Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SecuriteInfo.com.Win64.MalwareX-gen.4266.14577.exe
|
PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
|
initial sample
|
 |
|
|
C:\Users\Public\Documents\CalibreLauncher.js
|
ASCII text
|
dropped
|
|
|
|
C:\Users\Public\Documents\calibre-launcher.dll
|
PE32 executable (DLL) (console) Intel 80386 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
C:\Users\Public\Documents\calibre.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Calibre.url
|
MS Windows 95 Internet shortcut text (URL=<file:///C:\Users\Public\Documents\CalibreLauncher.js>), ASCII text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\246122658369
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1280x1024,
components 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\WikG.zip
|
Zip archive data, at least v2.0 to extract, compression method=deflate
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.4266.14577.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.4266.14577.exe"
|
|
|
|
C:\Users\Public\Documents\calibre.exe
|
C:\Users\Public\Documents\calibre.exe
|
|
|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\Users\Public\Documents\CalibreLauncher.js"
|
|
|
|
C:\Users\Public\Documents\calibre.exe
|
"C:\Users\Public\Documents\calibre.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://calibre-ebook.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
45.202.35.101
|
unknown
|
Seychelles
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Script\Settings\Telemetry\wscript.exe
|
JScriptSetScriptStateStarted
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3B40000
|
heap
|
page read and write
|
||
|
BAA000
|
heap
|
page read and write
|
||
|
41B2000
|
heap
|
page read and write
|
||
|
1DDF2528000
|
heap
|
page read and write
|
||
|
28888EE7000
|
heap
|
page read and write
|
||
|
28888E40000
|
heap
|
page read and write
|
||
|
4113000
|
heap
|
page read and write
|
||
|
25F4000
|
heap
|
page read and write
|
||
|
1DDF24E0000
|
heap
|
page read and write
|
||
|
46E7000
|
heap
|
page read and write
|
||
|
37D1000
|
heap
|
page read and write
|
||
|
37D1000
|
heap
|
page read and write
|
||
|
2A20000
|
heap
|
page read and write
|
||
|
37D1000
|
heap
|
page read and write
|
||
|
1DDF2591000
|
heap
|
page read and write
|
||
|
3B70000
|
heap
|
page read and write
|
||
|
3CB0000
|
heap
|
page read and write
|
||
|
438C000
|
heap
|
page read and write
|
||
|
CC6000
|
heap
|
page read and write
|
||
|
25F7000
|
heap
|
page read and write
|
||
|
7E175FF000
|
stack
|
page read and write
|
||
|
3B8A000
|
heap
|
page read and write
|
||
|
B1000
|
unkown
|
page execute read
|
||
|
37D1000
|
heap
|
page read and write
|
||
|
28888D20000
|
heap
|
page read and write
|
||
|
28888EE0000
|
heap
|
page read and write
|
||
|
B4000
|
unkown
|
page readonly
|
||
|
B30000
|
heap
|
page read and write
|
||
|
4184000
|
heap
|
page read and write
|
||
|
3C0A000
|
heap
|
page read and write
|
||
|
3B8A000
|
heap
|
page read and write
|
||
|
3CC0000
|
heap
|
page read and write
|
||
|
7FF63BB01000
|
unkown
|
page read and write
|
||
|
3BFA000
|
heap
|
page read and write
|
||
|
95F17F9000
|
stack
|
page read and write
|
||
|
28BB000
|
heap
|
page read and write
|
||
|
37D1000
|
heap
|
page read and write
|
||
|
3C0A000
|
heap
|
