
|
trusted library allocation
|
page read and write
|
||
|
6AF0000
|
heap
|
page read and write
|
||
|
6770000
|
heap
|
page read and write
|
||
|
3AD8000
|
trusted library allocation
|
page read and write
|
||
|
4ED6000
|
trusted library allocation
|
page read and write
|
||
|
2605000
|
trusted library allocation
|
page read and write
|
||
|
800000
|
trusted library allocation
|
page read and write
|
||
|
4C79000
|
trusted library allocation
|
page read and write
|
||
|
638E000
|
stack
|
page read and write
|
||
|
2D9000
|
stack
|
page read and write
|
||
|
4F69000
|
heap
|
page read and write
|
||
|
25A0000
|
trusted library allocation
|
page read and write
|
||
|
98D000
|
heap
|
page read and write
|
||
|
2590000
|
trusted library allocation
|
page read and write
|
||
|
2BB1000
|
trusted library allocation
|
page read and write
|
||
|
CE7000
|
heap
|
page read and write
|
||
|
2661000
|
trusted library allocation
|
page read and write
|
||
|
6690000
|
trusted library allocation
|
page execute and read and write
|
||
|
CE0000
|
heap
|
page read and write
|
||
|
5A24000
|
heap
|
page read and write
|
||
|
2BC5000
|
trusted library allocation
|
page read and write
|
||
|
BDA000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B6D000
|
trusted library allocation
|
page read and write
|
||
|
3661000
|
trusted library allocation
|
page read and write
|
||
|
959000
|
heap
|
page read and write
|
||
|
2CA4000
|
trusted library allocation
|
page read and write
|
||
|
25E4000
|
trusted library allocation
|
page read and write
|
||
|
88E0000
|
trusted library allocation
|
page read and write
|
||
|
6210000
|
heap
|
page read and write
|
||
|
24A000
|
unkown
|
page readonly
|
||
|
814000
|
trusted library allocation
|
page read and write
|
||
|
4FA0000
|
heap
|
page read and write
|
||
|
2B79000
|
trusted library allocation
|
page read and write
|
||
|
3B09000
|
trusted library allocation
|
page read and write
|
||
|
5090000
|
trusted library section
|
page readonly
|
||
|
BCE000
|
stack
|
page read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
F0E000
|
stack
|
page read and write
|
||
|
2B75000
|
trusted library allocation
|
page read and write
|
||
|
4F20000
|
heap
|
page execute and read and write
|
||
|
668F000
|
stack
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
847000
|
trusted library allocation
|
page execute and read and write
|
||
|
654E000
|
stack
|
page read and write
|
||
|
4B6D000
|
stack
|
page read and write
|
||
|
2C1B000
|
trusted library allocation
|
page read and write
|
||
|
2BC1000
|
trusted library allocation
|
page read and write
|
||
|
1C0000
|
unkown
|
page readonly
|
||
|
4ECE000
|
trusted library allocation
|
page read and write
|
||
|
CC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
F90000
|
heap
|
page execute and read and write
|
||
|
11C0000
|
heap
|
page read and write
|
||
|
5210000
|
trusted library allocation
|
page read and write
|
||
|
860000
|
trusted library allocation
|
page read and write
|
||
|
5200000
|
trusted library allocation
|
page execute and read and write
|
||
|
66A3000
|
trusted library allocation
|
page read and write
|
||
|
4EB0000
|
trusted library allocation
|
page read and write
|
||
|
2CBD000
|
trusted library allocation
|
page read and write
|
||
|
4EB6000
|
trusted library allocation
|
page read and write
|
||
|
2CC6000
|
trusted library allocation
|
page read and write
|
||
|
5556000
|
trusted library allocation
|
page read and write
|
||
|
66AA000
|
trusted library allocation
|
page read and write
|
||
|
2B4E000
|
trusted library allocation
|
page read and write
|
||
|
25FF000
|
trusted library allocation
|
page read and write
|
||
|
5550000
|
trusted library allocation
|
page read and write
|
||
|
BA0000
|
trusted library allocation
|
page read and write
|
||
|
84B000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B36000
|
trusted library allocation
|
page read and write
|
||
|
4C76000
|
trusted library allocation
|
page read and write
|
||
|
538E000
|
stack
|
page read and write
|
||
|
BEB000
|
trusted library allocation
|
page execute and read and write
|
||
|
66A0000
|
trusted library allocation
|
page read and write
|
||
|
810000
|
trusted library allocation
|
page read and write
|
||
|
813000
|
trusted library allocation
|
page execute and read and write
|
||
|
4C5E000
|
stack
|
page read and write
|
||
|
BAD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BB5000
|
