Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
kk.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
||
C:\Users\user\AppData\Local\Temp\porcelainize
|
data
|
modified
|
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Users\user\Desktop\kk.exe
|
"C:\Users\user\Desktop\kk.exe"
|
||
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Users\user\Desktop\kk.exe"
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
http://pgsu.co.id
|
unknown
|
||
http://r10.o.lencr.org0#
|
unknown
|
||
https://account.dyn.com/
|
unknown
|
||
http://mail.pgsu.co.id
|
unknown
|
||
http://x1.c.lencr.org/0
|
unknown
|
||
http://x1.i.lencr.org/0
|
unknown
|
||
http://r10.i.lencr.org/0
|
unknown
|
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
pgsu.co.id
|
107.178.108.41
|
||
mail.pgsu.co.id
|
unknown
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
107.178.108.41
|
pgsu.co.id
|
United States
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
402000
|
system
|
page execute and read and write
|
||
280E000
|
trusted library allocation
|
page read and write
|
||
2839000
|
trusted library allocation
|
page read and write
|
||
1680000
|
direct allocation
|
page read and write
|
||
27C1000
|
trusted library allocation
|
page read and write
|
||
5EBE000
|
stack
|
page read and write
|
||
F00000
|
trusted library allocation
|
page read and write
|
||
1C5000
|
heap
|
page read and write
|
||
2F40000
|
heap
|
page read and write
|
||
284D000
|
trusted library allocation
|
page read and write
|
||
A30000
|
heap
|
page read and write
|
||
1B0000
|
heap
|
page read and write
|
||
4490000
|
direct allocation
|
page read and write
|
||
3D99000
|
heap
|
page read and write
|
||
6920000
|
heap
|
page read and write
|
||
4D8C000
|
stack
|
page read and write
|
||
65BE000
|
stack
|
page read and write
|
||
110000
|
heap
|
page read and write
|
||
280C000
|
trusted library allocation
|
page read and write
|
||
15E000
|
stack
|
page read and write
|
||
3DB1000
|
heap
|
page read and write
|
||
3E3F000
|
heap
|
page read and write
|
||
607D000
|
stack
|
page read and write
|
||
3F45000
|
heap
|
page read and write
|
||
4DC0000
|
trusted library allocation
|
page read and write
|
||
AEB000
|
trusted library allocation
|
page execute and read and write
|
||
5D9D000
|
heap
|
page read and write
|
||
5D20000
|
trusted library allocation
|
page execute and read and write
|
||
990000
|
heap
|
page read and write
|
||
5D50000
|
heap
|
page read and write
|
||
4490000
|
direct allocation
|
page read and write
|
||
89F000
|
stack
|
page read and write
|
||
B18000
|
heap
|
page read and write
|
||
378E000
|
stack
|
page read and write
|
||
A7E000
|
stack
|
page read and write
|
||
5D44000
|
heap
|
page read and write
|
||
ADA000
|
trusted library allocation
|
page execute and read and write
|
||
8AF000
|
stack
|
page read and write
|
||
3E11000
|
heap
|
page read and write
|
||
E00000
|
heap
|
page read and write
|
||
3DF6000
|
heap
|
page read and write
|
||
A60000
|
heap
|
page read and write
|
||
637E000
|
stack
|
page read and write
|
||
E30000
|
trusted library allocation
|
page read and write
|
||
37C1000
|
trusted library allocation
|
page read and write
|
||
3DA3000
|
heap
|
page read and write
|
||
5E7E000
|
stack
|
page read and write
|
||
E50000
|
heap
|
page execute and read and write
|
||
9A000
|
stack
|
page read and write
|
||
4DC8000
|
trusted library allocation
|
page read and write
|
||
475D000
|
direct allocation
|
page read and write
|
||
5D46000
|
heap
|
page read and write
|
||
3B91000
|
heap
|
page read and write
|
||
AA0000
|
trusted library allocation
|
page read and write
|
||
3829000
|
trusted library allocation
|
page read and write
|
||
4630000
|
direct allocation
|
page read and write
|
||
45B3000
|
direct allocation
|
page read and write
|
||
162F000
|
stack
|
page read and write
|
||
3B8F000
|
stack
|
page read and write
|
||
4396000
|
heap
|
page read and write
|
||
5D3B000
|
trusted library allocation
|
page read and write
|
||
2847000
|
trusted library allocation
|
page read and write
|
||
A10000
|
heap
|
page read and write
|
||
5380000
|
trusted library allocation
