Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
hdI44WsQzp
|
ASCII text, with CRLF line terminators
|
initial sample
|
||
|
C:\Users\user\AppData\Local\D3DSCache\e8010882af4f153f\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
|
ASCII text, with no line terminators
|
modified
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\Taskmgr.exe
|
"C:\Windows\system32\taskmgr.exe" /4
|
 |
|
|
C:\Windows\System32\Taskmgr.exe
|
"C:\Windows\system32\taskmgr.exe" /4
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\TaskManager
|
UseStatusSetting
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\TaskManager
|
Preferences
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1441078000
|
stack
|
page read and write
|
||
|
1B5DA0CD000
|
heap
|
page read and write
|
||
|
1B5DAF67000
|
heap
|
page read and write
|
||
|
1B5DA02D000
|
heap
|
page read and write
|
||
|
1B5DAB9E000
|
heap
|
page read and write
|
||
|
1B5DAAB8000
|
heap
|
page read and write
|
||
|
1B5DADDD000
|
heap
|
page read and write
|
||
|
1B5DA090000
|
heap
|
page read and write
|
||
|
1B5DB4AE000
|
heap
|
page read and write
|
||
|
1B5D5FEB000
|
heap
|
page read and write
|
||
|
1B5DAB61000
|
heap
|
page read and write
|
||
|
1B5DAA8D000
|
heap
|
page read and write
|
||
|
1440C7E000
|
stack
|
page read and write
|
||
|
1B5DAAA1000
|
heap
|
page read and write
|
||
|
1B5DB4DD000
|
heap
|
page read and write
|
||
|
1B5DADD1000
|
heap
|
page read and write
|
||
|
1B5DB4B8000
|
heap
|
page read and write
|
||
|
1B5DA6F9000
|
heap
|
page read and write
|
||
|
1B5DAB57000
|
heap
|
page read and write
|
||
|
1B5DB50B000
|
heap
|
page read and write
|
||
|
1440DFB000
|
stack
|
page read and write
|
||
|
1B5DB48B000
|
heap
|
page read and write
|
||
|
1B5DB4BB000
|
heap
|
page read and write
|
||
|
1B5DA60B000
|
heap
|
page read and write
|
||
|
1B5DAF84000
|
heap
|
page read and write
|
||
|
1B5DAD9C000
|
heap
|
page read and write
|
||
|
14409FD000
|
stack
|
page read and write
|
||
|
1B5DA72A000
|
heap
|
page read and write
|
||
|
1B5DAAAF000
|
heap
|
page read and write
|
||
|
144137F000
|
stack
|
page read and write
|
||
|
1B5DAEBF000
|
heap
|
page read and write
|
||
|
1B5DA6AA000
|
heap
|
page read and write
|
||
|
1B5DAA7B000
|
heap
|
page read and write
|
||
|
1B5DB4A5000
|
heap
|
page read and write
|
||
|
1B5D5F63000
|
heap
|
page read and write
|
||
|
1B5DA430000
|
trusted library section
|
page read and write
|
||
|
1B5DAAA5000
|
heap
|
page read and write
|
||
|
1B5DA662000
|
heap
|
page read and write
|
||
|
1B5DA61E000
|
heap
|
page read and write
|
||
|
1B5DA65E000
|
heap
|
page read and write
|
||
|
1B5DA663000
|
heap
|
page read and write
|
||
|
1B5D9530000
|
trusted library allocation
|
page read and write
|
||
|
1B5DAB11000
|
heap
|
page read and write
|
||
|
1B5DAA8C000
|
heap
|
page read and write
|
||
|
1B5DADF8000
|
heap
|
page read and write
|
||
|
1B5DA72C000
|
heap
|
page read and write
|
||
|
1B5DA60B000
|
heap
|
page read and write
|
||
|
1B5DA590000
|
heap
|
page read and write
|
||
|
1B5DB58C000
|
heap
|
page read and write
|
||
|
1B5DAA63000
|
heap
|
page read and write
|
||
|
1B5DA56F000