trusted library allocation
|
page read and write
|
||
|
4B10000
|
trusted library allocation
|
page read and write
|
||
|
4D30000
|
heap
|
page execute and read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
3AFD000
|
trusted library allocation
|
page read and write
|
||
|
11A0000
|
trusted library allocation
|
page read and write
|
||
|
4F40000
|
heap
|
page read and write
|
||
|
2610000
|
trusted library allocation
|
page read and write
|
||
|
59F0000
|
heap
|
page read and write
|
||
|
2BBD000
|
trusted library allocation
|
page read and write
|
||
|
3D7000
|
stack
|
page read and write
|
||
|
4C90000
|
trusted library section
|
page read and write
|
||
|
CD0000
|
trusted library allocation
|
page read and write
|
||
|
25C1000
|
trusted library allocation
|
page read and write
|
||
|
4EBE000
|
trusted library allocation
|
page read and write
|
||
|
1C2000
|
unkown
|
page readonly
|
||
|
89E000
|
heap
|
page read and write
|
||
|
25BE000
|
trusted library allocation
|
page read and write
|
||
|
4F80000
|
trusted library allocation
|
page execute and read and write
|
||
|
6AFE000
|
heap
|
page read and write
|
||
|
5558000
|
trusted library allocation
|
page read and write
|
||
|
AF7000
|
stack
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
83A000
|
trusted library allocation
|
page execute and read and write
|
||
|
475E000
|
stack
|
page read and write
|
||
|
2BAD000
|
trusted library allocation
|
page read and write
|
||
|
2B71000
|
trusted library allocation
|
page read and write
|
||
|
FA0000
|
trusted library allocation
|
page read and write
|
||
|
7C5000
|
heap
|
page read and write
|
||
|
4F75000
|
heap
|
page read and write
|
||
|
BB0000
|
trusted library allocation
|
page read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
4FA3000
|
heap
|
page read and write
|
||
|
4F6E000
|
stack
|
page read and write
|
||
|
B3E000
|
stack
|
page read and write
|
||
|
901000
|
heap
|
page read and write
|
||
|
BA3000
|
trusted library allocation
|
page execute and read and write
|
||
|
29D5000
|
trusted library allocation
|
page read and write
|
||
|
BE7000
|
trusted library allocation
|
page execute and read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
29DB000
|
trusted library allocation
|
page read and write
|
||
|
2BFF000
|
trusted library allocation
|
page read and write
|
||
|
6790000
|
trusted library allocation
|
page execute and read and write
|
||
|
BD2000
|
trusted library allocation
|
page read and write
|
||
|
2CF6000
|
trusted library allocation
|
page read and write
|
||
|
4E30000
|
trusted library allocation
|
page read and write
|
||
|
50B0000
|
heap
|
page read and write
|
||
|
25C6000
|
trusted library allocation
|
page read and write
|
||
|
4F70000
|
trusted library allocation
|
page read and write
|
||
|
BE5000
|
trusted library allocation
|
page execute and read and write
|
||
|
C6A000
|
heap
|
page read and write
|
||
|
2D35000
|
trusted library allocation
|
page read and write
|
||
|
2C9F000
|
trusted library allocation
|
page read and write
|
||
|
2B34000
|
trusted library allocation
|
page read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
BD0000
|
trusted library allocation
|
page read and write
|
||
|
4F9E000
|
trusted library allocation
|
page read and write
|
||
|
2C2D000
|
trusted library allocation
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
81D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B16000
|
trusted library allocation
|
page read and write
|
||
|
971000
|
heap
|
page read and write
|
||
|
4D20000
|
trusted library allocation
|
page read and write
|
||
|
2C1F000
|
trusted library allocation
|
page read and write
|
||
|
2B64000
|
trusted library allocation
|
page read and write
|
||
|
650E000
|
stack
|
page read and write
|
||
|
2CAA000
|
trusted library allocation
|
page read and write
|
||
|
BD6000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FA7000
|
heap
|
page read and write
|
||
|
842000
|
trusted library allocation
|
page read and write
|
||
|
4C73000
|
trusted library allocation
|
page read and write
|
||
|
4C70000
|
trusted library allocation
|
page read and write
|
||
|
4D00000
|
trusted library allocation
|
page execute and read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
59E0000
|
heap
|
page read and write
|
||
|
4ED1000
|
trusted library allocation
|
page read and write
|
||
|
C40000
|
heap
|
page read and write
|
||
|
4C10000
|
heap
|
page read and write
|
||
|
4BE0000
