Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\R5AREmpD4S.exe
|
"C:\Users\user\Desktop\R5AREmpD4S.exe"
|
 |
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://xilloolli.com/api.php?status=1&wa
|
unknown
|
||
|
https://ipinfo.io/country
|
unknown
|
||
|
http://xilloolli.com/api.phpEhttp://xilloolli.com/api-debug.php
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://xilloolli.com/api-debug.php
|
unknown
|
||
|
http://xilloolli.com
|
unknown
|
||
|
http://xilloolli.com/api.php
|
unknown
|
||
|
http://xilloolli.com/api.php?status=1&wallets=0&av=1
|
188.114.96.3
|
||
|
https://oklibed.com
|
unknown
|
||
|
https://github.com/reproteq/DiffPatchWpf3Copyright
|
unknown
|
||
|
https://ipinfo.io/ip
|
unknown
|
There are 1 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
xilloolli.com
|
188.114.96.3
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
188.114.96.3
|
xilloolli.com
|
European Union
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\R5AREmpD4S_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\R5AREmpD4S_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\R5AREmpD4S_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\R5AREmpD4S_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\R5AREmpD4S_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\R5AREmpD4S_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\R5AREmpD4S_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\R5AREmpD4S_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\R5AREmpD4S_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\R5AREmpD4S_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\R5AREmpD4S_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\R5AREmpD4S_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\R5AREmpD4S_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\R5AREmpD4S_RASMANCS
|
FileDirectory
|
There are 4 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
25100001000
|
trusted library allocation
|
page read and write
|
|
|
|
2517D962000
|
unkown
|
page readonly
|
|
|
|
7FF4E16DE000
|
trusted library allocation
|
page readonly
|
||
|
7FF848DD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
25118070000
|
heap
|
page read and write
|
||
|
E4EE3FE000
|
stack
|
page read and write
|
||
|
2511D1B0000
|
trusted library allocation
|
page read and write
|
||
|
251180B3000
|
heap
|
page read and write
|
||
|
7FF4E16C2000
|
trusted library allocation
|
page readonly
|
||
|
2511A410000
|
heap
|
page read and write
|
||
|
2517DA20000
|
heap
|
page read and write
|
||
|
2517DB2C000
|
heap
|
page read and write
|
||
|
2511A516000
|
heap
|
page read and write
|
||
|
2517DB00000
|
heap
|
page read and write
|
||
|
E4EF3FE000
|
stack
|
page read and write
|
||
|
E4EEBFB000
|
stack
|
page read and write
|
||
|
E4EEFFE000
|
stack
|
page read and write
|
||
|
2511A47F000
|
heap
|
page read and write
|
||
|
7FF848BE2000
|
trusted library allocation
|
page read and write
|
||
|
2511A5B9000
|
heap
|
page read and write
|
||
|
7FF848BD0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848BEA000
|
trusted library allocation
|
page read and write
|
||
|
7FF848BD2000
|
trusted library allocation
|
page read and write
|
||
|
7FF848C8C000
|
trusted library allocation
|
page execute and read and write
|
||
|
2517DB60000
|
heap
|
page read and write
|
||
|
2517DB20000
|
heap
|
page read and write
|
||
|
2517F985000
|
heap
|
page read and write
|
||
|
25118140000
|
heap
|
page read and write
|
||
|
25118091000
|
heap
|
page read and write
|
||
|
2511A5B1000
|
heap
|
page read and write
|
||
|
7FF4E16D4000
|
trusted library allocation
|
page readonly
|
||
|
251180AB000
|
heap
|
page read and write
|
||
|
2511C531000
|
heap
|
page read and write
|
||
|
2511C420000
|
heap
|
page read and write
|
||
|
2511C47C000
|
heap
|
page read and write
|
||
|
2511A43D000
|
heap
|
page read and write
|
||
|
E4F13FE000
|
stack
|
page read and write
|
||
|
2511BFD0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848BFD000
|
trusted library allocation
|
page execute and read and write
|
||
|
25100481000
|
trusted library allocation
|
page read and write
|
||
|
25118159000
|
heap
|
page read and write
|
||
|
2517FE93000
|
heap
|
page execute and read and write
|
||
|
2517DB62000
|
heap
|
page read and write
|
||
|
2511A45A000
|
heap
|
page read and write
|
||
|
2511A450000
|
heap
|
page read and write
|
||
|
2511D170000