|
heap
|
page read and write
|
||
|
1B5DA988000
|
heap
|
page read and write
|
||
|
1B5DAF19000
|
heap
|
page read and write
|
||
|
1B5DADE4000
|
heap
|
page read and write
|
||
|
1B5DB4E7000
|
heap
|
page read and write
|
||
|
1B5DA730000
|
heap
|
page read and write
|
||
|
1B5DAA91000
|
heap
|
page read and write
|
||
|
1B5DB4EA000
|
heap
|
page read and write
|
||
|
1B5D5FA6000
|
heap
|
page read and write
|
||
|
1B5DA6C2000
|
heap
|
page read and write
|
||
|
1B5DB4CE000
|
heap
|
page read and write
|
||
|
1B5DAAC8000
|
heap
|
page read and write
|
||
|
1440CFE000
|
stack
|
page read and write
|
||
|
1B5DAAA1000
|
heap
|
page read and write
|
||
|
1B5DAD88000
|
heap
|
page read and write
|
||
|
1B5DA663000
|
heap
|
page read and write
|
||
|
1B5DACC7000
|
heap
|
page read and write
|
||
|
1B5DA627000
|
heap
|
page read and write
|
||
|
1B5DA665000
|
heap
|
page read and write
|
||
|
1B5DAABF000
|
heap
|
page read and write
|
||
|
1B5DAB57000
|
heap
|
page read and write
|
||
|
1B5DABA0000
|
heap
|
page read and write
|
||
|
1B5DAAB0000
|
heap
|
page read and write
|
||
|
1B5DA617000
|
heap
|
page read and write
|
||
|
1B5DAA4B000
|
heap
|
page read and write
|
||
|
1B5DA0AB000
|
heap
|
page read and write
|
||
|
1B5DAD64000
|
heap
|
page read and write
|
||
|
1B5D5FE4000
|
heap
|
page read and write
|
||
|
1B5DAA76000
|
heap
|
page read and write
|
||
|
1B5DA692000
|
heap
|
page read and write
|
||
|
1B5D5FF1000
|
heap
|
page read and write
|
||
|
1B5DA62A000
|
heap
|
page read and write
|
||
|
1B5DAA76000
|
heap
|
page read and write
|
||
|
1B5DAB40000
|
heap
|
page read and write
|
||
|
1B5DA6C5000
|
heap
|
page read and write
|
||
|
1B5DAF47000
|
heap
|
page read and write
|
||
|
1B5DAABF000
|
heap
|
page read and write
|
||
|
14411FB000
|
stack
|
page read and write
|
||
|
1B5DAA47000
|
heap
|
page read and write
|
||
|
1B5DAAA7000
|
heap
|
page read and write
|
||
|
1B5DAA5D000
|
heap
|
page read and write
|
||
|
1440EFE000
|
stack
|
page read and write
|
||
|
1B5DA470000
|
trusted library allocation
|
page read and write
|
||
|
1440F7D000
|
stack
|
page read and write
|
||
|
1B5DAA5E000
|
heap
|
page read and write
|
||
|
14410FE000
|
stack
|
page read and write
|
||
|
1B5DA690000
|
heap
|
page read and write
|
||
|
1B5DA6DB000
|
heap
|
page read and write
|
||
|
1B5DADD1000
|
heap
|
page read and write
|
||
|
1B5DA679000
|
heap
|
page read and write
|
||
|
1B5DB4E0000
|
heap
|
page read and write
|
||
|
1B5DAB57000
|
heap
|
page read and write
|
||
|
1B5DA0BA000
|
heap
|
page read and write
|
||
|
1B5DAB5C000
|
heap
|
page read and write
|
||
|
1B5DA602000
|
heap
|
page read and write
|
||
|
1B5DA671000
|
heap
|
page read and write
|
||
|
1B5DA736000
|
heap
|
page read and write
|
||
|
1B5DAA7E000
|
heap
|
page read and write
|
||
|
1B5DA6F8000
|
heap
|
page read and write
|
||
|
1B5D5ECB000
|
heap
|
page read and write
|
||
|
1B5DA5B0000
|
heap
|
page read and write
|
||
|
1B5DABF7000
|
heap
|
page read and write
|
||
|
1B5DAB0E000
|
heap
|
page read and write
|
||
|
144117B000
|
stack
|
page read and write
|
||
|
144157F000
|
stack
|
page read and write
|
||
|
1B5DAFA7000