page read and write
|
||
|
1DDF2572000
|
heap
|
page read and write
|
||
|
1DDF3ED0000
|
heap
|
page read and write
|
||
|
2A2A000
|
heap
|
page read and write
|
||
|
7FF63B850000
|
unkown
|
page readonly
|
||
|
1DDF24ED000
|
heap
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
37D1000
|
heap
|
page read and write
|
||
|
B7A000
|
heap
|
page read and write
|
||
|
37D1000
|
heap
|
page read and write
|
||
|
3C4A000
|
heap
|
page read and write
|
||
|
1DDF24A0000
|
heap
|
page read and write
|
||
|
37D1000
|
heap
|
page read and write
|
||
|
D80000
|
heap
|
page read and write
|
||
|
3B7A000
|
heap
|
page read and write
|
||
|
37B0000
|
heap
|
page read and write
|
||
|
1DDF2520000
|
heap
|
page read and write
|
||
|
7E174FF000
|
stack
|
page read and write
|
||
|
7E178FD000
|
stack
|
page read and write
|
||
|
37D1000
|
heap
|
page read and write
|
||
|
4882000
|
heap
|
page read and write
|
||
|
B0000
|
unkown
|
page readonly
|
||
|
37D1000
|
heap
|
page read and write
|
||
|
7FF63B850000
|
unkown
|
page readonly
|
||
|
95F19FF000
|
stack
|
page read and write
|
||
|
37D1000
|
heap
|
page read and write
|
||
|
4383000
|
heap
|
page read and write
|
||
|
3B5A000
|
heap
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
3BE0000
|
heap
|
page read and write
|
||
|
3B7A000
|
heap
|
page read and write
|
||
|
3CAA000
|
heap
|
page read and write
|
||
|
120E000
|
stack
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
3B2A000
|
heap
|
page read and write
|
||
|
7E176FE000
|
stack
|
page read and write
|
||
|
B1000
|
unkown
|
page execute read
|
||
|
37D1000
|
heap
|
page read and write
|
||
|
41AD000
|
heap
|
page read and write
|
||
|
37D1000
|
heap
|
page read and write
|
||
|
1DDF2556000
|
heap
|
page read and write
|
||
|
1DDF24E5000
|
heap
|
page read and write
|
||
|
3C7A000
|
heap
|
page read and write
|
||
|
37D1000
|
heap
|
page read and write
|
||
|
37C0000
|
heap
|
page read and write
|
||
|
2ABF000
|
heap
|
page read and write
|
||
|
3BAA000
|
heap
|
page read and write
|
||
|
7E179F8000
|
stack
|
page read and write
|
||
|
46E0000
|
heap
|
page read and write
|
||
|
37D1000
|
heap
|
page read and write
|
||
|
3C90000
|
heap
|
page read and write
|
||
|
3B80000
|
heap
|
page read and write
|
||
|
3C00000
|
heap
|
page read and write
|
||
|
438F000
|
heap
|
page read and write
|
||
|
37D1000
|
heap
|
page read and write
|
||
|
7FF63BB05000
|
unkown
|
page readonly
|
||
|
B0000
|
unkown
|
page readonly
|
||
|
4119000
|
heap
|
page read and write
|
||
|
3C00000
|
heap
|
page read and write
|
||
|
32C0000
|
heap
|
page read and write
|
||
|
3BA0000
|
heap
|
page read and write
|
||
|
7FF63B851000
|
unkown
|
page execute read
|
||
|
7FF63BB01000
|
unkown
|
page write copy
|
||
|
3C8A000
|
heap
|
page read and write
|
||
|
28888E30000
|
heap
|
page read and write
|
||
|
3CA0000
|
heap
|
page read and write
|
||
|
4167000
|
heap
|
page read and write
|
||
|
3B80000
|
heap
|
page read and write
|
||
|
438A000
|
heap
|
page read and write
|
||
|
37D1000
|
heap
|
page read and write
|
||
|
37BA000
|
heap
|
page read and write
|
||
|
37D1000
|
heap
|
page read and write
|
||
|
3B4A000
|
heap
|
page read and write
|
||
|
3B70000
|
heap
|
page read and write
|
||
|
B2000
|
unkown
|
page readonly
|
||
|
DFE000
|
stack
|
page read and write
|
||
|
D1C000
|