|
page execute and read and write
|
||
100000
|
heap
|
page read and write
|
||
3D8B000
|
heap
|
page read and write
|
||
A30000
|
heap
|
page read and write
|
||
64BE000
|
stack
|
page read and write
|
||
45B3000
|
direct allocation
|
page read and write
|
||
47CE000
|
direct allocation
|
page read and write
|
||
4DD4000
|
heap
|
page read and write
|
||
5C7D000
|
stack
|
page read and write
|
||
AB4000
|
trusted library allocation
|
page read and write
|
||
48BD000
|
stack
|
page read and write
|
||
AE2000
|
trusted library allocation
|
page read and write
|
||
2FB8000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
400000
|
system
|
page execute and read and write
|
||
4D12000
|
trusted library allocation
|
page read and write
|
||
DA0000
|
heap
|
page read and write
|
||
65D0000
|
trusted library allocation
|
page read and write
|
||
A35000
|
heap
|
page read and write
|
||
284F000
|
trusted library allocation
|
page read and write
|
||
2827000
|
trusted library allocation
|
page read and write
|
||
47CE000
|
direct allocation
|
page read and write
|
||
401000
|
unkown
|
page execute read
|
||
475D000
|
direct allocation
|
page read and write
|
||
4759000
|
direct allocation
|
page read and write
|
||
4759000
|
direct allocation
|
page read and write
|
||
1790000
|
heap
|
page read and write
|
||
3EF0000
|
heap
|
page read and write
|
||
E68000
|
trusted library allocation
|
page read and write
|
||
617F000
|
stack
|
page read and write
|
||
475D000
|
direct allocation
|
page read and write
|
||
61BE000
|
stack
|
page read and write
|
||
73C71000
|
unkown
|
page execute read
|
||
4A7000
|
unkown
|
page read and write
|
||
4630000
|
direct allocation
|
page read and write
|
||
5360000
|
trusted library allocation
|
page read and write
|
||
AD0000
|
trusted library allocation
|
page read and write
|
||
3044000
|
heap
|
page read and write
|
||
4759000
|
direct allocation
|
page read and write
|
||
475D000
|
direct allocation
|
page read and write
|
||
16D5000
|
heap
|
page read and write
|
||
4FA0000
|
heap
|
page execute and read and write
|
||
3E06000
|
heap
|
page read and write
|
||
27BE000
|
stack
|
page read and write
|
||
E40000
|
trusted library allocation
|
page read and write
|
||
AE7000
|
trusted library allocation
|
page execute and read and write
|
||
47CE000
|
direct allocation
|
page read and write
|
||
4630000
|
direct allocation
|
page read and write
|
||
3F49000
|
heap
|
page execute and read and write
|
||
73C8D000
|
unkown
|
page read and write
|
||
E20000
|
trusted library allocation
|
page read and write
|
||
3DAA000
|
heap
|
page read and write
|
||
3E3F000
|
heap
|
page read and write
|
||
3EF1000
|
heap
|
page read and write
|
||
8F8000
|
stack
|
page read and write
|
||
4D0E000
|
trusted library allocation
|
page read and write
|
||
45B3000
|
direct allocation
|
page read and write
|
||
A3A000
|
heap
|
page read and write
|
||
2851000
|
trusted library allocation
|
page read and write
|
||
3EF1000
|
heap
|
page read and write
|
||
2835000
|
trusted library allocation
|
page read and write
|
||
ABD000
|
trusted library allocation
|
page execute and read and write
|
||
3F4A000
|
heap
|
page read and write
|
||
2F41000
|
heap
|
page read and write
|
||
D0D000
|
stack
|
page read and write
|
||
42F0000
|
heap
|
page read and write
|
||
AE5000
|
trusted library allocation
|
page execute and read and write
|
||
4490000
|
direct allocation
|
page read and write
|
||
16D0000
|
heap
|
page read and write
|
||
4630000
|
direct allocation
|
page read and write
|
||
5D30000
|
trusted library allocation
|
page read and write
|
||
65E0000
|
trusted library allocation
|
page execute and read and write
|
||
3F4D000
|
heap
|
page read and write
|
||
4D2D000
|
trusted library allocation
|
page read and write
|
||
F10000
|
heap
|
page read and write
|
||
930000
|
heap
|
page read and write
|
||
A3E000
|
heap
|
page read and write
|
||
1C0000
|
heap
|
page read and write
|
||
3D89000
|
heap
|
page read and write
|
||
AB0000
|
trusted library allocation
|
page read and write
|
||
5367000
|
trusted library allocation
|
page read and write
|
||
65F0000
|
