Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\msvcp110.dll,GetGameData
|
 |
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\msvcp110.dll",#1
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe"
|
|
|
|
C:\Windows\SysWOW64\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\msvcp110.dll",GetGameData
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe"
|
|
|
|
C:\Windows\System32\loaddll32.exe
|
loaddll32.exe "C:\Users\user\Desktop\msvcp110.dll"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\msvcp110.dll",#1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
abnomalrkmu.site
|
|
||
|
absorptioniw.site
|
|
||
|
treatynreit.site
|
|
||
|
https://steamcommunity.com/profiles/76561199724331900
|
104.102.49.254
|
|
|
|
questionsmw.stor
|
|
||
|
https://steamcommunity.com/profiles/76561199724331900/inventory/
|
unknown
|
|
|
|
snarlypagowo.site
|
|
||
|
chorusarorp.site
|
|
||
|
https://steamcommunity.com/profiles/76561199724331900GW0v
|
unknown
|
|
|
|
https://player.vimeo.com
|
unknown
|
||
|
https://absorptioniw.site:443/apisorptioniw.site/R
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/javascript/auth_refresh.js?v=WgUxSlKTb3W1&
|
unknown
|
||
|
https://store.steampowered.com/;Persistent-AuthWWW-AuthenticateVarysteamCountry=US%7Cd7fb65801182a5f
|
unknown
|
||
|
https://beearvagueo.site/2_
|
unknown
|
||
|
https://steamcommunity.com/?subsection=broadcasts
|
unknown
|
||
|
https://beearvagueo.site:443/apisslc
|
unknown
|
||
|
https://store.steampowered.com/subscriber_agreement/
|
unknown
|
||
|
https://www.gstatic.cn/recaptcha/
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/javascript/applications/community/libraries~b28b7af6
|
unknown
|
||
|
https://questionsmw.store/p
|
unknown
|
||
|
http://www.valvesoftware.com/legal.htm
|
unknown
|
||
|
https://beearvagueo.site/apioot0
|
unknown
|
||
|
https://www.youtube.com
|
unknown
|
||
|
https://absorptioniw.site/n
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/css/promo/summer2017/stickers.css?v=HA2Yr5oy3FFG&
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.png
|
unknown
|
||
|
https://soldiefieop.site/x
|
unknown
|
||
|
https://abnomalrkmu.site/
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/css/shared_responsive.css?v=sHIIcMzCffX6&
|
unknown
|
||
|
https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20Feedback
|
unknown
|
||
|
https://soldiefieop.site/p
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/javascript/applications/community/main.js?v=2ZRoxzol
|
unknown
|
||
|
https://abnomalrkmu.site/P;
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/javascript/scriptaculous/_combined.js?v=OeNIgrpEF8tL
|
unknown
|
||
|
https://s.ytimg.com;
|
unknown
|
||
|
https://help.steampowered
|
unknown
|
||
|
https://steam.tv/
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/css/skin_1/header.css?v=NFoCa4OkAxRb&l=english
|
unknown
|
||
|
http://store.steampowered.com/privacy_agreement/
|
unknown
|
||
|
https://beearvagueo.site/api3
|
unknown
|
||
|
https://steamcommunity.com:443/profiles/76561199724331900
|
unknown
|
||
|
https://avatars.akamai.steamstatic.cor
|
unknown
|
||
|
https://store.steampowered.com/points/shop/
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/css/skin_1/header.css?v=NFoCa4OkAxRb&l=englis
|
unknown
|
||
|
https://sketchfab.com
|
