Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SecuriteInfo.com.Win32.Malware-gen.4932.17674.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\nsd4C7.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\polaritets\Klipbok.Vid
|
data
|
dropped
|
||
|
C:\Users\user\polaritets\Muskel.Nit
|
data
|
dropped
|
||
|
C:\Users\user\polaritets\Observationsposters.tor
|
data
|
dropped
|
||
|
C:\Users\user\polaritets\drupes.ret
|
data
|
dropped
|
||
|
C:\Users\user\polaritets\quodlibetic.fes
|
data
|
dropped
|
||
|
C:\Users\user\polaritets\roere.hid
|
data
|
dropped
|
||
|
C:\Users\user\polaritets\socialmedicin.sej
|
data
|
dropped
|
||
|
C:\Users\user\polaritets\toader.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SecuriteInfo.com.Win32.Malware-gen.4932.17674.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Win32.Malware-gen.4932.17674.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
69E2000
|
direct allocation
|
page execute and read and write
|
|
|
|
4D8000
|
heap
|
page read and write
|
||
|
2799000
|
heap
|
page read and write
|
||
|
2798000
|
heap
|
page read and write
|
||
|
4D0000
|
heap
|
page read and write
|
||
|
502000
|
heap
|
page read and write
|
||
|
49AC000
|
stack
|
page read and write
|
||
|
81F000
|
stack
|
page read and write
|
||
|
50E000
|
heap
|
page read and write
|
||
|
6F940000
|
unkown
|
page readonly
|
||
|
502000
|
heap
|
page read and write
|
||
|
50E000
|
heap
|
page read and write
|
||
|
513000
|
heap
|
page read and write
|
||
|
513000
|
heap
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
49E000
|
stack
|
page read and write
|
||
|
2340000
|
heap
|
page read and write
|
||
|
55E2000
|
direct allocation
|
page execute and read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
408000
|
unkown
|
page readonly
|
||
|
2791000
|
heap
|
page read and write
|
||
|
44C000
|
unkown
|
page readonly
|
||
|
50E000
|
heap
|
page read and write
|
||
|
542000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
4AAD000
|
stack
|
page read and write
|
||
|
9C5000
|
heap
|
page read and write
|
||
|
502000
|
heap
|
page read and write
|
||
|
279C000
|
heap
|
page read and write
|
||
|
434000
|
unkown
|
page read and write
|
||
|
513000
|
heap
|
page read and write
|
||
|
51E000
|
heap
|
page read and write
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
513000
|
heap
|
page read and write
|
||
|
546000
|
heap
|
page read and write
|
||
|
50E000
|
heap
|
page read and write
|
||
|
2310000
|
heap
|
page read and write
|
||
|
425000
|
unkown
|
page read and write
|
||
|
4BE2000
|
direct allocation
|
page execute and read and write
|
||
|
502000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
543000
|
heap
|
page read and write
|
||
|
640000
|
heap
|
page read and write
|
||
|
6F946000
|
unkown
|
page readonly
|
||
|
50E000
|
heap
|
page read and write
|
||
|
2320000
|
heap
|
page read and write
|
||
|
6F941000
|
unkown
|
page execute read
|
||
|
50E000
|
heap
|
page read and write
|
||
|
2344000
|
heap
|
page read and write
|
||
|
50E000
|
heap
|
page read and write
|
||
|
543000
|
heap
|
page read and write
|
||
|
528000
|
heap
|
page read and write
|
||
|
502000
|
heap
|
page read and write
|
||
|
50E000
|
heap
|
page read and write
|
||
|
4AB0000
|
direct allocation
|
page execute and read and write
|
||
|
279A000
|
heap
|
page read and write
|
||
|
44C000
|
unkown
|
page readonly
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
6F944000
|
unkown
|
page readonly
|
||
|
2794000
|
heap
|
page read and write
|
||
|
513000
|
heap
|
page read and write
|
||
|
427000
|
unkown
|
page read and write
|
||
|
513000
|
heap
|
page read and write
|
||
|
513000
|
heap
|
page read and write
|
||
|
7DE2000
|
direct allocation
|
page execute and read and write
|
||
|
513000
|
heap
|
page read and write
|
||
|
91E2000
|
direct allocation
|
page execute and read and write
|
||
|
525000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
513000
|
heap
|
page read and write
|
||
|
51A000
|
heap
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
53A000
|
heap
|
page read and write
|
||
|
502000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2796000
|
heap
|
page read and write
|
||
|
450000
|
heap
|
page read and write
|
||
|
543000
|
heap
|
page read and write
|
||
|
2797000
|
heap
|
page read and write
|
||
|
502000
|
heap
|
page read and write
|
||
|
502000
|
heap
|
page read and write
|
||
|
279A000
|
heap
|
page read and write
|
||
|
513000
|
heap
|
page read and write
|
||
|
87E2000
|
direct allocation
|
page execute and read and write
|
||
|
279C000
|
heap
|
page read and write
|
||
|
502000
|
heap
|
page read and write
|
||
|
3690000
|
trusted library allocation
|
page read and write
|
||
|
50E000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
543000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
73E2000
|
direct allocation
|
page execute and read and write
|
||
|
50E000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
5FE2000
|
direct allocation
|
page execute and read and write
|
There are 85 hidden memdumps, click here to show them.