Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\RFQ-350548 P1-00051538.pdf.exe
|
"C:\Users\user\Desktop\RFQ-350548 P1-00051538.pdf.exe"
|
 |
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://wymascensores.comd
|
unknown
|
|
|
|
https://wymascensores.com/index/Gtkhyba.mp4
|
67.212.175.162
|
|
|
|
https://wymascensores.com
|
unknown
|
|
|
|
https://wymascensores.com/index/Gtkhyba.mp4%Buffer
|
unknown
|
|
|
|
http://wymascensores.com
|
unknown
|
|
|
|
https://wymascensores.com/index/Gtkhyba.mp4d
|
unknown
|
|
|
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
wymascensores.com
|
67.212.175.162
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
67.212.175.162
|
wymascensores.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ-350548 P1-00051538_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ-350548 P1-00051538_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ-350548 P1-00051538_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ-350548 P1-00051538_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ-350548 P1-00051538_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ-350548 P1-00051538_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ-350548 P1-00051538_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ-350548 P1-00051538_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ-350548 P1-00051538_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ-350548 P1-00051538_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ-350548 P1-00051538_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ-350548 P1-00051538_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ-350548 P1-00051538_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RFQ-350548 P1-00051538_RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
6856000
|
trusted library allocation
|
page read and write
|
||
|
68BA000
|
trusted library allocation
|
page read and write
|
||
|
352C000
|
trusted library allocation
|
page read and write
|
||
|
343A000
|
trusted library allocation
|
page read and write
|
||
|
68B6000
|
trusted library allocation
|
page read and write
|
||
|
3329000
|
trusted library allocation
|
page read and write
|
||
|
6886000
|
trusted library allocation
|
page read and write
|
||
|
1860000
|
heap
|
page read and write
|
||
|
3426000
|
trusted library allocation
|
page read and write
|
||
|
32FD000
|
trusted library allocation
|
page read and write
|
||
|
3349000
|
trusted library allocation
|
page read and write
|
||
|
342E000
|
trusted library allocation
|
page read and write
|
||
|
3294000
|
trusted library allocation
|
page read and write
|
||
|
3299000
|
trusted library allocation
|
page read and write
|
||
|
1325000
|
heap
|
page read and write
|
||
|
1812000
|
trusted library allocation
|
page read and write
|
||
|
64A0000
|
heap
|
page read and write
|
||
|
5770000
|
heap
|
page execute and read and write
|
||
|
3534000
|
trusted library allocation
|
page read and write
|
||
|
12F9000
|
stack
|
page read and write
|
||
|
685E000
|
trusted library allocation
|
page read and write
|
||
|
1418000
|
heap
|
page read and write
|
||
|
3528000
|
trusted library allocation
|
page read and write
|
||
|
347F000
|
trusted library allocation
|
page read and write
|
||
|
33F2000
|
trusted library allocation
|
page read and write
|
||
|
17ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
3520000
|
trusted library allocation
|
page read and write
|
||
|
32A2000
|
trusted library allocation
|
page read and write
|
||
|
32A6000
|
trusted library allocation
|
page read and write
|
||
|
344B000
|
trusted library allocation
|
page read and write
|
||
|
1320000
|
heap
|
page read and write
|
||
|
687A000
|
trusted library allocation
|
page read and write
|
||
|
32E5000
|
trusted library allocation
|
page read and write
|
||
|
338E000
|
trusted library allocation
|
page read and write
|
||
|
33C6000
|
trusted library allocation
|
page read and write
|
||
|
32C0000
|
trusted library allocation
|
page read and write
|
||
|
3345000
|
trusted library allocation
|
page read and write
|
||
|
6876000
|