unknown
|
||
|
https://lv.queniujq.cn
|
unknown
|
||
|
https://mysterisop.site:443/api0u
|
unknown
|
||
|
https://www.youtube.com/
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/css/applications/community/main.css?v=Ev2sBLgkgyWJ&a
|
unknown
|
||
|
https://avatars.akamai.steamstatic.com/fef49e7fa7e1997310d705b2a6158ff8dc1cdfeb_full.jpg
|
unknown
|
||
|
https://store.steampowered.com/privacy_agreement/
|
unknown
|
||
|
https://absorptioniw.site:443/api
|
unknown
|
||
|
https://beearvagueo.site:443/apiofiles/76561199724331900
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/css/shared_global.css?v=ezWS9te9Zwm9&l=en
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/javascript/tooltip.js?v=.zYHOpI1L3Rt0
|
unknown
|
||
|
https://beearvagueo.site/E
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/javascript/shared_global.js?v=REEGJU1hwkYl&am
|
unknown
|
||
|
https://absorptioniw.site/b
|
unknown
|
||
|
https://www.google.com/recaptcha/
|
unknown
|
||
|
https://checkout.steampowered.com/
|
unknown
|
||
|
https://questionsmw.store/
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/css/globalv2.css?v=PAcV2zMBzzSV&l=english
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/javascript/modalv2.js?v=dfMhuy-Lrpyo&l=english
|
unknown
|
||
|
https://beearvagueo.site/
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/images/responsive/header_logo.png
|
unknown
|
||
|
https://questionsmw.store/P
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/css/skin_1/profilev2.css?v=M_qL4gO2sKII&l=englis
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/shared/css/buttons.css?v=PUJIfhtcQn7W&l=
|
unknown
|
||
|
https://store.steampowered.com/;
|
unknown
|
||
|
https://store.steampowered.com/about/
|
unknown
|
||
|
https://steamcommunity.com/my/wishlist/
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/javascript/global.js?v=9OzcxMXbaV84&l=english
|
unknown
|
||
|
https://help.steampowered.com/en/
|
unknown
|
||
|
https://cdn.akamai.steamstatic.com/steamcommunity/public/assets/
|
unknown
|
||
|
https://mysterisop.site/
|
unknown
|
||
|
https://steamcommunity.com/market/
|
unknown
|
||
|
https://store.steampowered.com/news/
|
unknown
|
||
|
https://community.akamai.steamstatic.com/
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/javascript/webui/clientcom.js?v=24Mgahw2gQy5&l=e
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/javascript/applications/community/manifest.js?v=HLoW
|
unknown
|
||
|
http://store.steampowered.com/subscriber_agreement/
|
unknown
|
||
|
https://steamcommunity.com/linkfilter/?u=http%3A%2F%2Fwww.geonames.org
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/css/skin_1/modalContent.css?v=.VpiwkLAYt9r1
|
unknown
|
||
|
https://recaptcha.net/recaptcha/;
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/javascript/promo/stickers.js?v=upl9NJ5D2xkP&l=en
|
unknown
|
||
|
https://steamcommunity.com/discussions/
|
unknown
|
||
|
https://store.steampowered.com/stats/
|
unknown
|
||
|
https://medal.tv
|
unknown
|
||
|
https://broadcast.st.dl.eccdnx.com
|
unknown
|
||
|
https://community.akamai.steamstatic.com/public/images/skin_1/footerLogo_valve.png?v=1
|
unknown
|
||
|
https://store.steampowered.com/steam_refunds/
|
unknown
|
||
|
https://steamcommunity.com/login/home/?goto=profiles%2F76561199724331900
|
unknown
|
||
|
