Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
UiF5hKi5o7.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\_MEI55162\VCRUNTIME140.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI55162\_bz2.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI55162\_decimal.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI55162\_hashlib.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI55162\_lzma.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI55162\_socket.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI55162\base_library.zip
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI55162\libcrypto-1_1.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI55162\python310.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI55162\select.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\_MEI55162\unicodedata.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
There are 2 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\UiF5hKi5o7.exe
|
"C:\Users\user\Desktop\UiF5hKi5o7.exe"
|
|
|
|
C:\Users\user\Desktop\UiF5hKi5o7.exe
|
"C:\Users\user\Desktop\UiF5hKi5o7.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://github.com/python/cpython/blob/3.9/Lib/importlib/_bootstrap_external.py#L679-L688
|
unknown
|
||
|
https://www.python.org/dev/peps/pep-0205/
|
unknown
|
||
|
https://python.org/dev/peps/pep-0263/
|
unknown
|
||
|
https://github.com/tensorflow/datasets/blob/master/tensorflow_datasets/core/utils/resource_utils.py#
|
unknown
|
||
|
https://github.com/python/cpython/blob/839d7893943782ee803536a47f1d4de160314f85/Lib/importlib/abc.py
|
unknown
|
||
|
http://crl3.digi
|
unknown
|
||
|
https://www.python.org/download/releases/2.3/mro/.
|
unknown
|
||
|
https://github.com/Unidata/MetPy/blob/a3424de66a44bf3a92b0dcacf4dff82ad7b86712/src/metpy/plots/wx_sy
|
unknown
|
||
|
https://github.com/python/cpython/blob/839d7893943782ee803536a47f1d4de160314f85/Lib/importlib/reader
|
unknown
|
||
|
https://www.openssl.org/H
|
unknown
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
22947AB4000
|
direct allocation
|
page read and write
|
||
|
1AFE2082000
|
heap
|
page read and write
|
||
|
229457D7000
|
heap
|
page read and write
|
||
|
229478FD000
|
heap
|
page read and write
|
||
|
229457F9000
|
heap
|
page read and write
|
||
|
229479A0000
|
heap
|
page read and write
|
||
|
22945824000
|
heap
|
page read and write
|
||
|
22947955000
|
heap
|
page read and write
|
||
|
22947A98000
|
direct allocation
|
page read and write
|
||
|
229457D9000
|
heap
|
page read and write
|
||
|
7FF77263B000
|
unkown
|
page readonly
|
||
|
C230FDC000
|
stack
|
page read and write
|
||
|
7FF772650000
|
unkown
|
page read and write
|
||
|
1AFE2060000
|
heap
|
page read and write
|
||
|
22945820000
|
heap
|
page read and write
|
||
|
22947952000
|
heap
|
page read and write
|
||
|
22947B0C000
|
direct allocation
|
page read and write
|
||
|
2294793C000
|
heap
|
page read and write
|
||
|
1AFE208E000
|
heap
|
page read and write
|
||
|
2294585C000
|
heap
|
page read and write
|
||
|
229479A4000
|
heap
|
page read and write
|
||
|
22947915000
|
heap
|
page read and write
|
||
|
229479BA000
|
heap
|
page read and write
|
||
|
7FF8A8F37000
|
unkown
|
page readonly
|
||
|
229456A0000
|
heap
|
page read and write
|
||
|
22945852000
|
heap
|
page read and write
|
||
|
22947B08000
|
direct allocation
