Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\file.exe
|
"C:\Users\user\Desktop\file.exe"
|
 |
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://185.215.113.37vly
|
unknown
|
|
|
|
http://185.215.113.37/b5
|
unknown
|
|
|
|
http://185.215.113.37/
|
185.215.113.37
|
|
|
|
http://185.215.113.37
|
unknown
|
|
|
|
http://185.215.113.37/e2b1563c6670f193.phpo
|
unknown
|
|
|
|
http://185.215.113.37/e2b1563c6670f193.phpv
|
unknown
|
|
|
|
http://185.215.113.37/e2b1563c6670f193.php
|
185.215.113.37
|
|
|
|
http://185.215.113.37/ws
|
unknown
|
|
|
|
http://185.215.113.37/e2b1563c6670f193.php3
|
unknown
|
|
|
|
http://185.215.113.37/e2b1563c6670f193.phps
|
unknown
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
185.215.113.37
|
unknown
|
Portugal
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
FDE000
|
heap
|
page read and write
|
|
|
|
4D40000
|
direct allocation
|
page read and write
|
|
|
|
121000
|
unkown
|
page execute and read and write
|
|
|
|
3B1E000
|
stack
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
1CF4F000
|
stack
|
page read and write
|
||
|
2C1B000
|
heap
|
page read and write
|
||
|
3FDF000
|
stack
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
FD8000
|
heap
|
page read and write
|
||
|
375E000
|
stack
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
2ABE000
|
stack
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
1D31E000
|
stack
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
4D40000
|
direct allocation
|
page read and write
|
||
|
48A0000
|
direct allocation
|
page read and write
|
||
|
411F000
|
stack
|
page read and write
|
||
|
50A000
|
unkown
|
page execute and read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
1CF8E000
|
stack
|
page read and write
|
||
|
48A0000
|
direct allocation
|
page read and write
|
||
|
48A0000
|
direct allocation
|
page read and write
|
||
|
1054000
|
heap
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
44DF000
|
stack
|
page read and write
|
||
|
608000
|
unkown
|
page execute and read and write
|
||
|
BCE000
|
stack
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
1CD0E000
|
stack
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
39DE000
|
stack
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
48D0000
|
heap
|
page read and write
|
||
|
3ADF000
|
stack
|
page read and write
|
||
|
2F9F000
|
stack
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
11CF000
|
stack
|
page read and write
|
||
|
37E000
|
unkown
|
page execute and read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
4EB0000
|
direct allocation
|
page execute and read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
335F000
|
stack
|
page read and write
|
||
|
489F000
|
stack
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
48A0000
|
direct allocation
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
349F000
|
stack
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
2C17000
|
heap
|
page read and write
|
||
|
48A0000
|
direct allocation
|
page read and write
|
||
|
1059000
|
heap
|
page read and write
|
||
|
43DE000
|
stack
|
page read and write
|
||
|
1D1DC000
|
stack
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
4CF0000
|
trusted library allocation
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
4D20000
|
heap
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
3C1F000
|
stack
|
page read and write
|
||
|
1D1000
|
unkown
|
page execute and read and write
|
||
|
121000
|
unkown
|
page execute and write copy
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
4EA0000
|
direct allocation
|
page execute and read and write
|
||
|
BC5000
|
stack
|
page read and write
|
||
|
1D21D000
|
stack
|
page read and write
|
||
|
339E000
|
stack
|
page read and write
|
||
|
E30000
|
heap
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
425F000
|
stack
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
105B000
|
heap
|
page read and write
|
||
|
325E000
|
stack
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
4D40000
|
direct allocation
|
page read and write
|
||
|
1CE0F000
|
stack
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
4EF0000
|
direct allocation
|
page execute and read and write
|
||
|
48A0000
|
direct allocation
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
1CBCE000
|
stack
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
475F000
|
stack
|
page read and write
|
||
|
61F000
|
unkown
|
page execute and write copy
|
||
|
4D7E000
|
stack
|
page read and write
|
||
|
3D5F000
|
stack
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
36A000
|
unkown
|
page execute and read and write
|
||
|
EDE000
|
stack
|
page read and write
|
||
|
48A0000
|
direct allocation
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
2BBF000
|
stack
|
page read and write
|
||
|
2E9E000
|
stack
|
page read and write
|
||
|
ACC000
|
stack
|
page read and write
|
||
|
48A0000
|
direct allocation
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
1CCCF000
|
stack
|
page read and write
|
||
|
34DE000
|
stack
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
451E000
|
stack
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
3D9E000
|
stack
|
page read and write
|
||
|
120000
|
unkown
|
page read and write
|
||
|
439F000
|
stack
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
311E000
|
stack
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
7BD000
|
unkown
|
page execute and read and write
|
||
|
48A0000
|
direct allocation
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
5E7000
|
unkown
|
page execute and read and write
|
||
|
2D5E000
|
stack
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
389E000
|
stack
|
page read and write
|
||
|
2D1F000
|
stack
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
2E5F000
|
stack
|
page read and write
|
||
|
2FDE000
|
stack
|
page read and write
|
||
|
EF0000
|
heap
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
120000
|
unkown
|
page readonly
|
||
|
202000
|
unkown
|
page execute and read and write
|
||
|
401E000
|
stack
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
1CE4E000
|
stack
|
page read and write
|
||
|
429E000
|
stack
|
page read and write
|
||
|
61E000
|
unkown
|
page execute and write copy
|
||
|
399F000
|
stack
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
30DF000
|
stack
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
1037000
|
heap
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
1D0DD000
|
stack
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
4E7F000
|
stack
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
48A0000
|
direct allocation
|
page read and write
|
||
|
385F000
|
stack
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
2BFB000
|
stack
|
page read and write
|
||
|
321F000
|
stack
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
35DF000
|
stack
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
415E000
|
stack
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
4EC0000
|
direct allocation
|
page execute and read and write
|
||
|
461F000
|
stack
|
page read and write
|
||
|
479E000
|
stack
|
page read and write
|
||
|
48A0000
|
direct allocation
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
361E000
|
stack
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
1DD000
|
unkown
|
page execute and read and write
|
||
|
48A0000
|
direct allocation
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
4E90000
|
direct allocation
|
page execute and read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
465E000
|
stack
|
page read and write
|
||
|
3E9F000
|
stack
|
page read and write
|
||
|
12CE000
|
stack
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
48C0000
|
heap
|
page read and write
|
||
|
48A0000
|
direct allocation
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
371F000
|
stack
|
page read and write
|
||
|
E9E000
|
stack
|
page read and write
|
||
|
48B1000
|
heap
|
page read and write
|
||
|
61E000
|
unkown
|
page execute and read and write
|
||
|
2C10000
|
heap
|
page read and write
|
||
|
2C00000
|
heap
|
page read and write
|
||
|
4EC0000
|
direct allocation
|
page execute and read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
1025000
|
heap
|
page read and write
|
||
|
48B0000
|
heap
|
page read and write
|
||
|
48A0000
|
direct allocation
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
60F000
|
unkown
|
page execute and read and write
|
||
|
1D08F000
|
stack
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
4EE0000
|
direct allocation
|
page execute and read and write
|
||
|
3EDE000
|
stack
|
page read and write
|
||
|
4ED0000
|
direct allocation
|
page execute and read and write
|
||
|
3C5E000
|
stack
|
page read and write
|
There are 217 hidden memdumps, click here to show them.