Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\MHQMJCOxjl.exe
|
"C:\Users\user\Desktop\MHQMJCOxjl.exe"
|
 |
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://ipinfo.io/country
|
unknown
|
||
|
http://crl.microsoft
|
unknown
|
||
|
http://microsoft.co
|
unknown
|
||
|
https://xilloolli.com/api.phpGhttps://xilloolli.com/api-debug.php
|
unknown
|
||
|
https://oklibed.com
|
unknown
|
||
|
https://xilloolli.com
|
unknown
|
||
|
https://xilloolli.com/api.php
|
unknown
|
||
|
https://xilloolli.com/api-debug.php
|
unknown
|
||
|
https://xilloolli.com/api.php?status=1&wallets=0&av=1
|
188.114.97.3
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://xilloolli.com
|
unknown
|
||
|
https://xilloolli.com/api.php?status=1&walle
|
unknown
|
||
|
https://github.com/reproteq/DiffPatchWpf3Copyright
|
unknown
|
||
|
https://ipinfo.io/ip
|
unknown
|
There are 4 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
xilloolli.com
|
188.114.97.3
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
188.114.97.3
|
xilloolli.com
|
European Union
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MHQMJCOxjl_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MHQMJCOxjl_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MHQMJCOxjl_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MHQMJCOxjl_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MHQMJCOxjl_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MHQMJCOxjl_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MHQMJCOxjl_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MHQMJCOxjl_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MHQMJCOxjl_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MHQMJCOxjl_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MHQMJCOxjl_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MHQMJCOxjl_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MHQMJCOxjl_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\MHQMJCOxjl_RASMANCS
|
FileDirectory
|
There are 4 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2DC5D772000
|
unkown
|
page readonly
|
|
|
|
2DC5F451000
|
trusted library allocation
|
page read and write
|
|
|
|
2DC7A14F000
|
heap
|
page read and write
|
||
|
2DC7C0B0000
|
trusted library allocation
|
page read and write
|
||
|
7FF4995F0000
|
trusted library allocation
|
page readonly
|
||
|
2DC5F675000
|
trusted library allocation
|
page read and write
|
||
|
E3BF7FE000
|
stack
|
page read and write
|
||
|
7FFAAB5CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
E3C1FFE000
|
stack
|
page read and write
|
||
|
2DC5D770000
|
unkown
|
page readonly
|
||
|
7FFAAB5BA000
|
trusted library allocation
|
page read and write
|
||
|
2DC77D80000
|
trusted library allocation
|
page read and write
|
||
|
2DC77480000
|
trusted library allocation
|
page read and write
|
||
|
2DC5DC50000
|
heap
|
page read and write
|
||
|
7FFB16825000
|
unkown
|
page readonly
|
||
|
E3C27FF000
|
stack
|
page read and write
|
||
|
2DC7C2B7000
|
heap
|
page read and write
|
||
|
7FFAAB660000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DC7C7B0000
|
trusted library allocation
|
page read and write
|
||
|
2DC7A0F1000
|
heap
|
page read and write
|
||
|
2DC7C7A0000
|
trusted library allocation
|
page read and write
|
||
|
2DC5F8D6000
|
trusted library allocation
|
page read and write
|
||
|
2DC77EA4000
|
heap
|
page read and write
|
||
|
2DC5D853000
|
heap
|
page read and write
|
||
|
2DC7C3B5000
|
heap
|
page read and write
|
||
|
2DC7C34B000
|
heap
|
page read and write
|
||
|