https://beearvagueo.site/Gn
|
unknown
|
||
|
https://steamcommunity.com/workshop/
|
unknown
|
||
|
https://community.akamai.steam
|
unknown
|
||
|
https://login.steampowered.com/
|
unknown
|
||
|
https://store.steampowered.com/legal/
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
beearvagueo.site
|
172.67.214.93
|
|
|
|
chorusarorp.site
|
unknown
|
|
|
|
treatynreit.site
|
unknown
|
|
|
|
snarlypagowo.site
|
unknown
|
|
|
|
mysterisop.site
|
unknown
|
|
|
|
absorptioniw.site
|
unknown
|
|
|
|
abnomalrkmu.site
|
unknown
|
|
|
|
soldiefieop.site
|
unknown
|
|
|
|
steamcommunity.com
|
104.102.49.254
|
||
|
questionsmw.store
|
unknown
|
||
|
explorationmsn.store
|
unknown
|
There are 1 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.67.214.93
|
beearvagueo.site
|
United States
|
|
|
|
104.102.49.254
|
steamcommunity.com
|
United States
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
2A60000
|
heap
|
page read and write
|
||
|
2BBE000
|
stack
|
page read and write
|
||
|
46FC000
|
stack
|
page read and write
|
||
|
2E05000
|
heap
|
page read and write
|
||
|
2DCB000
|
stack
|
page read and write
|
||
|
2AB2000
|
heap
|
page read and write
|
||
|
279C000
|
stack
|
page read and write
|
||
|
45E000
|
remote allocation
|
page execute and read and write
|
||
|
2500000
|
remote allocation
|
page execute and read and write
|
||
|
27FC000
|
stack
|
page read and write
|
||
|
2A00000
|
heap
|
page read and write
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
47FD000
|
stack
|
page read and write
|
||
|
254E000
|
remote allocation
|
page execute and read and write
|
||
|
2A54000
|
heap
|
page read and write
|
||
|
2D63000
|
heap
|
page read and write
|
||
|
270F000
|
heap
|
page read and write
|
||
|
293E000
|
stack
|
page read and write
|
||
|
26FC000
|
stack
|
page read and write
|
||
|
2A49000
|
heap
|
page read and write
|
||
|
26A7000
|
heap
|
page read and write
|
||
|
2D00000
|
heap
|
page read and write
|
||
|
2D69000
|
heap
|
page read and write
|
||
|
473D000
|
stack
|
page read and write
|
||
|
44FF000
|
stack
|
page read and write
|
||
|
28FC000
|
stack
|
page read and write
|
||
|
2A9D000
|
heap
|
page read and write
|
||
|
2640000
|
remote allocation
|
page read and write
|
||
|
A5E000
|
stack
|
page read and write
|
||
|
4750000
|
remote allocation
|
page read and write
|
||
|
2704000
|
heap
|
page read and write
|
||
|
2975000
|
heap
|
page read and write
|
||
|
3380000
|
heap
|
page read and write
|
||
|
2D44000
|
heap
|
page read and write
|
||
|
256C000
|
stack
|
page read and write
|
||
|
25B0000
|
heap
|
page read and write
|
||
|
47CD000
|
stack
|
page read and write
|
||
|
2704000
|
heap
|
page read and write
|
||
|
33F0000
|
heap
|
page read and write
|
||
|
2640000
|
remote allocation
|
page read and write
|
||
|
2A0D000
|
heap
|
page read and write
|
||
|
275B000
|
stack
|
page read and write
|
||
|
2A6F000
|
stack
|
page read and write
|
||
|
4DCF000
|
stack
|
page read and write
|
||
|
2D78000
|
heap
|
page read and write
|
||
|
BCF000
|
heap
|
page read and write
|
||
|
2A70000
|
heap
|
page read and write
|
||
|
4E2E000
|
stack
|
page read and write
|
||
|
2A1D000
|
heap
|
page read and write
|
||
|
434D000
|
stack
|
page read and write
|
||
|
2DF9000
|
heap
|
page read and write
|
||
|
2DB5000
|
heap
|
page read and write
|
||
|
2714000
