Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\SecuriteInfo.com.PUA.RiskWare.Hacktool.27928.4275.dll"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\SecuriteInfo.com.PUA.RiskWare.Hacktool.27928.4275.dll",#1
|
||
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\SecuriteInfo.com.PUA.RiskWare.Hacktool.27928.4275.dll",#1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://fontawesome.com
|
unknown
|
||
|
http://scripts.sil.org/OFLhttp://scripts.sil.org/OFL
|
unknown
|
||
|
http://www.google.com/fontshttp://www.hubertfischer.comThis
|
unknown
|
||
|
https://fontawesome.comhttps://fontawesome.comFont
|
unknown
|
||
|
http://scripts.sil.org/OFLhttp://scripts.sil.org/OFLCopyright
|
unknown
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1E7AEB7A000
|
heap
|
page read and write
|
||
|
1E7AEB74000
|
heap
|
page read and write
|
||
|
E72927D000
|
stack
|
page read and write
|
||
|
E7292FE000
|
stack
|
page read and write
|
||
|
1E7AEB6B000
|
heap
|
page read and write
|
||
|
E7293FF000
|
stack
|
page read and write
|
||
|
1730B8A0000
|
heap
|
page read and write
|
||
|
E728FAA000
|
stack
|
page read and write
|
||
|
1E7AED90000
|
heap
|
page read and write
|
||
|
1730B970000
|
heap
|
page read and write
|
||
|
1730B988000
|
heap
|
page read and write
|
||
|
5CA51FF000
|
stack
|
page read and write
|
||
|
1E7AEB58000
|
heap
|
page read and write
|
||
|
1E7AEB85000
|
heap
|
page read and write
|
||
|
1E7B2400000
|
trusted library allocation
|
page read and write
|
||
|
1E7AEB9A000
|
heap
|
page read and write
|
||
|
1E7B06B0000
|
heap
|
page read and write
|
||
|
E72937F000
|
stack
|
page read and write
|
||
|
1E7AED9C000
|
heap
|
page read and write
|
||
|
5CA52FF000
|
stack
|
page read and write
|
||
|
1E7B1E20000
|
heap
|
page read and write
|
||
|
1E7AEB50000
|
heap
|
page read and write
|
||
|
1E7B1F40000
|
heap
|
page read and write
|
||
|
1E7AEB7B000
|
heap
|
page read and write
|
||
|
1730B97D000
|
heap
|
page read and write
|
||
|
1E7AED40000
|
heap
|
page read and write
|
||
|
1E7AEB74000
|
heap
|
page read and write
|
||
|
1E7AEB6F000
|
heap
|
page read and write
|
||
|
1E7AEB98000
|
heap
|
page read and write
|
||
|
1730B8B0000
|
heap
|
page read and write
|
||
|
1E7AEB6F000
|
heap
|
page read and write
|
||
|
1E7AEB7F000
|
heap
|
page read and write
|
||
|
1E7AEB90000
|
heap
|
page read and write
|
||
|
1E7B1E23000
|
heap
|
page read and write
|
||
|
1E7AEB6B000
|
heap
|
page read and write
|
||
|
1E7AEB70000
|
heap
|
page read and write
|
||
|
1E7AEC60000
|
heap
|
page read and write
|
||
|
1E7AED60000
|
heap
|
page read and write
|
||
|
1E7AEB6F000
|
heap
|
page read and write
|
||
|
1E7AEB7A000
|
heap
|
page read and write
|
||
|
5CA50FC000
|
stack
|
page read and write
|
||
|
1E7AED95000
|
heap
|
page read and write
|
||
|
1E7AEB67000
|
heap
|
page read and write
|
There are 33 hidden memdumps, click here to show them.