Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\DBUfLVzZhf.exe
|
"C:\Users\user\Desktop\DBUfLVzZhf.exe"
|
 |
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://xilloolli.com/api.php?status=1&wa
|
unknown
|
||
|
https://ipinfo.io/country
|
unknown
|
||
|
http://xilloolli.com/api.phpEhttp://xilloolli.com/api-debug.php
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://xilloolli.com/api-debug.php
|
unknown
|
||
|
http://xilloolli.com
|
unknown
|
||
|
http://xilloolli.com/api.php
|
unknown
|
||
|
http://xilloolli.com/api.php?status=1&wallets=0&av=1
|
188.114.96.3
|
||
|
http://xilloolli.com/api.php?status=1&wallets=0&av=10v
|
unknown
|
||
|
https://oklibed.com
|
unknown
|
||
|
https://github.com/reproteq/DiffPatchWpf3Copyright
|
unknown
|
||
|
https://ipinfo.io/ip
|
unknown
|
There are 2 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
xilloolli.com
|
188.114.96.3
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
188.114.96.3
|
xilloolli.com
|
European Union
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\DBUfLVzZhf_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\DBUfLVzZhf_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\DBUfLVzZhf_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\DBUfLVzZhf_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\DBUfLVzZhf_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\DBUfLVzZhf_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\DBUfLVzZhf_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\DBUfLVzZhf_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\DBUfLVzZhf_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\DBUfLVzZhf_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\DBUfLVzZhf_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\DBUfLVzZhf_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\DBUfLVzZhf_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\DBUfLVzZhf_RASMANCS
|
FileDirectory
|
There are 4 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
176D2342000
|
unkown
|
page readonly
|
|
|
|
176D4171000
|
trusted library allocation
|
page read and write
|
|
|
|
176F0D2D000
|
heap
|
page read and write
|
||
|
7FFD343A0000
|
trusted library allocation
|
page read and write
|
||
|
176D2520000
|
heap
|
page read and write
|
||
|
176F0D32000
|
heap
|
page read and write
|
||
|
176F0C56000
|
heap
|
page read and write
|
||
|
7FFD34270000
|
trusted library allocation
|
page execute and read and write
|
||
|
176D26A3000
|
trusted library allocation
|
page read and write
|
||
|
176EC8BD000
|
heap
|
page read and write
|
||
|
176EC8CA000
|
heap
|
page read and write
|
||
|
176D45D9000
|
trusted library allocation
|
page read and write
|
||
|
176F1390000
|
trusted library allocation
|
page read and write
|
||
|
176EC9F0000
|
heap
|
page read and write
|
||
|
176D26A0000
|
trusted library allocation
|
page read and write
|
||
|
176D4632000
|
trusted library allocation
|
page read and write
|
||
|
7FF4AC8CB000
|
trusted library allocation
|
page execute read
|
||
|
176EEC8D000
|
heap
|
page read and write
|
||
|
176D4110000
|
heap
|
page execute and read and write
|
||
|
598C5FC000
|
stack
|
page read and write
|
||
|
176EC847000
|
heap
|
page read and write
|
||
|
7FFD341C2000
|
trusted library allocation
|
page read and write
|
||
|
7FF4AC8B5000
|
trusted library allocation
|
page execute read
|
||
|
176D25A6000
|
heap
|
page read and write
|
||
|
176EC9C3000
|
heap
|
page read and write
|
||
|
176F0CC6000
|
heap
|
page read and write
|
||
|
176D44AA000
|
trusted library allocation
|
page read and write
|
||
|
7FFD341CA000
|
trusted library allocation
|
page read and write
|
||
|
176D4609000
|
trusted library allocation
|
page read and write
|
||
|
7FF4AC8CF000
|
trusted library allocation
|
page execute read
|
||
|
176D25A0000
|
heap
|
page read and write
|
||
|
176EC8DC000
|
heap
|
page read and write
|
||
|
176EC8E8000
|
heap
|
page read and write
|
||
|
176F06E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD341C0000
|
trusted library allocation
|
page read and write
|
||
|
7FF4AC8C3000
|
trusted library allocation
|
page execute read
|
||
|
176F0CB2000
|
heap
|
page read and write
|
||
|
7FFD341B4000
|
trusted library allocation
|
page read and write
|
||
|
176F0CEE000
|
heap
|
page read and write
|
||
|
7FFD3426C000