7FFAAB5A4000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAB686000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DC7C25B000
|
heap
|
page read and write
|
||
|
2DC7A110000
|
heap
|
page read and write
|
||
|
2DC77EF9000
|
heap
|
page read and write
|
||
|
2DC77E57000
|
heap
|
page read and write
|
||
|
2DC5F3D0000
|
trusted library allocation
|
page read and write
|
||
|
2DC7A265000
|
heap
|
page read and write
|
||
|
2DC5D873000
|
heap
|
page read and write
|
||
|
2DC77DE0000
|
heap
|
page read and write
|
||
|
7FFAAB5C4000
|
trusted library allocation
|
page read and write
|
||
|
2DC7C33C000
|
heap
|
page read and write
|
||
|
2DC77E3C000
|
heap
|
page read and write
|
||
|
2DC5DA60000
|
heap
|
page read and write
|
||
|
7FFAAB6C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DC7C341000
|
heap
|
page read and write
|
||
|
2DC7C380000
|
heap
|
page read and write
|
||
|
2DC7C27B000
|
heap
|
page read and write
|
||
|
7FF499607000
|
trusted library allocation
|
page execute read
|
||
|
2DC7C780000
|
trusted library allocation
|
page read and write
|
||
|
2DC7A2CF000
|
heap
|
page read and write
|
||
|
7FFB16816000
|
unkown
|
page readonly
|
||
|
2DC5D930000
|
heap
|
page read and write
|
||
|
7FF49960A000
|
trusted library allocation
|
page readonly
|
||
|
E3BE7F4000
|
stack
|
page read and write
|
||
|
2DC7C770000
|
trusted library allocation
|
page read and write
|
||
|
7FF49960F000
|
trusted library allocation
|
page execute read
|
||
|
2DC7C120000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAB65C000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DC5F8D3000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAB778000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAB5A2000
|
trusted library allocation
|
page read and write
|
||
|
2DC5D794000
|
unkown
|
page readonly
|
||
|
2DC5D871000
|
heap
|
page read and write
|
||
|
E3C07FF000
|
stack
|
page read and write
|
||
|
7FFAAB7A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DC7C100000
|
trusted library allocation
|
page read and write
|
||
|
2DC5F8E4000
|
trusted library allocation
|
page read and write
|
||
|
2DC5F8C6000
|
trusted library allocation
|
page read and write
|
||
|
2DC77EBE000
|
heap
|
page read and write
|
||
|
2DC5F293000
|
trusted library allocation
|
page read and write
|
||
|
2DC7C290000
|
heap
|
page read and write
|
||
|
2DC7C29B000
|
heap
|
page read and write
|
||
|
2DC7A12E000
|
heap
|
page read and write
|
||
|
2DC5DA30000
|
heap
|
page read and write
|
||
|
2DC7A203000
|
heap
|
page read and write
|
||
|
2DC7A1C9000
|
heap
|
page read and write
|
||
|
2DC77EDE000
|
heap
|
page read and write
|
||
|
2DC5F679000
|
trusted library allocation
|
page read and write
|
||
|
2DC7BC72000
|
trusted library allocation
|
page read and write
|
||
|
2DC7A127000
|
heap
|
page read and write
|
||
|
2DC5DA40000
|
heap
|
page read and write
|
||
|
7FF4995F5000
|
trusted library allocation
|
page execute read
|
||
|
7FF499602000
|
trusted library allocation
|
page readonly
|
||
|
7FFAAB760000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DC77DD3000
|
heap
|
page read and write
|
||
|
2DC5F90D000
|
trusted library allocation
|
page read and write
|
||
|
2DC7A198000
|
heap
|
page read and write
|
||
|
E3C0BFE000
|
stack
|
page read and write
|
||
|
2DC7C297000
|
heap
|
page read and write
|
||
|
2DC5F8CD000
|
trusted library allocation
|
page read and write
|
||
|
2DC7C344000
|
heap
|
page read and write
|
||
|
7FFAAB656000
|
trusted library allocation
|
page read and write
|
||
|
2DC77EB8000
|
heap
