Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
UemxXC3jyR.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
||
|
C:\Users\user\AppData\Local\Temp\~DF8E8EEF2E32582658.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\UemxXC3jyR.exe
|
"C:\Users\user\Desktop\UemxXC3jyR.exe"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://cardiomad.desarrollo.emtmadrid.es/visor/Nhttps://encuesta.com/survey/P6gm6cW1J4/
|
unknown
|
||
|
http://www.madrid.es/UnidadesDescentralizadas/Emergencias/Samur/aqui.html?li=
|
unknown
|
||
|
http://correo.ws.emergencias.munimadrid.es/
|
unknown
|
||
|
https://cardiomad.desarrollo.emtmadrid.es/cardioapi/v1/alarms/pcr/
|
unknown
|
||
|
http://IasWS.samur.sgicntt
|
unknown
|
||
|
http://dgegis.emergencias.munimadrid.es/intervencionesencurso/inicio.html?colectivo=samur&intervenci
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/envelope/
|
unknown
|
||
|
https://maps.google.com/maps?saddr=
|
unknown
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3344000
|
heap
|
page read and write
|
||
|
286A000
|
heap
|
page read and write
|
||
|
99000
|
stack
|
page read and write
|
||
|
560000
|
unkown
|
page execute read
|
||
|
28FA000
|
heap
|
page read and write
|
||
|
E0D000
|
heap
|
page read and write
|
||
|
DFA000
|
heap
|
page read and write
|
||
|
AE5000
|
unkown
|
page readonly
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
28F7000
|
heap
|
page read and write
|
||
|
755000
|
unkown
|
page execute read
|
||
|
354F000
|
stack
|
page read and write
|
||
|
AE5000
|
unkown
|
page readonly
|
||
|
568000
|
unkown
|
page execute read
|
||
|
28FF000
|
heap
|
page read and write
|
||
|
584000
|
unkown
|
page execute read
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
DEC000
|
heap
|
page read and write
|
||
|
72E000
|
unkown
|
page execute read
|
||
|
C50000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
28F3000
|
heap
|
page read and write
|
||
|
286B000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
2A33000
|
heap
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
578000
|
unkown
|
page execute read
|
||
|
28E0000
|
heap
|
page read and write
|
||
|
28FB000
|
heap
|
page read and write
|
||
|
4AB0000
|
trusted library allocation
|
page read and write
|
||
|
568000
|
unkown
|
page execute read
|
||
|
E0E000
|
heap
|
page read and write
|
||
|
28FD000
|
heap
|
page read and write
|
||
|
344F000
|
stack
|
page read and write
|
||
|
E0A000
|
heap
|
page read and write
|
||
|
E2B000
|
heap
|
page read and write
|
||
|
28AE000
|
stack
|
page read and write
|
||
|
DDA000
|
heap
|
page read and write
|
||
|
E12000
|
heap
|
page read and write
|
||
|
DFD000
|
heap
|
page read and write
|
||
|
3340000
|
heap
|
page read and write
|
||
|
568000
|
unkown
|
page execute read
|
||
|
28FF000
|
heap
|
page read and write
|
||
|
D80000
|
trusted library allocation
|
page execute read
|
||
|
E1E000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
E2B000
|
heap
|
page read and write
|
||
|
560000
|
unkown
|
page execute read
|
||
|
2865000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
28FF000
|
heap
|
page read and write
|
||
|
27A0000
|
heap
|
page read and write
|
||
|
2869000
|
heap
|
page read and write
|
||
|
2A70000
|
heap
|
page read and write
|
||
|
578000
|
unkown
|
page execute read
|
||
|
2866000
|
heap
|
page read and write
|
||
|
2790000
|
heap
|
page read and write
|
||
|
72E000
|
unkown
|
page execute read
|
||
|
D5E000
|
stack
|
page read and write
|
||
|
E11000
|
heap
|
page read and write
|
||
|
28E5000
|
heap
|
page read and write
|
||
|
584000
|
unkown
|
page execute read
|
||
|
2869000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
E2B000
|
heap
|
page read and write
|
||
|
2866000
|
heap
|
page read and write
|
||
|
E0D000
|
heap
|
page read and write
|
||
|
AC6000
|
unkown
|
page read and write
|
||
|
755000
|
unkown
|
page execute read
|
||
|
C0E000
|
stack
|
page read and write
|
||
|
57F000
|
unkown
|
page execute read
|
||
|
560000
|
unkown
|
page execute read
|
||
|
DDE000
|
heap
|
page read and write
|
||
|
2869000
|
heap
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
FCF000
|
stack
|
page read and write
|
||
|
286C000
|
heap
|
page read and write
|
||
|
584000
|
unkown
|
page execute read
|
||
|
28F0000
|
heap
|
page read and write
|
||
|
2869000
|
heap
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
286E000
|
heap
|
page read and write
|
||
|
2866000
|
heap
|
page read and write
|
||
|
57F000
|
unkown
|
page execute read
|
||
|
57F000
|
unkown
|
page execute read
|
||
|
2A80000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
28E9000
|
heap
|
page read and write
|
||
|
2861000
|
heap
|
page read and write
|
||
|
2862000
|
heap
|
page read and write
|
||
|
578000
|
unkown
|
page execute read
|
||
|
27EE000
|
stack
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
C4E000
|
stack
|
page read and write
|
||
|
28FC000
|
heap
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
ADF000
|
unkown
|
page read and write
|
||
|
2860000
|
heap
|
page read and write
|
||
|
2A30000
|
heap
|
page read and write
|
||
|
E0D000
|
heap
|
page read and write
|
There are 90 hidden memdumps, click here to show them.