|
trusted library allocation
|
page read and write
|
||
|
7FF848CB6000
|
trusted library allocation
|
page execute and read and write
|
||
|
251180BB000
|
heap
|
page read and write
|
||
|
25118240000
|
heap
|
page execute and read and write
|
||
|
2511C4C4000
|
heap
|
page read and write
|
||
|
7FF848BFB000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848BF4000
|
trusted library allocation
|
page read and write
|
||
|
2517DB8C000
|
heap
|
page read and write
|
||
|
7FF848D90000
|
trusted library allocation
|
page execute and read and write
|
||
|
2511A46E000
|
heap
|
page read and write
|
||
|
2510028F000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D70000
|
trusted library allocation
|
page read and write
|
||
|
2517F630000
|
trusted library allocation
|
page read and write
|
||
|
2511C4A0000
|
heap
|
page read and write
|
||
|
2511C540000
|
heap
|
page read and write
|
||
|
2511A5AF000
|
heap
|
page read and write
|
||
|
7FF848C80000
|
trusted library allocation
|
page read and write
|
||
|
2511B6B0000
|
trusted library allocation
|
page read and write
|
||
|
2517DCD0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D78000
|
trusted library allocation
|
page read and write
|
||
|
2511C4DC000
|
heap
|
page read and write
|
||
|
2511C53E000
|
heap
|
page read and write
|
||
|
7FF848C90000
|
trusted library allocation
|
page execute and read and write
|
||
|
25118150000
|
heap
|
page read and write
|
||
|
2511D2F0000
|
trusted library allocation
|
page read and write
|
||
|
7FF848D80000
|
trusted library allocation
|
page read and write
|
||
|
7FF848C2C000
|
trusted library allocation
|
page execute and read and write
|
||
|
2511C424000
|
heap
|
page read and write
|
||
|
2511C4C6000
|
heap
|
page read and write
|
||
|
7FF848BED000
|
trusted library allocation
|
page execute and read and write
|
||
|
2511C415000
|
heap
|
page read and write
|
||
|
2517DCA5000
|
heap
|
page read and write
|
||
|
2511C4D7000
|
heap
|
page read and write
|
||
|
251180DC000
|
heap
|
page read and write
|
||
|
2517D960000
|
unkown
|
page readonly
|
||
|
2511D310000
|
trusted library allocation
|
page read and write
|
||
|
2511801A000
|
heap
|
page read and write
|
||
|
7FF4E16D8000
|
trusted library allocation
|
page readonly
|
||
|
2511D2B0000
|
trusted library allocation
|
page read and write
|
||
|
7FF4E16C4000
|
trusted library allocation
|
page readonly
|
||
|
2511A4B6000
|
heap
|
page read and write
|
||
|
251180D8000
|
heap
|
page read and write
|
||
|
251180B5000
|
heap
|
page read and write
|
||
|
7FF848DA6000
|
trusted library allocation
|
page read and write
|
||
|
2511A5ED000
|
heap
|
page read and write
|
||
|
2517F560000
|
heap
|
page execute and read and write
|
||
|
25110001000
|
trusted library allocation
|
page read and write
|
||
|
2511C49E000
|
heap
|
page read and write
|
||
|
2517DC40000
|
heap
|
page read and write
|
||
|
7FF4E16DB000
|
trusted library allocation
|
page execute read
|
||
|
2511C4CA000
|
heap
|
page read and write
|
||
|
2510020C000
|
trusted library allocation
|
page read and write
|
||
|
2511C549000
|
heap
|
page read and write
|
||
|
25100494000
|
trusted library allocation
|
page read and write
|
||
|
E4ED7F4000
|
stack
|
page read and write
|
||
|
7FF848BE0000
|
trusted library allocation
|
page read and write
|
||
|
25100458000
|
trusted library allocation
|
page read and write
|
||
|
2511C525000
|
heap
|
page read and write
|
||
|
7FF4E16E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2511D190000
|
trusted library allocation
|
page read and write
|
||
|
7FF4E16DA000
|
trusted library allocation
|
page readonly
|
||
|
25118176000
|
heap
|
page read and write
|
||
|
2511801F000
|
heap
|
page read and write
|
||
|
251180FD000
|
heap
|
page read and write
|
||
|
2517DCF0000
|
heap
|
page read and write
|
||
|
2511A608000
|
heap
|
page read and write
|
||
|
251180BD000
|
heap
|
page read and write
|
||
|
25118068000
|
heap
|
page read and write
|
||
|
E4F07FB000
|
stack
|
page read and write
|
||
|
2511D320000
|
trusted library allocation
|
page read and write
|
||
|
2511C3E0000
|
heap
|
page read and write
|
||
|
2510046D000
|
trusted library allocation
|
page read and write
|
||
|
2511A4E8000
|
heap
|
page read and write
|
||
|
2511C481000
|
heap
|
page read and write
|
||
|
2511C41A000
|
heap
|
page read and write
|
||
|
2517F5F0000
|
heap
|
page read and write
|
||
|