|
trusted library allocation
|
page execute and read and write
|
||
|
176ECA1A000
|
heap
|
page read and write
|
||
|
176F0D56000
|
heap
|
page read and write
|
||
|
7FFD341DB000
|
trusted library allocation
|
page execute and read and write
|
||
|
176EC8FD000
|
heap
|
page read and write
|
||
|
176EC899000
|
heap
|
page read and write
|
||
|
7FF4AC8B2000
|
trusted library allocation
|
page readonly
|
||
|
7FFD34390000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34266000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34358000
|
trusted library allocation
|
page read and write
|
||
|
176D26D0000
|
heap
|
page execute and read and write
|
||
|
176EEDF4000
|
heap
|
page read and write
|
||
|
176EC8C0000
|
heap
|
page read and write
|
||
|
176D2400000
|
heap
|
page read and write
|
||
|
7FF4AC8C4000
|
trusted library allocation
|
page readonly
|
||
|
7FF4AC8C8000
|
trusted library allocation
|
page readonly
|
||
|
176F1210000
|
trusted library allocation
|
page read and write
|
||
|
176EC8E5000
|
heap
|
page read and write
|
||
|
7FF4AC8B0000
|
trusted library allocation
|
page readonly
|
||
|
176EC876000
|
heap
|
page read and write
|
||
|
176D27F5000
|
heap
|
page read and write
|
||
|
7FF4AC8CE000
|
trusted library allocation
|
page readonly
|
||
|
176EED25000
|
heap
|
page read and write
|
||
|
7FFD341B0000
|
trusted library allocation
|
page read and write
|
||
|
176F0D45000
|
heap
|
page read and write
|
||
|
176EEE5A000
|
heap
|
page read and write
|
||
|
176F0D4C000
|
heap
|
page read and write
|
||
|
176EECF4000
|
heap
|
page read and write
|
||
|
176EC92B000
|
heap
|
page read and write
|
||
|
176F0CE0000
|
heap
|
page read and write
|
||
|
176D45F3000
|
trusted library allocation
|
page read and write
|
||
|
176D45ED000
|
trusted library allocation
|
page read and write
|
||
|
176EED5A000
|
heap
|
page read and write
|
||
|
7FF4AC8B1000
|
trusted library allocation
|
page execute read
|
||
|
598B1F4000
|
stack
|
page read and write
|
||
|
176F13A0000
|
trusted library allocation
|
page read and write
|
||
|
7FF4AC8C1000
|
trusted library allocation
|
page execute read
|
||
|
176D25E4000
|
heap
|
page read and write
|
||
|
176F0CE2000
|
heap
|
page read and write
|
||
|
7FFD341B2000
|
trusted library allocation
|
page read and write
|
||
|
7FF4AC8C5000
|
trusted library allocation
|
page execute read
|
||
|
176F0C44000
|
heap
|
page read and write
|
||
|
7FFD341B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
176D4120000
|
heap
|
page execute and read and write
|
||
|
176EEE54000
|
heap
|
page read and write
|
||
|
176F0CF8000
|
heap
|
page read and write
|
||
|
176D2340000
|
unkown
|
page readonly
|
||
|
176EC915000
|
heap
|
page read and write
|
||
|
176EC863000
|
heap
|
page read and write
|
||
|
176EC837000
|
heap
|
page read and write
|
||
|
7FFD341D4000
|
trusted library allocation
|
page read and write
|
||
|
176D4604000
|
trusted library allocation
|
page read and write
|
||
|
176D2364000
|
unkown
|
page readonly
|
||
|
7FFD341CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
598E1FB000
|
stack
|
page read and write
|
||
|
7FF4AC8D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
176F0D5D000
|
heap
|
page read and write
|
||
|
7FF4AC8C9000
|
trusted library allocation
|
page execute read
|
||
|
176F1330000
|
trusted library allocation
|
page read and write
|
||
|
176EC1A0000
|
trusted library allocation
|
page read and write
|
||
|
176F1200000
|
trusted library allocation
|
page read and write
|
||
|
176E4191000
|
trusted library allocation
|
page read and write
|
||
|
176D2570000
|
trusted library allocation
|
page read and write
|
||
|
176D45C6000
|
trusted library allocation
|
page read and write
|
||
|
176EEE4D000
|
heap
|
page read and write
|
||
|
176EC9D0000
|
heap
|
page read and write
|
||
|
176D25CB000
|
heap
|
page read and write
|
||
|
176D4113000
|
heap
|
page execute and read and write
|
||
|
598D5FE000
|
stack
|
page read and write
|
||
|
598C9FB000
|
stack
|
page read and write
|
||
|
598EDFD000
|
stack
|
page read and write
|
||
|
176EEE37000
|
heap
|
page read and write
|
||
|
176EC8EB000
|
heap
|
page read and write
|
||
|
176F1320000
|
trusted library allocation
|
page read and write
|
||
|
176EC9C0000
|
heap
|
page read and write
|
||
|
598E5FB000
|
stack
|