|
page read and write
|
||
|
7FF8A8DB7000
|
unkown
|
page readonly
|
||
|
7FF772611000
|
unkown
|
page execute read
|
||
|
2294580B000
|
heap
|
page read and write
|
||
|
229457D0000
|
heap
|
page read and write
|
||
|
22945808000
|
heap
|
page read and write
|
||
|
22945820000
|
heap
|
page read and write
|
||
|
229457F4000
|
heap
|
page read and write
|
||
|
229478F0000
|
heap
|
page read and write
|
||
|
22945820000
|
heap
|
page read and write
|
||
|
2294580F000
|
heap
|
page read and write
|
||
|
22945821000
|
heap
|
page read and write
|
||
|
22945856000
|
heap
|
page read and write
|
||
|
7FF772611000
|
unkown
|
page execute read
|
||
|
229457FA000
|
heap
|
page read and write
|
||
|
2294582F000
|
heap
|
page read and write
|
||
|
22945806000
|
heap
|
page read and write
|
||
|
2294583A000
|
heap
|
page read and write
|
||
|
1AFE207D000
|
heap
|
page read and write
|
||
|
22947AF8000
|
direct allocation
|
page read and write
|
||
|
2294799F000
|
heap
|
page read and write
|
||
|
22945820000
|
heap
|
page read and write
|
||
|
22945818000
|
heap
|
page read and write
|
||
|
2294795D000
|
heap
|
page read and write
|
||
|
22947138000
|
direct allocation
|
page read and write
|
||
|
7FF77264E000
|
unkown
|
page write copy
|
||
|
2294793D000
|
heap
|
page read and write
|
||
|
7FF8A8D28000
|
unkown
|
page readonly
|
||
|
229479B3000
|
heap
|
page read and write
|
||
|
2294585D000
|
heap
|
page read and write
|
||
|
229457D4000
|
heap
|
page read and write
|
||
|
2294791E000
|
heap
|
page read and write
|
||
|
7FF8A8AF0000
|
unkown
|
page readonly
|
||
|
2294580F000
|
heap
|
page read and write
|
||
|
22947953000
|
heap
|
page read and write
|
||
|
22947915000
|
heap
|
page read and write
|
||
|
22947158000
|
direct allocation
|
page read and write
|
||
|
7FF772652000
|
unkown
|
page readonly
|
||
|
229479A0000
|
heap
|
page read and write
|
||
|
C2313CF000
|
stack
|
page read and write
|
||
|
2294583F000
|
heap
|
page read and write
|
||
|
22947AFC000
|
direct allocation
|
page read and write
|
||
|
22947909000
|
heap
|
page read and write
|
||
|
229457F0000
|
heap
|
page read and write
|
||
|
229475A0000
|
direct allocation
|
page read and write
|
||
|
22947927000
|
heap
|
page read and write
|
||
|
229457E2000
|
heap
|
page read and write
|
||
|
229457F3000
|
heap
|
page read and write
|
||
|
22947684000
|
direct allocation
|
page read and write
|
||
|
1AFE39E0000
|
heap
|
page read and write
|
||
|
229457F3000
|
heap
|
page read and write
|
||
|
2294582F000
|
heap
|
page read and write
|
||
|
229478E9000
|
heap
|
page read and write
|
||
|
6A5ADDF000
|
stack
|
page read and write
|
||
|
229470D0000
|
direct allocation
|
page read and write
|
||
|
2294580B000
|
heap
|
page read and write
|
||
|
22947952000
|
heap
|
page read and write
|
||
|
22945837000
|
heap
|
page read and write
|
||
|
229457C3000
|
heap
|
page read and write
|
||
|
22947AE0000
|
direct allocation
|
page read and write
|
||
|
2294799E000
|
heap
|
page read and write
|
||
|
22945840000
|
heap
|
page read and write
|
||
|
2294580F000
|
heap
|
page read and write
|
||
|
7FF8A8EEB000
|
unkown
|
page write copy
|
||
|
22947913000
|
heap
|
page read and write
|
||
|
7FF8BFBA6000
|
unkown
|
page read and write
|
||
|
6A5AFCF000
|
stack
|
page read and write
|
||
|
229457F3000
|
heap
|
page read and write
|
||
|
22947952000
