Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
TNT Original Documents AWB 8013580.bat.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\TNT Original Documents AWB 8013580.bat.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\TNT Original Documents AWB 8013580.bat.exe
|
"C:\Users\user\Desktop\TNT Original Documents AWB 8013580.bat.exe"
|
|
|
|
C:\Users\user\Desktop\TNT Original Documents AWB 8013580.bat.exe
|
"C:\Users\user\Desktop\TNT Original Documents AWB 8013580.bat.exe"
|
|
|
|
C:\Users\user\Desktop\TNT Original Documents AWB 8013580.bat.exe
|
"C:\Users\user\Desktop\TNT Original Documents AWB 8013580.bat.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://tempuri.org/DataSet1.xsd
|
unknown
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1590000
|
direct allocation
|
page read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
93D000
|
trusted library allocation
|
page execute and read and write
|
||
|
924000
|
trusted library allocation
|
page read and write
|
||
|
140F000
|
stack
|
page read and write
|
||
|
BEE000
|
stack
|
page read and write
|
||
|
4B80000
|
trusted library allocation
|
page read and write
|
||
|
4FC0000
|
heap
|
page read and write
|
||
|
9DE000
|
stack
|
page read and write
|
||
|
A17000
|
heap
|
page read and write
|
||
|
256F000
|
stack
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
57EE000
|
stack
|
page read and write
|
||
|
930000
|
trusted library allocation
|
page read and write
|
||
|
2715000
|
trusted library allocation
|
page read and write
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
18F6000
|
direct allocation
|
page execute and read and write
|
||
|
781E000
|
stack
|
page read and write
|
||
|
4E50000
|
trusted library allocation
|
page execute and read and write
|
||
|
95B000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FBE000
|
stack
|
page read and write
|
||
|
7370000
|
trusted library allocation
|
page read and write
|
||
|
4B04000
|
trusted library allocation
|
page read and write
|
||
|
4B60000
|
trusted library allocation
|
page read and write
|
||
|
4FD0000
|
trusted library allocation
|
page read and write
|
||
|
4B26000
|
trusted library allocation
|
page read and write
|
||
|
910000
|
trusted library allocation
|
page read and write
|
||
|
6FCA000
|
trusted library allocation
|
page read and write
|
||
|
701E000
|
stack
|
page read and write
|
||
|
2726000
|
trusted library allocation
|
page read and write
|
||
|
1759000
|
direct allocation
|
page execute and read and write
|
||
|
9FE000
|
heap
|
page read and write
|
||
|
154F000
|
stack
|
page read and write
|
||
|
6FC0000
|
trusted library allocation
|
page read and write
|
||
|
63A000
|
stack
|
page read and write
|
||
|
2B0000
|
unkown
|
page readonly
|
||
|
57F0000
|
heap
|
page read and write
|
||
|
AF20000
|
heap
|
page read and write
|
||
|
11D8000
|
heap
|
page read and write
|
||
|
4B30000
|
trusted library allocation
|
page read and write
|
||
|
26B0000
|
heap
|
page read and write
|
||
|
4B50000
|
trusted library allocation
|
page read and write
|
||
|
4B70000
|
trusted library allocation
|
page read and write
|
||
|
6F70000
|
trusted library allocation
|
page execute and read and write
|
||
|
6F80000
|
trusted library allocation
|
page execute and read and write
|
||
|
C90000
|
heap
|
page read and write
|
||
|
1978000
|
direct allocation
|
page execute and read and write
|
||
|
9FA000
|
heap
|
page read and write
|
||
|
952000
|
trusted library allocation
|
page read and write
|
||
|
6EB5000
|
heap
|
page read and write
|
||
|
923000
|
trusted library allocation
|
page execute and read and write
|
||
|
946000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B00000
|
trusted library allocation
|
page read and write
|
||
|
50E0000
|
heap
|
page read and write
|
||
|
4C00000
|
trusted library allocation
|
page read and write
|
||
|
4B75000
|
trusted library allocation
|
page read and write
|
||
|
A7F000
|
heap
|
page read and write
|
||
|
50F0000
|
trusted library section
|
page read and write
|
||
|
4BA0000
|
trusted library allocation
|
page read and write
|
||
|
957000
|
trusted library allocation
|
page execute and read and write
|
||
|
6A92000
|
trusted library allocation
|
page read and write
|
||
|
B41F000
|
stack
|
page read and write
|
||
|
8AE000
|
stack
|
page read and write
|
||
|
B21E000
|
stack
|
page read and write
|
||
|
4B43000
|
