Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\jeIXtJsk2r.exe
|
"C:\Users\user\Desktop\jeIXtJsk2r.exe"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://crl.thawte.com/ThawteTimestampingCA.crl0
|
unknown
|
||
|
http://ocsp.thawte.com0
|
unknown
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7FF7C69EA000
|
unkown
|
page read and write
|
||
|
7FF7C69ED000
|
unkown
|
page readonly
|
||
|
7FF7C69E1000
|
unkown
|
page execute read
|
||
|
510000
|
heap
|
page read and write
|
||
|
96F000
|
stack
|
page read and write
|
||
|
540000
|
heap
|
page read and write
|
||
|
7FF7C69EA000
|
unkown
|
page write copy
|
||
|
7FF7C69E1000
|
unkown
|
page execute read
|
||
|
5AC000
|
heap
|
page read and write
|
||
|
7FF7C69ED000
|
unkown
|
page readonly
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
7FF7C69E7000
|
unkown
|
page readonly
|
||
|
B20000
|
heap
|
page read and write
|
||
|
5A0000
|
heap
|
page read and write
|
||
|
7FF7C69E7000
|
unkown
|
page readonly
|
||
|
7FF7C69E0000
|
unkown
|
page readonly
|
||
|
7FF7C69E0000
|
unkown
|
page readonly
|
||
|
5A6000
|
heap
|
page read and write
|
||
|
86E000
|
stack
|
page read and write
|
||
|
4FD000
|
stack
|
page read and write
|
||
|
520000
|
heap
|
page read and write
|
There are 11 hidden memdumps, click here to show them.