Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
PO No. 0146850827805.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\PO No. 0146850827805.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\PO No. 0146850827805.exe
|
"C:\Users\user\Desktop\PO No. 0146850827805.exe"
|
|
|
|
C:\Users\user\Desktop\PO No. 0146850827805.exe
|
"C:\Users\user\Desktop\PO No. 0146850827805.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://tempuri.org/DataSet1.xsd
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
ax-0001.ax-msedge.net
|
150.171.27.10
|
||
|
tse1.mm.bing.net
|
unknown
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
1330000
|
direct allocation
|
page read and write
|
|
|
|
5370000
|
heap
|
page read and write
|
||
|
70EE000
|
heap
|
page read and write
|
||
|
1428000
|
heap
|
page read and write
|
||
|
E51000
|
heap
|
page read and write
|
||
|
538C000
|
heap
|
page read and write
|
||
|
113B000
|
trusted library allocation
|
page execute and read and write
|
||
|
574E000
|
stack
|
page read and write
|
||
|
11FE000
|
stack
|
page read and write
|
||
|
1132000
|
trusted library allocation
|
page read and write
|
||
|
1158000
|
heap
|
page read and write
|
||
|
5190000
|
trusted library section
|
page readonly
|
||
|
5011000
|
trusted library allocation
|
page read and write
|
||
|
29D0000
|
heap
|
page execute and read and write
|
||
|
1120000
|
trusted library allocation
|
page read and write
|
||
|
5340000
|
trusted library allocation
|
page execute and read and write
|
||
|
1150000
|
heap
|
page read and write
|
||
|
294E000
|
stack
|
page read and write
|
||
|
70E0000
|
heap
|
page read and write
|
||
|
B600000
|
trusted library allocation
|
page read and write
|
||
|
C40000
|
heap
|
page read and write
|
||
|
C30000
|
heap
|
page read and write
|
||
|
1520000
|
heap
|
page read and write
|
||
|
9C7000
|
stack
|
page read and write
|
||
|
50A0000
|
trusted library allocation
|
page read and write
|
||
|
11B0000
|
heap
|
page read and write
|
||
|
5384000
|
heap
|
page read and write
|
||
|
1D30000
|
heap
|
page read and write
|
||
|
53B2000
|
heap
|
page read and write
|
||
|
2AF0000
|
trusted library allocation
|
page read and write
|
||
|
105D000
|
stack
|
page read and write
|
||
|
5350000
|
heap
|
page read and write
|
||
|
1BC8000
|
direct allocation
|
page execute and read and write
|
||
|
560E000
|
stack
|
page read and write
|
||
|
1B4D000
|
direct allocation
|
page execute and read and write
|
||
|
5080000
|
heap
|
page read and write
|
||
|
50A8000
|
trusted library allocation
|
page read and write
|
||
|
2B00000
|
heap
|
page read and write
|
||
|
4B10000
|
trusted library allocation
|
page read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
111D000
|
trusted library allocation
|
page execute and read and write
|
||
|
8F1E000
|
stack
|
page read and write
|
||
|
4CAC000
|
stack
|
page read and write
|
||
|
83C000
|
unkown
|
page readonly
|
||
|
7F330000
|
trusted library allocation
|
page execute and read and write
|
||
|
2990000
|
trusted library allocation
|
page execute and read and write
|
||
|
5016000
|
trusted library allocation
|
page read and write
|
||
|
4B14000
|
trusted library allocation
|
page read and write
|
||
|
50A2000
|
trusted library allocation
|
page read and write
|
||
|
770000
|
unkown
|
page readonly
|
||
|
772000
|
unkown
|
page readonly
|
||
|
115D000
|
stack
|
page read and write
|
||
|
29A0000
|
trusted library allocation
|
page read and write
|
||
|
75CE000
|
stack
|
page read and write
|
||
|
EEF000
|
heap
|
page read and write
|
||
|
51A0000
|
heap
|
page read and write
|
||
|
51B0000
|
heap
|
page read and write
|
||
|
54C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
E1E000
|
heap
|
page read and write
|
||
|
52B0000
|
heap
|
page read and write
|
||
|
2AE5000
|
trusted library allocation
|
page read and write
|
||
|
4B16000
|
trusted library allocation
|
page read and write
|
||
|
1130000
|
trusted library allocation
|
page read and write
|
||
|
E00000
|
trusted library allocation
|
page read and write
|
||
|
2D98000
|
trusted library allocation
|
page read and write
|
||
|
C60000
|
heap
|
page read and write
|
||
|
5500000
|
trusted library allocation
|
page read and write
|
||
|
1110000
|
trusted library allocation
|
page read and write
|
||
|
123E000
|
stack
|
page read and write
|
||
|
52C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
500E000
|
trusted library allocation
|
page read and write
|
||
|
171F000
|
stack
|
page read and write
|
||
|
E18000
|
heap
|