trusted library allocation
|
page read and write
|
||
|
346F000
|
trusted library allocation
|
page read and write
|
||
|
181B000
|
trusted library allocation
|
page execute and read and write
|
||
|
32DD000
|
trusted library allocation
|
page read and write
|
||
|
645E000
|
stack
|
page read and write
|
||
|
1650000
|
heap
|
page read and write
|
||
|
345F000
|
trusted library allocation
|
page read and write
|
||
|
308C000
|
stack
|
page read and write
|
||
|
33B6000
|
trusted library allocation
|
page read and write
|
||
|
688E000
|
trusted library allocation
|
page read and write
|
||
|
3331000
|
trusted library allocation
|
page read and write
|
||
|
154E000
|
stack
|
page read and write
|
||
|
6852000
|
trusted library allocation
|
page read and write
|
||
|
6892000
|
trusted library allocation
|
page read and write
|
||
|
5ABE000
|
stack
|
page read and write
|
||
|
65DE000
|
stack
|
page read and write
|
||
|
6A84000
|
trusted library allocation
|
page read and write
|
||
|
3530000
|
trusted library allocation
|
page read and write
|
||
|
3392000
|
trusted library allocation
|
page read and write
|
||
|
66DE000
|
stack
|
page read and write
|
||
|
3548000
|
trusted library allocation
|
page read and write
|
||
|
3436000
|
trusted library allocation
|
page read and write
|
||
|
3524000
|
trusted library allocation
|
page read and write
|
||
|
68AA000
|
trusted library allocation
|
page read and write
|
||
|
684E000
|
trusted library allocation
|
page read and write
|
||
|
180A000
|
trusted library allocation
|
page execute and read and write
|
||
|
3518000
|
trusted library allocation
|
page read and write
|
||
|
17D0000
|
trusted library allocation
|
page read and write
|
||
|
348B000
|
trusted library allocation
|
page read and write
|
||
|
6554000
|
heap
|
page read and write
|
||
|
343E000
|
trusted library allocation
|
page read and write
|
||
|
F12000
|
unkown
|
page readonly
|
||
|
3325000
|
trusted library allocation
|
page read and write
|
||
|
69E4000
|
trusted library allocation
|
page read and write
|
||
|
3442000
|
trusted library allocation
|
page read and write
|
||
|
167E000
|
trusted library allocation
|
page read and write
|
||
|
33D2000
|
trusted library allocation
|
page read and write
|
||
|
68A2000
|
trusted library allocation
|
page read and write
|
||
|
344F000
|
trusted library allocation
|
page read and write
|
||
|
3365000
|
trusted library allocation
|
page read and write
|
||
|
3361000
|
trusted library allocation
|
page read and write
|
||
|
3341000
|
trusted library allocation
|
page read and write
|
||
|
686E000
|
trusted library allocation
|
page read and write
|
||
|
3447000
|
trusted library allocation
|
page read and write
|
||
|
6866000
|
trusted library allocation
|
page read and write
|
||
|
329E000
|
trusted library allocation
|
page read and write
|
||
|
59BE000
|
stack
|
page read and write
|
||
|
30DE000
|
stack
|
page read and write
|
||
|
68A6000
|
trusted library allocation
|
page read and write
|
||
|
33E2000
|
trusted library allocation
|
page read and write
|
||
|
332D000
|
trusted library allocation
|
page read and write
|
||
|
6561000
|
heap
|
page read and write
|
||
|
347B000
|
trusted library allocation
|
page read and write
|
||
|
32F1000
|
trusted library allocation
|
page read and write
|
||
|
5FFE000
|
stack
|
page read and write
|
||
|
3396000
|
trusted library allocation
|
page read and write
|
||
|
32E9000
|
trusted library allocation
|
page read and write
|
||
|
17F0000
|
trusted library allocation
|
page read and write
|
||
|
3305000
|
trusted library allocation
|
page read and write
|
||
|
32D0000
|
trusted library allocation
|
page read and write
|
||
|
6846000
|
trusted library allocation
|
page read and write
|
||
|
F10000
|
unkown
|
page readonly
|
||
|
6896000
|
trusted library allocation
|
page read and write
|
||
|
33A6000
|
trusted library allocation
|
page read and write
|
||
|
17E4000
|
trusted library allocation
|
page read and write
|
||
|
1850000
|
trusted library allocation
|
page read and write
|
||
|
3483000
|
trusted library allocation
