Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\transferencia realizada.vbs"
|
 |
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://185.244.29.74:1337/document
|
185.244.29.74
|
|
|
|
http://185.244.29.74:1337/document-E
|
unknown
|
||
|
http://185.244.29.74:1337/document2
|
unknown
|
||
|
http://185.244.29.74:1337/documentp
|
unknown
|
||
|
http://185.244.29.74/:
|
unknown
|
||
|
http://185.244.29.74:1337/document.L
|
unknown
|
||
|
http://185.244.29.74:1337/document-L
|
unknown
|
||
|
http://185.244.29.74:1337/documentfE
|
unknown
|
||
|
http://185.244.29.74:1337/documentZ
|
unknown
|
||
|
http://185.244.29.74:1337/document_q
|
unknown
|
||
|
http://185.244.29.74:1337/documentY
|
unknown
|
There are 1 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
185.244.29.74
|
unknown
|
Netherlands
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1BCD1197000
|
heap
|
page read and write
|
||
|
1BCD3915000
|
heap
|
page read and write
|
||
|
1BCD123E000
|
heap
|
page read and write
|
||
|
7CE5BFF000
|
stack
|
page read and write
|
||
|
7FFB1E3C0000
|
unkown
|
page read and write
|
||
|
1BCD38FA000
|
heap
|
page read and write
|
||
|
1BCD1370000
|
heap
|
page read and write
|
||
|
1BCD11BF000
|
heap
|
page read and write
|
||
|
1BCD2C90000
|
heap
|
page read and write
|
||
|
7CE5598000
|
stack
|
page read and write
|
||
|
7FFB1E3A0000
|
unkown
|
page readonly
|
||
|
1BCD38F0000
|
heap
|
page read and write
|
||
|
7CE61FD000
|
stack
|
page read and write
|
||
|
7CE60FE000
|
stack
|
page read and write
|
||
|
7CE5AFD000
|
stack
|
page read and write
|
||
|
1BCD2FE0000
|
heap
|
page read and write
|
||
|
1BCD1152000
|
heap
|
page read and write
|
||
|
1BCD1149000
|
heap
|
page read and write
|
||
|
1BCD123C000
|
heap
|
page read and write
|
||
|
1BCD1320000
|
heap
|
page read and write
|
||
|
1BCD1340000
|
heap
|
page read and write
|
||
|
7FFB1E3B6000
|
unkown
|
page readonly
|
||
|
1BCD11C8000
|
heap
|
page read and write
|
||
|
1BCD1178000
|
heap
|
page read and write
|
||
|
1BCD3120000
|
heap
|
page read and write
|
||
|
1BCD1240000
|
heap
|
page read and write
|
||
|
1BCD3070000
|
heap
|
page read and write
|
||
|
1BCD38F2000
|
heap
|
page read and write
|
||
|
7FFB1E3A1000
|
unkown
|
page execute read
|
||
|
1BCD3270000
|
heap
|
page read and write
|
||
|
1BCD1375000
|
heap
|
page read and write
|
||
|
7CE5FF8000
|
stack
|
page read and write
|
||
|
1BCD34F0000
|
trusted library allocation
|
page read and write
|
||
|
1BCD3260000
|
heap
|
page read and write
|
||
|
1BCD3170000
|
heap
|
page read and write
|
||
|
7FFB1E3C2000
|
unkown
|
page readonly
|
||
|
1BCD1140000
|
heap
|
page read and write
|
||
|
1BCD33A0000
|
heap
|
page read and write
|
||
|
1BCD11DD000
|
heap
|
page read and write
|
||
|
1BCD3075000
|
heap
|
page read and write
|
||
|
7FFB1E3C5000
|
unkown
|
page readonly
|
||
|
1BCD1199000
|
heap
|
page read and write
|
||
|
1BCD3030000
|
heap
|
page read and write
|
There are 33 hidden memdumps, click here to show them.