heap
|
page read and write
|
||
D4E000
|
stack
|
page read and write
|
||
47CE000
|
direct allocation
|
page read and write
|
||
45B3000
|
direct allocation
|
page read and write
|
||
535C000
|
trusted library allocation
|
page read and write
|
||
4490000
|
direct allocation
|
page read and write
|
||
2841000
|
trusted library allocation
|
page read and write
|
||
BEB000
|
heap
|
page read and write
|
||
4490000
|
direct allocation
|
page read and write
|
||
D8C000
|
stack
|
page read and write
|
||
1670000
|
heap
|
page read and write
|
||
5CA000
|
stack
|
page read and write
|
||
647F000
|
stack
|
page read and write
|
||
AD2000
|
trusted library allocation
|
page read and write
|
||
5C80000
|
trusted library allocation
|
page read and write
|
||
50AC000
|
stack
|
page read and write
|
||
37E9000
|
trusted library allocation
|
page read and write
|
||
3CF0000
|
heap
|
page read and write
|
||
400000
|
unkown
|
page readonly
|
||
4AB000
|
unkown
|
page readonly
|
||
47CE000
|
direct allocation
|
page read and write
|
||
4D21000
|
trusted library allocation
|
page read and write
|
||
B46000
|
heap
|
page read and write
|
||
2829000
|
trusted library allocation
|
page read and write
|
||
4D26000
|
trusted library allocation
|
page read and write
|
||
2FD7000
|
heap
|
page read and write
|
||
4DE0000
|
heap
|
page read and write
|
||
4490000
|
direct allocation
|
page read and write
|
||
47CE000
|
direct allocation
|
page read and write
|
||
BDA000
|
heap
|
page read and write
|
||
4759000
|
direct allocation
|
page read and write
|
||
65C0000
|
heap
|
page read and write
|
||
A6D000
|
heap
|
page read and write
|
||
B39000
|
heap
|
page read and write
|
||
A6D000
|
heap
|
page read and write
|
||
61FE000
|
stack
|
page read and write
|
||
4DD0000
|
heap
|
page read and write
|
||
5D40000
|
heap
|
page read and write
|
||
5D1E000
|
stack
|
page read and write
|
||
A2E000
|
stack
|
page read and write
|
||
4D0B000
|
trusted library allocation
|
page read and write
|
||
4759000
|
direct allocation
|
page read and write
|
||
B00000
|
trusted library allocation
|
page read and write
|
||
AB3000
|
trusted library allocation
|
page execute and read and write
|
||
401000
|
unkown
|
page execute read
|
||
B10000
|
heap
|
page read and write
|
||
5350000
|
trusted library allocation
|
page read and write
|
||
73C8F000
|
unkown
|
page readonly
|
||
7F880000
|
trusted library allocation
|
page execute and read and write
|
||
AD6000
|
trusted library allocation
|
page execute and read and write
|
||
490000
|
unkown
|
page write copy
|
||
122F000
|
stack
|
page read and write
|
||
475D000
|
direct allocation
|
page read and write
|
||
490000
|
unkown
|
page read and write
|
||
4630000
|
direct allocation
|
page read and write
|
||
ACD000
|
trusted library allocation
|
page execute and read and write
|
||
4AB000
|
unkown
|
page readonly
|
||
5D7F000
|
heap
|
page read and write
|
||
19E000
|
stack
|
page read and write
|
||
B43000
|
heap
|
page read and write
|
||
3040000
|
heap
|
page read and write
|
||
5376000
|
trusted library allocation
|
page read and write
|
||
73C86000
|
unkown
|
page readonly
|
||
9EE000
|
stack
|
page read and write
|
||
475D000
|
direct allocation
|
page read and write
|
||
DB0000
|
heap
|
page read and write
|
||
482000
|
unkown
|
page readonly
|
||
4D1E000
|
trusted library allocation
|
page read and write
|
||
4759000
|
direct allocation
|
page read and write
|
||
3DAC000
|
heap
|
page read and write
|
||
D90000
|
trusted library allocation
|
page execute and read and write
|
||
45B3000
|
direct allocation
|
page read and write
|
||
5370000
|
trusted library allocation
|
page read and write
|
||
AC0000
|
trusted library allocation
|
page read and write
|
||
4630000
|
direct allocation
|
page read and write
|
||
A62000
|
heap
|
page read and write
|
||
45B3000
|
direct allocation
|
page read and write
|
||
73C70000
|
unkown
|
page readonly
|
||
4D00000
|
trusted library allocation
|
page read and write
|
||
4D32000
|
trusted library allocation
|
page read and write
|
||
482000
|
unkown
|
page readonly
|
There are 215 hidden memdumps, click here to show them.