|
heap
|
page read and write
|
||
|
1B5DAF48000
|
heap
|
page read and write
|
||
|
1B5DACE4000
|
heap
|
page read and write
|
||
|
14412FF000
|
stack
|
page read and write
|
||
|
1B5D5FBB000
|
heap
|
page read and write
|
||
|
1B5DA68C000
|
heap
|
page read and write
|
||
|
1B5DA629000
|
heap
|
page read and write
|
||
|
1B5DA66B000
|
heap
|
page read and write
|
||
|
1B5DA66B000
|
heap
|
page read and write
|
||
|
1B5DA6D6000
|
heap
|
page read and write
|
||
|
1B5D5EC5000
|
heap
|
page read and write
|
||
|
1B5D5FC4000
|
heap
|
page read and write
|
||
|
1B5DA6D4000
|
heap
|
page read and write
|
||
|
1B5DAA65000
|
heap
|
page read and write
|
||
|
1B5DAAC9000
|
heap
|
page read and write
|
||
|
1B5DAA8C000
|
heap
|
page read and write
|
||
|
1B5DA734000
|
heap
|
page read and write
|
||
|
1B5DA604000
|
heap
|
page read and write
|
||
|
1B5D5FFC000
|
heap
|
page read and write
|
||
|
1B5DAC70000
|
heap
|
page read and write
|
||
|
1B5DAB54000
|
heap
|
page read and write
|
||
|
1B5DAA5D000
|
heap
|
page read and write
|
||
|
1B5DAF73000
|
heap
|
page read and write
|
||
|
1B5DAB34000
|
heap
|
page read and write
|
||
|
1B5D5DB0000
|
heap
|
page read and write
|
||
|
1B5D7910000
|
heap
|
page read and write
|
||
|
1B5DA60B000
|
heap
|
page read and write
|
||
|
1B5DAEF2000
|
heap
|
page read and write
|
||
|
1B5DAC31000
|
heap
|
page read and write
|
||
|
1B5DA021000
|
heap
|
page read and write
|
||
|
1B5DA689000
|
heap
|
page read and write
|
||
|
1B5DAA57000
|
heap
|
page read and write
|
||
|
1B5DAA8C000
|
heap
|
page read and write
|
||
|
1B5D7A66000
|
heap
|
page read and write
|
||
|
1B5DB4DB000
|
heap
|
page read and write
|
||
|
1B5DB4CA000
|
heap
|
page read and write
|
||
|
1B5DA617000
|
heap
|
page read and write
|
||
|
1B5DAAA7000
|
heap
|
page read and write
|
||
|
1B5DA654000
|
heap
|
page read and write
|
||
|
1B5DB587000
|
heap
|
page read and write
|
||
|
1B5DA609000
|
heap
|
page read and write
|
||
|
1440D7E000
|
stack
|
page read and write
|
||
|
1B5DA5CA000
|
heap
|
page read and write
|
||
|
1B5DB4C8000
|
heap
|
page read and write
|
||
|
144127F000
|
stack
|
page read and write
|
||
|
1B5D5F60000
|
heap
|
page read and write
|
||
|
1B5DA994000
|
heap
|
page read and write
|
||
|
1B5D5FE6000
|
heap
|
page read and write
|
||
|
1B5DB4E2000
|
heap
|
page read and write
|
||
|
1B5DA0D4000
|
heap
|
page read and write
|
||
|
1B5D5FC7000
|
heap
|
page read and write
|
||
|
1B5DB53F000
|
heap
|
page read and write
|
||
|
1440FF8000
|
stack
|
page read and write
|
||
|
1B5D5FFE000
|
heap
|
page read and write
|
||
|
1B5DA602000
|
heap
|
page read and write
|
||
|
1B5D5F70000
|
heap
|
page read and write
|
||
|
1B5DAA9C000
|
heap
|
page read and write
|
||
|
1B5DB544000
|
heap
|
page read and write
|
||
|
1B5DAB5F000
|
heap
|
page read and write
|
||
|
1B5DAC71000
|
heap
|
page read and write
|
||
|
1B5DAABC000
|
heap
|
page read and write
|
||
|
1B5DA651000
|
heap
|
page read and write
|
||
|
1B5DA73E000
|
heap
|
page read and write
|
||
|
1B5D5ED0000
|
heap
|
page read and write
|
||
|
1B5DA608000
|
heap
|
page read and write
|
||
|
1B5D5EC0000
|
heap
|