|
heap
|
page read and write
|
||
|
2D27000
|
heap
|
page read and write
|
||
|
45E000
|
remote allocation
|
page execute and read and write
|
||
|
BCB000
|
heap
|
page read and write
|
||
|
2FA0000
|
heap
|
page read and write
|
||
|
459D000
|
stack
|
page read and write
|
||
|
296F000
|
stack
|
page read and write
|
||
|
A10000
|
heap
|
page read and write
|
||
|
269D000
|
stack
|
page read and write
|
||
|
29F7000
|
heap
|
page read and write
|
||
|
2B70000
|
heap
|
page read and write
|
||
|
2640000
|
remote allocation
|
page read and write
|
||
|
9FF000
|
stack
|
page read and write
|
||
|
4E6D000
|
stack
|
page read and write
|
||
|
8FC000
|
stack
|
page read and write
|
||
|
2A60000
|
heap
|
page read and write
|
||
|
47E0000
|
heap
|
page read and write
|
||
|
B5F000
|
stack
|
page read and write
|
||
|
2A54000
|
heap
|
page read and write
|
||
|
2DFC000
|
heap
|
page read and write
|
||
|
42C000
|
stack
|
page read and write
|
||
|
2DB5000
|
heap
|
page read and write
|
||
|
25D0000
|
heap
|
page read and write
|
||
|
4CCE000
|
stack
|
page read and write
|
||
|
2B75000
|
heap
|
page read and write
|
||
|
32F0000
|
heap
|
page read and write
|
||
|
29D0000
|
remote allocation
|
page read and write
|
||
|
2CFE000
|
stack
|
page read and write
|
||
|
4CAE000
|
stack
|
page read and write
|
||
|
29D0000
|
remote allocation
|
page read and write
|
||
|
BD8000
|
heap
|
page read and write
|
||
|
2F90000
|
heap
|
page read and write
|
||
|
2A18000
|
heap
|
page read and write
|
||
|
261E000
|
stack
|
page read and write
|
||
|
2A1D000
|
heap
|
page read and write
|
||
|
BE4000
|
heap
|
page read and write
|
||
|
2F2C000
|
stack
|
page read and write
|
||
|
4B3E000
|
stack
|
page read and write
|
||
|
25D0000
|
heap
|
page read and write
|
||
|
4750000
|
remote allocation
|
page read and write
|
||
|
50AF000
|
stack
|
page read and write
|
||
|
4EE000
|
stack
|
page read and write
|
||
|
443E000
|
stack
|
page read and write
|
||
|
303C000
|
stack
|
page read and write
|
||
|
2768000
|
heap
|
page read and write
|
||
|
4B7F000
|
stack
|
page read and write
|
||
|
2D76000
|
heap
|
page read and write
|
||
|
45DD000
|
stack
|
page read and write
|
||
|
447F000
|
stack
|
page read and write
|
||
|
2A32000
|
heap
|
page read and write
|
||
|
3230000
|
heap
|
page read and write
|
||
|
4E70000
|
heap
|
page read and write
|
||
|
2A32000
|
heap
|
page read and write
|
||
|
4ADF000
|
stack
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
4BA0000
|
heap
|
page read and write
|
||
|
32DE000
|
stack
|
page read and write
|
||
|
2E0D000
|
heap
|
page read and write
|
||
|
2CBF000
|
stack
|
page read and write
|
||
|
270F000
|
heap
|
page read and write
|
||
|
2CBF000
|
stack
|
page read and write
|
||
|
2A34000
|
heap
|
page read and write
|
||
|
2EEB000
|
stack
|
page read and write
|
||
|
444D000
|
stack
|
page read and write
|
||
|
15C000
|
stack
|
page read and write
|
||
|
2A54000
|
heap
|
page read and write
|
||
|
3080000
|
heap
|
page read and write
|
||
|
275C000
|
heap
|
page read and write
|
||
|
2A97000
|
heap
|
page read and write
|
||
|
26A0000
|
heap
|
page read and write
|
||
|
2501000
|
remote allocation
|
page execute read
|
||
|
4C7D000
|
stack
|
page read and write
|
||
|
24FC000
|
stack
|
page read and write
|
||
|
29D0000
|
remote allocation
|