heap
|
page read and write
|
||
|
860000
|
heap
|
page read and write
|
||
|
980000
|
trusted library allocation
|
page read and write
|
||
|
BF8000
|
trusted library allocation
|
page read and write
|
||
|
7023000
|
trusted library allocation
|
page read and write
|
||
|
2807000
|
trusted library allocation
|
page read and write
|
||
|
4B2D000
|
trusted library allocation
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
5800000
|
heap
|
page read and write
|
||
|
4EB0000
|
heap
|
page read and write
|
||
|
990000
|
heap
|
page execute and read and write
|
||
|
92D000
|
trusted library allocation
|
page execute and read and write
|
||
|
734E000
|
stack
|
page read and write
|
||
|
737000
|
stack
|
page read and write
|
||
|
4FC4000
|
heap
|
page read and write
|
||
|
CCA000
|
heap
|
page read and write
|
||
|
94A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B2000
|
unkown
|
page readonly
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
4FE0000
|
heap
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
4B40000
|
heap
|
page read and write
|
||
|
130E000
|
stack
|
page read and write
|
||
|
CB0000
|
trusted library allocation
|
page read and write
|
||
|
6E90000
|
heap
|
page read and write
|
||
|
72BE000
|
stack
|
page read and write
|
||
|
6ECA000
|
heap
|
page read and write
|
||
|
266E000
|
stack
|
page read and write
|
||
|
6EB2000
|
heap
|
page read and write
|
||
|
B31F000
|
stack
|
page read and write
|
||
|
940000
|
trusted library allocation
|
page read and write
|
||
|
A0F000
|
heap
|
page read and write
|
||
|
8EE000
|
stack
|
page read and write
|
||
|
47BC000
|
stack
|
page read and write
|
||
|
7020000
|
trusted library allocation
|
page read and write
|
||
|
26AB000
|
stack
|
page read and write
|
||
|
7030000
|
trusted library allocation
|
page execute and read and write
|
||
|
10C0000
|
heap
|
page read and write
|
||
|
36C9000
|
trusted library allocation
|
page read and write
|
||
|
26C1000
|
trusted library allocation
|
page read and write
|
||
|
271E000
|
trusted library allocation
|
page read and write
|
||
|
4D40000
|
heap
|
page execute and read and write
|
||
|
730E000
|
stack
|
page read and write
|
||
|
73A0000
|
trusted library section
|
page read and write
|
||
|
58F0000
|
trusted library section
|
page readonly
|
||
|
A2F000
|
heap
|
page read and write
|
||
|
4E40000
|
trusted library allocation
|
page read and write
|
||
|
942000
|
trusted library allocation
|
page read and write
|
||
|
4B21000
|
trusted library allocation
|
page read and write
|
||
|
6E7C000
|
heap
|
page read and write
|
||
|
865000
|
heap
|
page read and write
|
||
|
752E000
|
stack
|
page read and write
|
||
|
4BE0000
|
heap
|
page read and write
|
||
|
17CE000
|
direct allocation
|
page execute and read and write
|
||
|
1580000
|
heap
|
page read and write
|
||
|
760000
|
heap
|
page read and write
|
||
|
175D000
|
direct allocation
|
page execute and read and write
|
||
|
5828000
|
heap
|
page read and write
|
||
|
B11E000
|
stack
|
page read and write
|
||
|
A24000
|
heap
|
page read and write
|
||
|
7EFE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
FB0000
|
heap
|
page read and write
|
||
|
9E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B1E000
|
trusted library allocation
|
page read and write
|
||
|
5980000
|
heap
|
page read and write
|
||
|
18FD000
|
direct allocation
|
page execute and read and write
|
||
|
4EAB000
|
stack
|
page read and write
|
||
|
E5D000
|
stack
|
page read and write
|
||
|
6EC0000
|
heap
|
page read and write
|
||
|
A31000
|
heap
|
page read and write
|
||
|
F5C000
|
stack
|
page read and write
|
||
|
6E70000
|
heap
|
page read and write
|
||
|
920000
|
trusted library allocation
|
page read and write
|
||
|
4B0B000
|
trusted library allocation
|
page read and write
|
||
|
4BF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
144E000
|
stack
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
56EE000
|
stack
|
page read and write
|
||
|
6FD0000
|
trusted library allocation
|
page read and write
|
||
|
36C1000
|
trusted library allocation
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
7390000
|
trusted library allocation
|
page read and write
|
||
|
1630000
|
direct allocation
|
page execute and read and write
|
||
|
18E1000
|
direct allocation
|
page execute and read and write
|
There are 138 hidden memdumps, click here to show them.