Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\6PJia32WYA.exe
|
"C:\Users\user\Desktop\6PJia32WYA.exe"
|
 |
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://go.microsoft.
|
unknown
|
||
|
http://go.microsoft.LinkId=42127
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
effects-tropical.gl.at.ply.gg
|
147.185.221.23
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
147.185.221.23
|
effects-tropical.gl.at.ply.gg
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER
|
di
|
||
|
HKEY_CURRENT_USER\SOFTWARE\6aa928d68a624
|
[kl]
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
902000
|
unkown
|
page readonly
|
|
|
|
D85000
|
heap
|
page read and write
|
||
|
F42000
|
trusted library allocation
|
page read and write
|
||
|
EFA000
|
trusted library allocation
|
page execute and read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
F06000
|
heap
|
page read and write
|
||
|
5830000
|
heap
|
page read and write
|
||
|
52C0000
|
unclassified section
|
page read and write
|
||
|
EE2000
|
trusted library allocation
|
page execute and read and write
|
||
|
F32000
|
trusted library allocation
|
page execute and read and write
|
||
|
EF2000
|
trusted library allocation
|
page execute and read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
2FF4000
|
trusted library allocation
|
page read and write
|
||
|
5860000
|
heap
|
page read and write
|
||
|
126E000
|
stack
|
page read and write
|
||
|
CF6000
|
stack
|
page read and write
|
||
|
F17000
|
trusted library allocation
|
page execute and read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
51FC000
|
stack
|
page read and write
|
||
|
EA0000
|
heap
|
page read and write
|
||
|
EEA000
|
trusted library allocation
|
page execute and read and write
|
||
|
102A000
|
heap
|
page read and write
|
||
|
908000
|
unkown
|
page readonly
|
||
|
5820000
|
heap
|
page read and write
|
||
|
F1A000
|
trusted library allocation
|
page execute and read and write
|
||
|
ED0000
|
trusted library allocation
|
page read and write
|
||
|
7F300000
|
trusted library allocation
|
page execute and read and write
|
||
|
13F0000
|
trusted library allocation
|
page read and write
|
||
|
30F5000
|
trusted library allocation
|
page read and write
|
||
|
2FF1000
|
trusted library allocation
|
page read and write
|
||
|
3FF1000
|
trusted library allocation
|
page read and write
|
||
|
5250000
|
trusted library allocation
|
page read and write
|
||
|
541F000
|
stack
|
page read and write
|
||
|
F7A000
|
heap
|
page read and write
|
||
|
E9E000
|
stack
|
page read and write
|
||
|
138C000
|
stack
|
page read and write
|
||
|
517C000
|
stack
|
page read and write
|
||
|
3044000
|
trusted library allocation
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
50EE000
|
stack
|
page read and write
|
||
|
99A000
|
stack
|
page read and write
|
||
|
F4B000
|
trusted library allocation
|
page execute and read and write
|
||
|
13E0000
|
heap
|
page read and write
|
||
|
51BB000
|
stack
|
page read and write
|
||
|
F3A000
|
trusted library allocation
|
page execute and read and write
|
||
|
5240000
|
trusted library allocation
|
page execute and read and write
|
||
|
116E000
|
stack
|
page read and write
|
||
|
56B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
900000
|
unkown
|
page readonly
|
||
|
EF0000
|
trusted library allocation
|
page read and write
|
||
|
102E000
|
heap
|
page read and write
|
||
|
308D000
|
trusted library allocation
|
page read and write
|
||
|
5239000
|
stack
|
page read and write
|
||
|
13C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
D4E000
|
stack
|
page read and write
|
||
|
103C000
|
heap
|
page read and write
|
||
|
1025000
|
heap
|
page read and write
|
||
|
531E000
|
stack
|
page read and write
|
||
|
13B0000
|
trusted library allocation
|
page read and write
|
||
|
1400000
|
heap
|
page execute and read and write
|
||
|
32CF000
|
trusted library allocation
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
12AE000
|
stack
|
page read and write
|
||
|
105B000
|
heap
|
page read and write
|
||
|
13E3000
|
heap
|
page read and write
|
||
|
3069000
|
trusted library allocation
|
page read and write
|
||
|
2CAF000
|
stack
|
page read and write
|
||
|
CF9000
|
stack
|
page read and write
|
||
|
1041000
|
heap
|
page read and write
|
||
|
13A0000
|
heap
|
page read and write
|
||
|
101A000
|
heap
|
page read and write
|
||
|
12B8000
|
trusted library allocation
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
FAE000
|
heap
|
page read and write
|
||
|
F7E000
|
heap
|
page read and write
|
||
|
F47000
|
trusted library allocation
|
page execute and read and write
|
||
|
1012000
|
heap
|
page read and write
|
||
|
100D000
|
heap
|
page read and write
|
There are 68 hidden memdumps, click here to show them.