|
page read and write
|
||
|
5760000
|
trusted library allocation
|
page read and write
|
||
|
68BE000
|
trusted library allocation
|
page read and write
|
||
|
6A67000
|
trusted library allocation
|
page read and write
|
||
|
339E000
|
trusted library allocation
|
page read and write
|
||
|
3321000
|
trusted library allocation
|
page read and write
|
||
|
141E000
|
heap
|
page read and write
|
||
|
1671000
|
trusted library allocation
|
page read and write
|
||
|
3457000
|
trusted library allocation
|
page read and write
|
||
|
339A000
|
trusted library allocation
|
page read and write
|
||
|
689A000
|
trusted library allocation
|
page read and write
|
||
|
689E000
|
trusted library allocation
|
page read and write
|
||
|
1817000
|
trusted library allocation
|
page execute and read and write
|
||
|
33BE000
|
trusted library allocation
|
page read and write
|
||
|
3339000
|
trusted library allocation
|
page read and write
|
||
|
628D000
|
stack
|
page read and write
|
||
|
351C000
|
trusted library allocation
|
page read and write
|
||
|
686A000
|
trusted library allocation
|
page read and write
|
||
|
68C3000
|
trusted library allocation
|
page read and write
|
||
|
5C3E000
|
stack
|
page read and write
|
||
|
3379000
|
trusted library allocation
|
page read and write
|
||
|
3538000
|
trusted library allocation
|
page read and write
|
||
|
17E3000
|
trusted library allocation
|
page execute and read and write
|
||
|
6882000
|
trusted library allocation
|
page read and write
|
||
|
33DA000
|
trusted library allocation
|
page read and write
|
||
|
655D000
|
heap
|
page read and write
|
||
|
62CF000
|
stack
|
page read and write
|
||
|
3371000
|
trusted library allocation
|
page read and write
|
||
|
345B000
|
trusted library allocation
|
page read and write
|
||
|
32E1000
|
trusted library allocation
|
page read and write
|
||
|
6709000
|
trusted library allocation
|
page read and write
|
||
|
3453000
|
trusted library allocation
|
page read and write
|
||
|
330D000
|
trusted library allocation
|
page read and write
|
||
|
33F6000
|
trusted library allocation
|
page read and write
|
||
|
649E000
|
stack
|
page read and write
|
||
|
335D000
|
trusted library allocation
|
page read and write
|
||
|
32D5000
|
trusted library allocation
|
page read and write
|
||
|
341A000
|
trusted library allocation
|
page read and write
|
||
|
3422000
|
trusted library allocation
|
page read and write
|
||
|
1800000
|
trusted library allocation
|
page read and write
|
||
|
342A000
|
trusted library allocation
|
page read and write
|
||
|
33AA000
|
trusted library allocation
|
page read and write
|
||
|
1840000
|
trusted library allocation
|
page execute and read and write
|
||
|
3335000
|
trusted library allocation
|
page read and write
|
||
|
325E000
|
stack
|
page read and write
|
||
|
631E000
|
stack
|
page read and write
|
||
|
334D000
|
trusted library allocation
|
page read and write
|
||
|
354C000
|
trusted library allocation
|
page read and write
|
||
|
33B2000
|
trusted library allocation
|
page read and write
|
||
|
3510000
|
trusted library allocation
|
page read and write
|
||
|
32C8000
|
trusted library allocation
|
page read and write
|
||
|
3412000
|
trusted library allocation
|
page read and write
|
||
|
3416000
|
trusted library allocation
|
page read and write
|
||
|
3090000
|
heap
|
page execute and read and write
|
||
|
3359000
|
trusted library allocation
|
page read and write
|
||
|
3261000
|
trusted library allocation
|
page read and write
|
||
|
1400000
|
heap
|
page read and write
|
||
|
32BC000
|
trusted library allocation
|
page read and write
|
||
|
641E000
|
stack
|
page read and write
|
||
|
32C4000
|
trusted library allocation
|
page read and write
|
||
|
3355000
|
trusted library allocation
|
page read and write
|
||
|
571E000
|
stack
|
page read and write
|
||
|
1810000
|
trusted library allocation
|
page read and write
|
||
|
3544000
|
trusted library allocation
|
page read and write
|
||
|
3150000
|
heap
|
page read and write
|
||
|
32B4000
|
trusted library allocation
|
page read and write
|
||