7FF848DB0000
|
trusted library allocation
|
page read and write
|
||
|
25118160000
|
heap
|
page read and write
|
||
|
25110021000
|
trusted library allocation
|
page read and write
|
||
|
7FF848CF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2517DB26000
|
heap
|
page read and write
|
||
|
2511807D000
|
heap
|
page read and write
|
||
|
2511C7E0000
|
trusted library allocation
|
page read and write
|
||
|
2517F530000
|
heap
|
page read and write
|
||
|
2517DC20000
|
heap
|
page read and write
|
||
|
7FF4E16D5000
|
trusted library allocation
|
page execute read
|
||
|
7FF4E16D9000
|
trusted library allocation
|
page execute read
|
||
|
2511A610000
|
trusted library allocation
|
page read and write
|
||
|
2511C52B000
|
heap
|
page read and write
|
||
|
7FF4E16D2000
|
trusted library allocation
|
page readonly
|
||
|
2511D1A0000
|
trusted library allocation
|
page read and write
|
||
|
2511A421000
|
heap
|
page read and write
|
||
|
25100473000
|
trusted library allocation
|
page read and write
|
||
|
2511A56C000
|
heap
|
page read and write
|
||
|
7FF848BF0000
|
trusted library allocation
|
page read and write
|
||
|
2511C4E5000
|
heap
|
page read and write
|
||
|
25118260000
|
trusted library allocation
|
page read and write
|
||
|
7FF4E16D3000
|
trusted library allocation
|
page execute read
|
||
|
2517FFB0000
|
heap
|
page read and write
|
||
|
25118063000
|
heap
|
page read and write
|
||
|
7FF4E16C1000
|
trusted library allocation
|
page execute read
|
||
|
2517DCD3000
|
trusted library allocation
|
page read and write
|
||
|
E4F0FFD000
|
stack
|
page read and write
|
||
|
2511C539000
|
heap
|
page read and write
|
||
|
2517DB93000
|
heap
|
page read and write
|
||
|
2511C53B000
|
heap
|
page read and write
|
||
|
E4F0BFF000
|
stack
|
page read and write
|
||
|
7FF4E16DF000
|
trusted library allocation
|
page execute read
|
||
|
7FF848DA0000
|
trusted library allocation
|
page read and write
|
||
|
E4EF7FE000
|
stack
|
page read and write
|
||
|
E4F03FB000
|
stack
|
page read and write
|
||
|
2511D180000
|
trusted library allocation
|
page read and write
|
||
|
7FF4E16C5000
|
trusted library allocation
|
page execute read
|
||
|
2511C002000
|
trusted library allocation
|
page read and write
|
||
|
2511C51A000
|
heap
|
page read and write
|
||
|
2511C498000
|
heap
|
page read and write
|
||
|
2517DCC0000
|
trusted library allocation
|
page read and write
|
||
|
2511C48A000
|
heap
|
page read and write
|
||
|
7FF848C86000
|
trusted library allocation
|
page read and write
|
||
|
25118097000
|
heap
|
page read and write
|
||
|
2517DC90000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DC0000
|
trusted library allocation
|
page read and write
|
||
|
2517D984000
|
unkown
|
page readonly
|
||
|
7FF848D82000
|
trusted library allocation
|
page read and write
|
||
|
2511A5AA000
|
heap
|
page read and write
|
||
|
E4EFFF4000
|
stack
|
page read and write
|
||
|
25100487000
|
trusted library allocation
|
page read and write
|
||
|
25118031000
|
heap
|
page read and write
|
||
|
E4EE7FC000
|
stack
|
page read and write
|
||
|
7FF848BD4000
|
trusted library allocation
|
page read and write
|
||
|
25118053000
|
heap
|
page read and write
|
||
|
2517FE90000
|
heap
|
page execute and read and write
|
||
|
7FF4E16C3000
|
trusted library allocation
|
page execute read
|
||
|
2511A446000
|
heap
|
page read and write
|
||
|
25100499000
|
trusted library allocation
|
page read and write
|
||
|
7FF848DA8000
|
trusted library allocation
|
page read and write
|
||
|
2510031B000
|
trusted library allocation
|
page read and write
|
||
|
251004C3000
|
trusted library allocation
|
page read and write
|
||
|
251180B8000
|
heap
|
page read and write
|
||
|
7FF4E16C0000
|
trusted library allocation
|
page readonly
|
||
|
2511801C000
|
heap
|
page read and write
|
||
|
25118000000
|
heap
|
page read and write
|
||
|
7FF4E16D1000
|
trusted library allocation
|
page execute read
|
||
|
2517DCF5000
|
heap
|
page read and write
|
||
|
2517DCA0000
|
heap
|
page read and write
|
||
|
2517FFB3000
|
heap
|
page read and write
|
||
|
251180CC000
|
heap
|
page read and write
|
||
|
7FF848BDD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF848BD3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2511C4D1000
|
heap
|
page read and write
|
||
|
2511802B000
|
heap
|
page read and write
|
There are 186 hidden memdumps, click here to show them.