|
page read and write
|
||
|
2DC5F8FB000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAB5AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DC77E4F000
|
heap
|
page read and write
|
||
|
2DC77EF0000
|
heap
|
page read and write
|
||
|
7FFB16801000
|
unkown
|
page execute read
|
||
|
7FF4995F4000
|
trusted library allocation
|
page readonly
|
||
|
2DC7A120000
|
heap
|
page read and write
|
||
|
7FFAAB748000
|
trusted library allocation
|
page read and write
|
||
|
7FF499603000
|
trusted library allocation
|
page execute read
|
||
|
2DC5F3B0000
|
heap
|
page execute and read and write
|
||
|
7FFAAB5FC000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DC7C2AC000
|
heap
|
page read and write
|
||
|
7FF49960E000
|
trusted library allocation
|
page readonly
|
||
|
2DC5F931000
|
trusted library allocation
|
page read and write
|
||
|
7FF4995F2000
|
trusted library allocation
|
page readonly
|
||
|
7FFAAB770000
|
trusted library allocation
|
page read and write
|
||
|
7FF499601000
|
trusted library allocation
|
page execute read
|
||
|
E3C1BFB000
|
stack
|
page read and write
|
||
|
2DC5F760000
|
trusted library allocation
|
page read and write
|
||
|
2DC77D90000
|
trusted library allocation
|
page read and write
|
||
|
2DC7C288000
|
heap
|
page read and write
|
||
|
2DC77F2B000
|
heap
|
page read and write
|
||
|
2DC5DA35000
|
heap
|
page read and write
|
||
|
2DC77DFF000
|
heap
|
page read and write
|
||
|
7FFAAB5BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DC77E2C000
|
heap
|
page read and write
|
||
|
7FFB16822000
|
unkown
|
page readonly
|
||
|
2DC7C110000
|
trusted library allocation
|
page read and write
|
||
|
2DC777DA000
|
heap
|
page read and write
|
||
|
7FFAAB5A0000
|
trusted library allocation
|
page read and write
|
||
|
7FF499604000
|
trusted library allocation
|
page readonly
|
||
|
2DC7C2B3000
|
heap
|
page read and write
|
||
|
2DC5F8C9000
|
trusted library allocation
|
page read and write
|
||
|
2DC6F471000
|
trusted library allocation
|
page read and write
|
||
|
2DC77EC5000
|
heap
|
page read and write
|
||
|
7FFAAB5B0000
|
trusted library allocation
|
page read and write
|
||
|
2DC7C293000
|
heap
|
page read and write
|
||
|
2DC5F909000
|
trusted library allocation
|
page read and write
|
||
|
7FF499610000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF49960B000
|
trusted library allocation
|
page execute read
|
||
|
2DC77D23000
|
heap
|
page execute and read and write
|
||
|
7FFAAB752000
|
trusted library allocation
|
page read and write
|
||
|
2DC7C2FF000
|
heap
|
page read and write
|
||
|
2DC7A26A000
|
heap
|
page read and write
|
||
|
E3BFFFB000
|
stack
|
page read and write
|
||
|
2DC7A10D000
|
heap
|
page read and write
|
||
|
7FF4995F1000
|
trusted library allocation
|
page execute read
|
||
|
2DC5F290000
|
trusted library allocation
|
page read and write
|
||
|
2DC77EAC000
|
heap
|
page read and write
|
||
|
2DC5F68A000
|
trusted library allocation
|
page read and write
|
||
|
7FF499606000
|
trusted library allocation
|
page readonly
|
||
|
E3C13F4000
|
stack
|
page read and write
|
||
|
2DC7A208000
|
heap
|
page read and write
|
||
|
E3C03FE000
|
stack
|
page read and write
|
||
|
2DC7A2D1000
|
heap
|
page read and write
|
||
|
2DC5F8E9000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAB5A3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DC7C28A000
|
heap
|
page read and write
|
||
|
2DC5DA10000
|
heap
|
page read and write
|
||
|
2DC5D8A8000
|
heap
|
page read and write
|
||
|
2DC7A25C000
|
heap
|
page read and write