|
FAC000
|
stack
|
page read and write
|
||
|
331D000
|
trusted library allocation
|
page read and write
|
||
|
535D000
|
stack
|
page read and write
|
||
|
688A000
|
trusted library allocation
|
page read and write
|
||
|
33BA000
|
trusted library allocation
|
page read and write
|
||
|
346B000
|
trusted library allocation
|
page read and write
|
||
|
33DE000
|
trusted library allocation
|
page read and write
|
||
|
1410000
|
heap
|
page read and write
|
||
|
60FE000
|
stack
|
page read and write
|
||
|
32B8000
|
trusted library allocation
|
page read and write
|
||
|
3514000
|
trusted library allocation
|
page read and write
|
||
|
333D000
|
trusted library allocation
|
page read and write
|
||
|
3369000
|
trusted library allocation
|
page read and write
|
||
|
56A0000
|
heap
|
page read and write
|
||
|
33FA000
|
trusted library allocation
|
page read and write
|
||
|
3473000
|
trusted library allocation
|
page read and write
|
||
|
3406000
|
trusted library allocation
|
page read and write
|
||
|
33CA000
|
trusted library allocation
|
page read and write
|
||
|
3402000
|
trusted library allocation
|
page read and write
|
||
|
353C000
|
trusted library allocation
|
page read and write
|
||
|
340A000
|
trusted library allocation
|
page read and write
|
||
|
33A2000
|
trusted library allocation
|
page read and write
|
||
|
336D000
|
trusted library allocation
|
page read and write
|
||
|
3301000
|
trusted library allocation
|
page read and write
|
||
|
33AE000
|
trusted library allocation
|
page read and write
|
||
|
32CC000
|
trusted library allocation
|
page read and write
|
||
|
33E6000
|
trusted library allocation
|
page read and write
|
||
|
3432000
|
trusted library allocation
|
page read and write
|
||
|
3487000
|
trusted library allocation
|
page read and write
|
||
|
1807000
|
trusted library allocation
|
page execute and read and write
|
||
|
4261000
|
trusted library allocation
|
page read and write
|
||
|
3375000
|
trusted library allocation
|
page read and write
|
||
|
685A000
|
trusted library allocation
|
page read and write
|
||
|
3463000
|
trusted library allocation
|
page read and write
|
||
|
6862000
|
trusted library allocation
|
page read and write
|
||
|
1454000
|
heap
|
page read and write
|
||
|
3351000
|
trusted library allocation
|
page read and write
|
||
|
32ED000
|
trusted library allocation
|
page read and write
|
||
|
33EE000
|
trusted library allocation
|
page read and write
|
||
|
6872000
|
trusted library allocation
|
page read and write
|
||
|
1310000
|
heap
|
page read and write
|
||
|
687E000
|
trusted library allocation
|
page read and write
|
||
|
340E000
|
trusted library allocation
|
page read and write
|
||
|
3540000
|
trusted library allocation
|
page read and write
|
||
|
3315000
|
trusted library allocation
|
page read and write
|
||
|
64D0000
|
heap
|
page read and write
|
||
|
3311000
|
trusted library allocation
|
page read and write
|
||
|
33D6000
|
trusted library allocation
|
page read and write
|
||
|
3319000
|
trusted library allocation
|
page read and write
|
||
|
F14000
|
unkown
|
page readonly
|
||
|
164E000
|
stack
|
page read and write
|
||
|
32D9000
|
trusted library allocation
|
page read and write
|
||
|
5D3E000
|
stack
|
page read and write
|
||
|
304E000
|
stack
|
page read and write
|
||
|
1830000
|
trusted library allocation
|
page read and write
|
||
|
33FE000
|
trusted library allocation
|
page read and write
|
||
|
68AE000
|
trusted library allocation
|
page read and write
|
||
|
3477000
|
trusted library allocation
|
page read and write
|
||
|
3467000
|
trusted library allocation
|
page read and write
|
||
|
33EA000
|
trusted library allocation
|
page read and write
|
||
|
33CE000
|
trusted library allocation
|
page read and write
|
||
|
68B2000
|
trusted library allocation
|
page read and write
|
||
|
341E000
|
trusted library allocation
|
page read and write
|
||
|
3309000
|
trusted library allocation
|
page read and write
|
||
|
33C2000
|
trusted library allocation
|
page read and write
|
There are 224 hidden memdumps, click here to show them.