page read and write
|
||
|
1B5DA667000
|
heap
|
page read and write
|
||
|
1B5DA540000
|
heap
|
page read and write
|
||
|
1B5DB4B6000
|
heap
|
page read and write
|
||
|
1B5DA0D0000
|
heap
|
page read and write
|
||
|
1B5DA6CD000
|
heap
|
page read and write
|
||
|
1B5DA5FE000
|
heap
|
page read and write
|
||
|
1B5DAB49000
|
heap
|
page read and write
|
||
|
1B5DB4D9000
|
heap
|
page read and write
|
||
|
1B5DAA89000
|
heap
|
page read and write
|
||
|
1B5DAF14000
|
heap
|
page read and write
|
||
|
1B5DA6C5000
|
heap
|
page read and write
|
||
|
1B5D5FEF000
|
heap
|
page read and write
|
||
|
1B5DA627000
|
heap
|
page read and write
|
||
|
1B5DA680000
|
heap
|
page read and write
|
||
|
1B5DA6E5000
|
heap
|
page read and write
|
||
|
1B5DB4EC000
|
heap
|
page read and write
|
||
|
144097A000
|
stack
|
page read and write
|
||
|
1B5DAF67000
|
heap
|
page read and write
|
||
|
1B5DAC35000
|
heap
|
page read and write
|
||
|
1B5DB478000
|
heap
|
page read and write
|
||
|
1B5DB4F9000
|
heap
|
page read and write
|
||
|
1B5DAA7E000
|
heap
|
page read and write
|
||
|
1B5DAAB3000
|
heap
|
page read and write
|
||
|
1B5DA554000
|
heap
|
page read and write
|
||
|
1B5DAB5B000
|
heap
|
page read and write
|
||
|
1B5D603B000
|
heap
|
page read and write
|
||
|
1B5DA65A000
|
heap
|
page read and write
|
||
|
1B5D5FAC000
|
heap
|
page read and write
|
||
|
1B5D5E90000
|
heap
|
page read and write
|
||
|
1B5DAF16000
|
heap
|
page read and write
|
||
|
1B5DA56B000
|
heap
|
page read and write
|
||
|
1B5D6056000
|
heap
|
page read and write
|
||
|
1B5DA61F000
|
heap
|
page read and write
|
||
|
14414F8000
|
stack
|
page read and write
|
||
|
1B5DA05D000
|
heap
|
page read and write
|
||
|
14413FE000
|
stack
|
page read and write
|
||
|
1B5DA045000
|
heap
|
page read and write
|
||
|
1B5D6040000
|
heap
|
page read and write
|
||
|
1B5DAA66000
|
heap
|
page read and write
|
||
|
1B5D7C24000
|
heap
|
page read and write
|
||
|
1B5DB4B2000
|
heap
|
page read and write
|
||
|
1B5DAFED000
|
heap
|
page read and write
|
||
|
1B5DB574000
|
heap
|
page read and write
|
||
|
1B5D6064000
|
heap
|
page read and write
|
||
|
1B5DA69F000
|
heap
|
page read and write
|
||
|
1B5DA673000
|
heap
|
page read and write
|
||
|
1B5DB4D5000
|
heap
|
page read and write
|
||
|
1B5DAF78000
|
heap
|
page read and write
|
||
|
1B5DA5F1000
|
heap
|
page read and write
|
||
|
1B5D6005000
|
heap
|
page read and write
|
||
|
1B5D9FE0000
|
heap
|
page read and write
|
||
|
1B5DAF93000
|
heap
|
page read and write
|
||
|
1B5DAB86000
|
heap
|
page read and write
|
||
|
1B5DAF3E000
|
heap
|
page read and write
|
||
|
1B5DB533000
|
heap
|
page read and write
|
||
|
1B5DAAAF000
|
heap
|
page read and write
|
||
|
1B5DAA47000
|
heap
|
page read and write
|
||
|
1B5DA870000
|
heap
|
page read and write
|
||
|
1B5DAB36000
|
heap
|
page read and write
|
||
|
1B5D9D30000
|
heap
|
page read and write
|
||
|
1B5DAF78000
|
heap
|
page read and write
|
||
|
1440E79000
|
stack
|
page read and write
|
||
|
1B5D5FE8000
|
heap
|
page read and write
|
||
|
1B5DA0B7000
|
heap
|
page read and write
|
There are 235 hidden memdumps, click here to show them.