page read and write
|
||
|
2A10000
|
heap
|
page read and write
|
||
|
4F6E000
|
stack
|
page read and write
|
||
|
2A7A000
|
heap
|
page read and write
|
||
|
48CE000
|
stack
|
page read and write
|
||
|
2D3C000
|
heap
|
page read and write
|
||
|
4B7D000
|
stack
|
page read and write
|
||
|
336E000
|
stack
|
page read and write
|
||
|
3160000
|
heap
|
page read and write
|
||
|
2714000
|
heap
|
page read and write
|
||
|
2DC8000
|
heap
|
page read and write
|
||
|
2A40000
|
heap
|
page read and write
|
||
|
2DFF000
|
heap
|
page read and write
|
||
|
2B40000
|
heap
|
page read and write
|
||
|
493E000
|
stack
|
page read and write
|
||
|
21D0000
|
heap
|
page read and write
|
||
|
4750000
|
remote allocation
|
page read and write
|
||
|
2D20000
|
heap
|
page read and write
|
||
|
319A000
|
heap
|
page read and write
|
||
|
44BE000
|
stack
|
page read and write
|
||
|
2A49000
|
heap
|
page read and write
|
||
|
2DFF000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
29BE000
|
stack
|
page read and write
|
||
|
2D96000
|
heap
|
page read and write
|
||
|
26E6000
|
heap
|
page read and write
|
||
|
2970000
|
heap
|
page read and write
|
||
|
BDD000
|
heap
|
page read and write
|
||
|
29F0000
|
heap
|
page read and write
|
||
|
45F0000
|
heap
|
page read and write
|
||
|
25D5000
|
heap
|
page read and write
|
||
|
254B000
|
remote allocation
|
page readonly
|
||
|
2A49000
|
heap
|
page read and write
|
||
|
24F0000
|
heap
|
page read and write
|
||
|
323A000
|
heap
|
page read and write
|
||
|
2701000
|
heap
|
page read and write
|
||
|
2D95000
|
heap
|
page read and write
|
||
|
26CE000
|
heap
|
page read and write
|
||
|
2AA9000
|
heap
|
page read and write
|
||
|
4CEF000
|
stack
|
page read and write
|
||
|
4A3F000
|
stack
|
page read and write
|
||
|
2DC8000
|
heap
|
page read and write
|
||
|
2DE0000
|
heap
|
page read and write
|
||
|
2A5F000
|
heap
|
page read and write
|
||
|
2A35000
|
heap
|
page read and write
|
||
|
2650000
|
heap
|
page read and write
|
||
|
479E000
|
stack
|
page read and write
|
||
|
3190000
|
heap
|
page read and write
|
||
|
2D9E000
|
heap
|
page read and write
|
||
|
4FAE000
|
stack
|
page read and write
|
||
|
48ED000
|
stack
|
page read and write
|
||
|
2DFF000
|
heap
|
page read and write
|
||
|
2DB5000
|
heap
|
page read and write
|
||
|
25AE000
|
stack
|
page read and write
|
||
|
49ED000
|
stack
|
page read and write
|
||
|
46FD000
|
stack
|
page read and write
|
||
|
26E3000
|
heap
|
page read and write
|
||
|
25E0000
|
heap
|
page read and write
|
||
|
46BF000
|
stack
|
page read and write
|
||
|
4630000
|
heap
|
page read and write
|
||
|
2A97000
|
heap
|
page read and write
|
||
|
33CF000
|
stack
|
page read and write
|
||
|
2940000
|
heap
|
page read and write
|
||
|
2DBF000
|
stack
|
page read and write
|
||
|
26BD000
|
heap
|
page read and write
|
||
|
490000
|
heap
|
page read and write
|
||
|
2A17000
|
heap
|
page read and write
|
||
|
3060000
|
heap
|
page read and write
|
||
|
255E000
|
remote allocation
|
page readonly
|
||
|
21E0000
|
heap
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
430D000
|
stack
|
page read and write
|
||
|
2DA4000
|
heap
|
page read and write
|
||
|
2D4E000
|
heap
|
page read and write
|
||
|
2AA9000
|
heap
|
page read and write
|
There are 191 hidden memdumps, click here to show them.