page read and write
|
||
|
176D2590000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34370000
|
trusted library allocation
|
page execute and read and write
|
||
|
176D27F0000
|
heap
|
page read and write
|
||
|
176F1340000
|
trusted library allocation
|
page read and write
|
||
|
598CDFE000
|
stack
|
page read and write
|
||
|
176F0C10000
|
heap
|
page read and write
|
||
|
598DDF4000
|
stack
|
page read and write
|
||
|
176EEDF1000
|
heap
|
page read and write
|
||
|
176D25E1000
|
heap
|
page read and write
|
||
|
176D2850000
|
heap
|
page read and write
|
||
|
176D45E9000
|
trusted library allocation
|
page read and write
|
||
|
7FFD341DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
176EEC60000
|
heap
|
page read and write
|
||
|
176EC8F0000
|
heap
|
page read and write
|
||
|
176F1070000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3420C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF4AC8C2000
|
trusted library allocation
|
page readonly
|
||
|
176D2618000
|
heap
|
page read and write
|
||
|
598E5FD000
|
stack
|
page read and write
|
||
|
176EEC71000
|
heap
|
page read and write
|
||
|
176EC8A6000
|
heap
|
page read and write
|
||
|
176EEDFB000
|
heap
|
page read and write
|
||
|
7FFD34360000
|
trusted library allocation
|
page read and write
|
||
|
176D260E000
|
heap
|
page read and write
|
||
|
176EEC9D000
|
heap
|
page read and write
|
||
|
176F0802000
|
trusted library allocation
|
page read and write
|
||
|
176EC8C4000
|
heap
|
page read and write
|
||
|
176D4160000
|
heap
|
page read and write
|
||
|
176EEDAF000
|
heap
|
page read and write
|
||
|
176EC891000
|
heap
|
page read and write
|
||
|
598D1FE000
|
stack
|
page read and write
|
||
|
176EC9E9000
|
heap
|
page read and write
|
||
|
176D45DC000
|
trusted library allocation
|
page read and write
|
||
|
176D2810000
|
heap
|
page read and write
|
||
|
176EC9E0000
|
heap
|
page read and write
|
||
|
176EECA2000
|
heap
|
page read and write
|
||
|
7FFD341BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
176F0CDE000
|
heap
|
page read and write
|
||
|
7FFD343B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
598C1FE000
|
stack
|
page read and write
|
||
|
7FFD34260000
|
trusted library allocation
|
page read and write
|
||
|
7FF4AC8CA000
|
trusted library allocation
|
page readonly
|
||
|
176F0C4B000
|
heap
|
page read and write
|
||
|
176D24E0000
|
heap
|
page read and write
|
||
|
7FFD34350000
|
trusted library allocation
|
page read and write
|
||
|
176F0D40000
|
heap
|
page read and write
|
||
|
176E4171000
|
trusted library allocation
|
page read and write
|
||
|
176D437D000
|
trusted library allocation
|
page read and write
|
||
|
176F0D3C000
|
heap
|
page read and write
|
||
|
176D2855000
|
heap
|
page read and write
|
||
|
176F1350000
|
trusted library allocation
|
page read and write
|
||
|
176F0C00000
|
trusted library allocation
|
page read and write
|
||
|
176F0C4D000
|
heap
|
page read and write
|
||
|
176EC830000
|
heap
|
page read and write
|
||
|
176EC90B000
|
heap
|
page read and write
|
||
|
598E9FE000
|
stack
|
page read and write
|
||
|
176EC88E000
|
heap
|
page read and write
|
||
|
176EC90F000
|
heap
|
page read and write
|
||
|
7FF4AC8B4000
|
trusted library allocation
|
page readonly
|
||
|
176D4140000
|
trusted library allocation
|
page read and write
|
||
|
176F1220000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34380000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34296000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF4AC8B3000
|
trusted library allocation
|
page execute read
|
||
|
176D2500000
|
heap
|
page read and write
|
||
|
176F0D4E000
|
heap
|
page read and write
|
||
|
7FFD34362000
|
trusted library allocation
|
page read and write
|
||
|
7FFD342D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
176EECBB000
|
heap
|
page read and write
|
||
|
176EEDED000
|
heap
|
page read and write
|
||
|
176EC921000
|
heap
|
page read and write
|
||
|
176D26E7000
|
heap
|
page read and write
|
||
|
176EEE30000
|
heap
|
page read and write
|
||
|
7FFD34388000
|
trusted library allocation
|
page read and write
|
||
|
7FFD341D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34386000
|
trusted library allocation
|
page read and write
|
There are 181 hidden memdumps, click here to show them.