stack
|
page read and write
|
||
|
37D1000
|
heap
|
page read and write
|
||
|
7FF63BB05000
|
unkown
|
page readonly
|
||
|
4107000
|
heap
|
page read and write
|
||
|
4380000
|
heap
|
page read and write
|
||
|
7E17AFB000
|
stack
|
page read and write
|
||
|
37D1000
|
heap
|
page read and write
|
||
|
4199000
|
heap
|
page read and write
|
||
|
7FF63BB02000
|
unkown
|
page write copy
|
||
|
BBA000
|
heap
|
page read and write
|
||
|
2D10000
|
heap
|
page read and write
|
||
|
10FC000
|
stack
|
page read and write
|
||
|
438B000
|
heap
|
page read and write
|
||
|
1DDF4280000
|
heap
|
page read and write
|
||
|
37D1000
|
heap
|
page read and write
|
||
|
7FF63B8ED000
|
unkown
|
page readonly
|
||
|
3C40000
|
heap
|
page read and write
|
||
|
3BD0000
|
heap
|
page read and write
|
||
|
3CC4000
|
heap
|
page read and write
|
||
|
7E177FE000
|
stack
|
page read and write
|
||
|
41B4000
|
heap
|
page read and write
|
||
|
7FF63B8ED000
|
unkown
|
page readonly
|
||
|
28888F03000
|
heap
|
page read and write
|
||
|
3C80000
|
heap
|
page read and write
|
||
|
1DDF23C0000
|
heap
|
page read and write
|
||
|
B2000
|
unkown
|
page readonly
|
||
|
3B20000
|
heap
|
page read and write
|
||
|
37D1000
|
heap
|
page read and write
|
||
|
140F000
|
stack
|
page read and write
|
||
|
4189000
|
heap
|
page read and write
|
||
|
95F1BFD000
|
stack
|
page read and write
|
||
|
7FF63B8EC000
|
unkown
|
page write copy
|
||
|
170F000
|
stack
|
page read and write
|
||
|
7E173FF000
|
stack
|
page read and write
|
||
|
B2000
|
unkown
|
page readonly
|
||
|
3C70000
|
heap
|
page read and write
|
||
|
B3A000
|
heap
|
page read and write
|
||
|
3CBA000
|
heap
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
2704000
|
heap
|
page read and write
|
||
|
7FF63BAF5000
|
unkown
|
page readonly
|
||
|
1DDF24C0000
|
heap
|
page read and write
|
||
|
7FF63B851000
|
unkown
|
page execute read
|
||
|
3B50000
|
heap
|
page read and write
|
||
|
37D1000
|
heap
|
page read and write
|
||
|
26FB000
|
heap
|
page read and write
|
||
|
438A000
|
heap
|
page read and write
|
||
|
4130000
|
heap
|
page read and write
|
||
|
4150000
|
heap
|
page read and write
|
||
|
3BF0000
|
heap
|
page read and write
|
||
|
4883000
|
heap
|
page read and write
|
||
|
37D1000
|
heap
|
page read and write
|
||
|
7E16D4A000
|
stack
|
page read and write
|
||
|
37D1000
|
heap
|
page read and write
|
||
|
7FF63B8EC000
|
unkown
|
page read and write
|
||
|
28888E00000
|
heap
|
page read and write
|
||
|
41D3000
|
heap
|
page read and write
|
||
|
4184000
|
heap
|
page read and write
|
||
|
121B000
|
heap
|
page read and write
|
||
|
B4000
|
unkown
|
page readonly
|
||
|
37CA000
|
heap
|
page read and write
|
||
|
25E1000
|
heap
|
page read and write
|
||
|
B1000
|
unkown
|
page execute read
|
||
|
1210000
|
heap
|
page read and write
|
||
|
419C000
|
heap
|
page read and write
|
||
|
3BEA000
|
heap
|
page read and write
|
||
|
37D1000
|
heap
|
page read and write
|
||
|
4383000
|
heap
|
page read and write
|
||
|
7E170FE000
|
stack
|
page read and write
|
||
|
B0000
|
unkown
|
page readonly
|
||
|
7FF63BAF5000
|
unkown
|
page readonly
|
||
|
7E171FE000
|
stack
|
page read and write
|
||
|
B4000
|
unkown
|
page readonly
|
||
|
3C9A000
|
heap
|
page read and write
|
There are 177 hidden memdumps, click here to show them.