|
trusted library allocation
|
page read and write
|
||
|
BE2000
|
trusted library allocation
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
4CF0000
|
trusted library section
|
page read and write
|
||
|
634E000
|
stack
|
page read and write
|
||
|
29D9000
|
trusted library allocation
|
page read and write
|
||
|
2BB9000
|
trusted library allocation
|
page read and write
|
||
|
D06000
|
heap
|
page read and write
|
||
|
FD0000
|
trusted library allocation
|
page read and write
|
||
|
2633000
|
trusted library allocation
|
page read and write
|
||
|
508B000
|
stack
|
page read and write
|
||
|
6740000
|
trusted library allocation
|
page read and write
|
||
|
4EBB000
|
trusted library allocation
|
page read and write
|
||
|
82D000
|
trusted library allocation
|
page execute and read and write
|
||
|
25CD000
|
trusted library allocation
|
page read and write
|
||
|
823000
|
trusted library allocation
|
page read and write
|
||
|
8BB000
|
heap
|
page read and write
|
||
|
4F3F000
|
stack
|
page read and write
|
||
|
4EE2000
|
trusted library allocation
|
page read and write
|
||
|
263E000
|
trusted library allocation
|
page read and write
|
||
|
63CE000
|
stack
|
page read and write
|
||
|
658E000
|
stack
|
page read and write
|
||
|
C30000
|
trusted library allocation
|
page execute and read and write
|
||
|
66B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
50A0000
|
heap
|
page read and write
|
||
|
830000
|
trusted library allocation
|
page read and write
|
||
|
2BE4000
|
trusted library allocation
|
page read and write
|
||
|
95D000
|
heap
|
page read and write
|
||
|
66AF000
|
trusted library allocation
|
page read and write
|
||
|
2639000
|
trusted library allocation
|
page read and write
|
||
|
555B000
|
trusted library allocation
|
page read and write
|
||
|
3A99000
|
trusted library allocation
|
page read and write
|
||
|
2B27000
|
trusted library allocation
|
page read and write
|
||
|
5050000
|
heap
|
page read and write
|
||
|
F8D000
|
stack
|
page read and write
|
||
|
59E5000
|
heap
|
page read and write
|
||
|
2CE9000
|
trusted library allocation
|
page read and write
|
||
|
BA4000
|
trusted library allocation
|
page read and write
|
||
|
2A6E000
|
stack
|
page read and write
|
||
|
836000
|
trusted library allocation
|
page execute and read and write
|
||
|
CBE000
|
stack
|
page read and write
|
||
|
620F000
|
stack
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
8B8000
|
heap
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
4B22000
|
trusted library allocation
|
page read and write
|
||
|
25E0000
|
trusted library allocation
|
page read and write
|
||
|
8D5000
|
heap
|
page read and write
|
||
|
4C83000
|
heap
|
page read and write
|
||
|
29D7000
|
trusted library allocation
|
page read and write
|
||
|
58ED000
|
stack
|
page read and write
|
||
|
258E000
|
stack
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
2BD6000
|
trusted library allocation
|
page read and write
|
||
|
4EDD000
|
trusted library allocation
|
page read and write
|
||
|
898000
|
heap
|
page read and write
|
||
|
2B1E000
|
trusted library allocation
|
page read and write
|
||
|
C77000
|
heap
|
page read and write
|
||
|
6BC0000
|
heap
|
page read and write
|
||
|
25F0000
|
trusted library allocation
|
page read and write
|
||
|
8C5000
|
heap
|
page read and write
|
||
|
29D3000
|
trusted library allocation
|
page read and write
|
||
|
75A000
|
stack
|
page read and write
|
||
|
7112000
|
trusted library allocation
|
page read and write
|
||
|
5A08000
|
heap
|
page read and write
|
||
|
2CFC000
|
trusted library allocation
|
page read and write
|
||
|
4C80000
|
heap
|
page read and write
|
||
|
B90000
|
trusted library allocation
|
page read and write
|
||
|
4D10000
|
heap
|
page read and write
|
||
|
66D0000
|
trusted library allocation
|
page read and write
|
||
|
66E0000
|
trusted library allocation
|
page read and write
|
||
|
2640000
|
trusted library allocation
|
page read and write
|
||
|
74F0000
|
trusted library allocation
|
page read and write
|
||
|
2BC9000
|
trusted library allocation
|
page read and write
|
||
|
4C60000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A00000
|
heap
|
page read and write
|
||
|
2650000
|
heap
|
page execute and read and write
|
||
|
2CB4000
|
trusted library allocation
|
page read and write
|
||
|
3AF4000
|
trusted library allocation
|
page read and write
|
There are 249 hidden memdumps, click here to show them.