|
||
|
2DC5DC40000
|
trusted library allocation
|
page read and write
|
||
|
2DC77E1F000
|
heap
|
page read and write
|
||
|
2DC5F8A8000
|
trusted library allocation
|
page read and write
|
||
|
2DC7A0E0000
|
heap
|
page read and write
|
||
|
E3C17FB000
|
stack
|
page read and write
|
||
|
2DC5F668000
|
trusted library allocation
|
page read and write
|
||
|
2DC7A1FF000
|
heap
|
page read and write
|
||
|
2DC77E4C000
|
heap
|
page read and write
|
||
|
E3C2BFD000
|
stack
|
page read and write
|
||
|
2DC5F390000
|
heap
|
page execute and read and write
|
||
|
2DC7C130000
|
trusted library allocation
|
page read and write
|
||
|
2DC5DC55000
|
heap
|
page read and write
|
||
|
2DC5F280000
|
trusted library allocation
|
page read and write
|
||
|
E3BFBFC000
|
stack
|
page read and write
|
||
|
2DC5F8BA000
|
trusted library allocation
|
page read and write
|
||
|
2DC7A217000
|
heap
|
page read and write
|
||
|
2DC5D8A3000
|
heap
|
page read and write
|
||
|
2DC6F451000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAB740000
|
trusted library allocation
|
page read and write
|
||
|
2DC5D836000
|
heap
|
page read and write
|
||
|
2DC77E7C000
|
heap
|
page read and write
|
||
|
2DC77ED8000
|
heap
|
page read and write
|
||
|
7FFAAB780000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAB776000
|
trusted library allocation
|
page read and write
|
||
|
2DC5D85B000
|
heap
|
page read and write
|
||
|
7FFB16800000
|
unkown
|
page readonly
|
||
|
2DC7C208000
|
heap
|
page read and write
|
||
|
2DC77E81000
|
heap
|
page read and write
|
||
|
2DC7C257000
|
heap
|
page read and write
|
||
|
2DC7C140000
|
heap
|
page read and write
|
||
|
7FF499605000
|
trusted library allocation
|
page execute read
|
||
|
E3C23FD000
|
stack
|
page read and write
|
||
|
2DC7C790000
|
trusted library allocation
|
page read and write
|
||
|
2DC7A255000
|
heap
|
page read and write
|
||
|
7FFAAB5CB000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DC77EA6000
|
heap
|
page read and write
|
||
|
2DC77EAE000
|
heap
|
page read and write
|
||
|
7FF4995F3000
|
trusted library allocation
|
page execute read
|
||
|
2DC7C280000
|
heap
|
page read and write
|
||
|
2DC5D83C000
|
heap
|
page read and write
|
||
|
2DC77EC9000
|
heap
|
page read and write
|
||
|
2DC77ECE000
|
heap
|
page read and write
|
||
|
2DC5D830000
|
heap
|
page read and write
|
||
|
2DC77EE0000
|
heap
|
page read and write
|
||
|
7FFAAB750000
|
trusted library allocation
|
page read and write
|
||
|
2DC5F340000
|
heap
|
page read and write
|
||
|
7FFB16820000
|
unkown
|
page read and write
|
||
|
2DC5D89E000
|
heap
|
page read and write
|
||
|
7FFAAB5B2000
|
trusted library allocation
|
page read and write
|
||
|
2DC77EBA000
|
heap
|
page read and write
|
||
|
7FFAAB5C0000
|
trusted library allocation
|
page read and write
|
||
|
2DC5F65D000
|
trusted library allocation
|
page read and write
|
||
|
2DC5F8D1000
|
trusted library allocation
|
page read and write
|
||
|
2DC77EDC000
|
heap
|
page read and write
|
||
|
2DC7C285000
|
heap
|
page read and write
|
||
|
2DC77EA9000
|
heap
|
page read and write
|
||
|
2DC77D20000
|
heap
|
page execute and read and write
|
||
|
2DC7A24B000
|
heap
|
page read and write
|
||
|
7FFAAB650000
|
trusted library allocation
|
page read and write
|
||
|
7FFAAB790000
|
trusted library allocation
|
page read and write
|
||
|
2DC5F440000
|
heap
|
page read and write
|
||
|
2DC77DD0000
|
heap
|
page read and write
|
||
|
2DC77E5C000
|
heap
|
page read and write
|
There are 204 hidden memdumps, click here to show them.