page read and write
|
||
|
DF0000
|
trusted library allocation
|
page read and write
|
||
|
181F000
|
stack
|
page read and write
|
||
|
2ADE000
|
stack
|
page read and write
|
||
|
7250000
|
trusted library section
|
page read and write
|
||
|
77E2000
|
trusted library allocation
|
page read and write
|
||
|
2B61000
|
trusted library allocation
|
page read and write
|
||
|
51B3000
|
heap
|
page read and write
|
||
|
50B0000
|
trusted library allocation
|
page read and write
|
||
|
5360000
|
heap
|
page execute and read and write
|
||
|
3B19000
|
trusted library allocation
|
page read and write
|
||
|
1420000
|
heap
|
page read and write
|
||
|
2B11000
|
trusted library allocation
|
page read and write
|
||
|
D7D000
|
stack
|
page read and write
|
||
|
4B80000
|
trusted library allocation
|
page execute and read and write
|
||
|
110E000
|
stack
|
page read and write
|
||
|
4335000
|
trusted library allocation
|
page read and write
|
||
|
1B46000
|
direct allocation
|
page execute and read and write
|
||
|
1B31000
|
direct allocation
|
page execute and read and write
|
||
|
54AE000
|
stack
|
page read and write
|
||
|
1126000
|
trusted library allocation
|
page execute and read and write
|
||
|
532B000
|
stack
|
page read and write
|
||
|
ED4000
|
heap
|
page read and write
|
||
|
100F000
|
stack
|
page read and write
|
||
|
52E0000
|
heap
|
page read and write
|
||
|
3B11000
|
trusted library allocation
|
page read and write
|
||
|
E0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
2900000
|
trusted library allocation
|
page read and write
|
||
|
4B5E000
|
stack
|
page read and write
|
||
|
52D0000
|
trusted library allocation
|
page read and write
|
||
|
5330000
|
trusted library allocation
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
E46000
|
heap
|
page read and write
|
||
|
5F70000
|
heap
|
page read and write
|
||
|
29C0000
|
trusted library allocation
|
page read and write
|
||
|
B60B000
|
trusted library allocation
|
page read and write
|
||
|
1137000
|
trusted library allocation
|
page execute and read and write
|
||
|
19AD000
|
direct allocation
|
page execute and read and write
|
||
|
E03000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B70000
|
trusted library allocation
|
page read and write
|
||
|
5F5E000
|
stack
|
page read and write
|
||
|
B570000
|
trusted library section
|
page read and write
|
||
|
5F94000
|
heap
|
page read and write
|
||
|
19A9000
|
direct allocation
|
page execute and read and write
|
||
|
B069000
|
trusted library allocation
|
page read and write
|
||
|
DBE000
|
stack
|
page read and write
|
||
|
EE4000
|
heap
|
page read and write
|
||
|
5040000
|
trusted library allocation
|
page read and write
|
||
|
E04000
|
trusted library allocation
|
page read and write
|
||
|
52E5000
|
heap
|
page read and write
|
||
|
5170000
|
trusted library allocation
|
page read and write
|
||
|
72CE000
|
stack
|
page read and write
|
||
|
7280000
|
trusted library allocation
|
page execute and read and write
|
||
|
54D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5090000
|
trusted library allocation
|
page execute and read and write
|
||
|
8CA000
|
stack
|
page read and write
|
||
|
5E1E000
|
stack
|
page read and write
|
||
|
570F000
|
stack
|
page read and write
|
||
|
5E5E000
|
stack
|
page read and write
|
||
|
E53000
|
heap
|
page read and write
|
||
|
1122000
|
trusted library allocation
|
page read and write
|
||
|
112A000
|
trusted library allocation
|
page execute and read and write
|
||
|
5F60000
|
heap
|
page read and write
|
||
|
436A000
|
trusted library allocation
|
page read and write
|
||
|
54E0000
|
trusted library allocation
|
page read and write
|
||
|
74CF000
|
stack
|
page read and write
|
||
|
73CE000
|
stack
|
page read and write
|
||
|
54F1000
|
trusted library allocation
|
page read and write
|
||
|
2AE0000
|
trusted library allocation
|
page read and write
|
||
|
29B0000
|
trusted library allocation
|
page read and write
|
||
|
2B68000
|
trusted library allocation
|
page read and write
|
||
|
501D000
|
trusted library allocation
|
page read and write
|
||
|
4FF0000
|
trusted library allocation
|
page read and write
|
||
|
1880000
|
direct allocation
|
page execute and read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
7270000
|
trusted library allocation
|
page read and write
|
||
|
298C000
|
stack
|
page read and write
|
||
|
5378000
|
heap
|
page read and write
|
||
|
1A1E000
|
direct allocation
|
page execute and read and write
|
There are 143 hidden memdumps, click here to show them.