Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\rrwzOU7A9F.exe
|
"C:\Users\user\Desktop\rrwzOU7A9F.exe"
|
 |
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
dcxwq1.duckdns.org
|
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
dcxwq1.duckdns.org
|
101.99.92.203
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
101.99.92.203
|
dcxwq1.duckdns.org
|
Malaysia
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
542000
|
unkown
|
page readonly
|
|
|
|
2911000
|
trusted library allocation
|
page read and write
|
|
|
|
7FFD34650000
|
trusted library allocation
|
page execute and read and write
|
||
|
277E000
|
stack
|
page read and write
|
||
|
7FFD34540000
|
trusted library allocation
|
page read and write
|
||
|
12918000
|
trusted library allocation
|
page read and write
|
||
|
DED000
|
stack
|
page read and write
|
||
|
1AC9B000
|
heap
|
page read and write
|
||
|
CE5000
|
heap
|
page read and write
|
||
|
A73000
|
trusted library allocation
|
page read and write
|
||
|
1B8B3000
|
heap
|
page read and write
|
||
|
8F1000
|
stack
|
page read and write
|
||
|
1C00A000
|
stack
|
page read and write
|
||
|
7FFD3454D000
|
trusted library allocation
|
page execute and read and write
|
||
|
540000
|
unkown
|
page readonly
|
||
|
B03000
|
heap
|
page read and write
|
||
|
7FF42DDC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34533000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD3458C000
|
trusted library allocation
|
page execute and read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
7FFD34616000
|
trusted library allocation
|
page execute and read and write
|
||
|
CE0000
|
heap
|
page read and write
|
||
|
EF0000
|
heap
|
page read and write
|
||
|
7FFD345E0000
|
trusted library allocation
|
page read and write
|
||
|
1B46A000
|
stack
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
C8D000
|
stack
|
page read and write
|
||
|
54C000
|
unkown
|
page readonly
|
||
|
1C10C000
|
stack
|
page read and write
|
||
|
7FFD346E0000
|
trusted library allocation
|
page read and write
|
||
|
F73000
|
heap
|
page read and write
|
||
|
1B66E000
|
stack
|
page read and write
|
||
|
1BB00000
|
heap
|
page read and write
|
||
|
B54000
|
heap
|
page read and write
|
||
|
1B870000
|
heap
|
page read and write
|
||
|
7FFD345E6000
|
trusted library allocation
|
page read and write
|
||
|
1B8C6000
|
heap
|
page read and write
|
||
|
A80000
|
heap
|
page execute and read and write
|
||
|
1B86F000
|
stack
|
page read and write
|
||
|
ABB000
|
heap
|
page read and write
|
||
|
B57000
|
heap
|
page read and write
|
||
|
A40000
|
trusted library allocation
|
page read and write
|
||
|
1B76C000
|
stack
|
page read and write
|
||
|
1B2D5000
|
stack
|
page read and write
|
||
|
1B88D000
|
heap
|
page read and write
|
||
|
A70000
|
trusted library allocation
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
7FFD345F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1A940000
|
trusted library allocation
|
page read and write
|
||
|
AD1000
|
heap
|
page read and write
|
||
|
7FFD34554000
|
trusted library allocation
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
A60000
|
trusted library allocation
|
page read and write
|
||
|
12911000
|
trusted library allocation
|
page read and write
|
||
|
7FFD346F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
27BE000
|
stack
|
page read and write
|
||
|
7FFD3455D000
|
trusted library allocation
|
page execute and read and write
|
||
|
12921000
|
trusted library allocation
|
page read and write
|
||
|
1B8E0000
|
heap
|
page read and write
|
||
|
7FFD34530000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3453D000
|
trusted library allocation
|
page execute and read and write
|
||
|
EED000
|
stack
|
page read and write
|
||
|
AFF000
|
heap
|
page read and write
|
||
|
1BD0C000
|
stack
|
page read and write
|
||
|
1BF0B000
|
stack
|
page read and write
|
||
|
A9C000
|
heap
|
page read and write
|
||
|
F90000
|
heap
|
page read and write
|
||
|
7FFD34534000
|
trusted library allocation
|
page read and write
|
||
|
A90000
|
heap
|
page read and write
|
||
|
7FFD346D0000
|
trusted library allocation
|
page read and write
|
||
|
1B360000
|
heap
|
page execute and read and write
|
||
|
F95000
|
heap
|
page read and write
|
||
|
1B8CD000
|
heap
|
page read and write
|
||
|
1AE9D000
|
stack
|
page read and write
|
||
|
2800000
|
heap
|
page read and write
|
||
|
540000
|
unkown
|
page readonly
|
||
|
7FFD34542000
|
trusted library allocation
|
page read and write
|
||
|
1B8EA000
|
heap
|
page read and write
|
||
|
7FFD345EC000
|
trusted library allocation
|
page execute and read and write
|
||
|
A96000
|
heap
|
page read and write
|
||
|
7FFD34550000
|
trusted library allocation
|
page read and write
|
||
|
AD3000
|
heap
|
page read and write
|
||
|
290E000
|
stack
|
page read and write
|
||
|
1B564000
|
stack
|
page read and write
|
||
|
B0A000
|
heap
|
page read and write
|
There are 76 hidden memdumps, click here to show them.