|
heap
|
page read and write
|
||
|
22945820000
|
heap
|
page read and write
|
||
|
229457C0000
|
heap
|
page read and write
|
||
|
7FF772610000
|
unkown
|
page readonly
|
||
|
229478E0000
|
heap
|
page read and write
|
||
|
22945852000
|
heap
|
page read and write
|
||
|
7FF77264E000
|
unkown
|
page read and write
|
||
|
1AFE2082000
|
heap
|
page read and write
|
||
|
229457F3000
|
heap
|
page read and write
|
||
|
229478E1000
|
heap
|
page read and write
|
||
|
229457C1000
|
heap
|
page read and write
|
||
|
229457BE000
|
heap
|
page read and write
|
||
|
2294585B000
|
heap
|
page read and write
|
||
|
2294580F000
|
heap
|
page read and write
|
||
|
229457F3000
|
heap
|
page read and write
|
||
|
229457D7000
|
heap
|
page read and write
|
||
|
22945852000
|
heap
|
page read and write
|
||
|
229478E1000
|
heap
|
page read and write
|
||
|
229479B3000
|
heap
|
page read and write
|
||
|
22947932000
|
heap
|
page read and write
|
||
|
1AFE2068000
|
heap
|
page read and write
|
||
|
229457DB000
|
heap
|
page read and write
|
||
|
229457E9000
|
heap
|
page read and write
|
||
|
1AFE2000000
|
heap
|
page read and write
|
||
|
229479AE000
|
heap
|
page read and write
|
||
|
229456C0000
|
heap
|
page read and write
|
||
|
1AFE207D000
|
heap
|
page read and write
|
||
|
22947927000
|
heap
|
page read and write
|
||
|
1AFE2082000
|
heap
|
page read and write
|
||
|
2294580F000
|
heap
|
page read and write
|
||
|
229457A0000
|
heap
|
page read and write
|
||
|
1AFE2082000
|
heap
|
page read and write
|
||
|
229478E4000
|
heap
|
page read and write
|
||
|
2294580F000
|
heap
|
page read and write
|
||
|
1AFE2082000
|
heap
|
page read and write
|
||
|
7FF8A8EE8000
|
unkown
|
page write copy
|
||
|
229457EE000
|
heap
|
page read and write
|
||
|
229478FA000
|
heap
|
page read and write
|
||
|
22947928000
|
heap
|
page read and write
|
||
|
229457D7000
|
heap
|
page read and write
|
||
|
229479E0000
|
direct allocation
|
page read and write
|
||
|
1AFE2082000
|
heap
|
page read and write
|
||
|
7FF77263B000
|
unkown
|
page readonly
|
||
|
22945809000
|
heap
|
page read and write
|
||
|
22947938000
|
heap
|
page read and write
|
||
|
229457CC000
|
heap
|
page read and write
|
||
|
229457F3000
|
heap
|
page read and write
|
||
|
229478F8000
|
heap
|
page read and write
|
||
|
1AFE2030000
|
heap
|
page read and write
|
||
|
7FF8BFBA1000
|
unkown
|
page readonly
|
||
|
1AFE2082000
|
heap
|
page read and write
|
||
|
2294582F000
|
heap
|
page read and write
|
||
|
22947952000
|
heap
|
page read and write
|
||
|
229479A0000
|
heap
|
page read and write
|
||
|
229457E6000
|
heap
|
page read and write
|
||
|
22945852000
|
heap
|
page read and write
|
||
|
229479B3000
|
heap
|
page read and write
|
||
|
7FF8A8F15000
|
unkown
|
page readonly
|
||
|
2294791D000
|
heap
|
page read and write
|
||
|
229457FD000
|
heap
|
page read and write
|
||
|
22945821000
|
heap
|
page read and write
|
||
|
229479B4000
|
heap
|
page read and write
|
||
|
22947910000
|
heap
|
page read and write
|
||
|
22947680000
|
direct allocation
|
page read and write
|
||
|
7FF8BFBA7000
|
unkown
|
page readonly
|
||
|
22945840000
|
heap
|
page read and write
|
||
|
2294580F000
|
heap
|
page read and write
|
||
|
22945820000
|
heap
|
page read and write
|
||
|
1AFE2084000
|
heap
|
page read and write
|
||
|
229457A8000
|
heap
|
page read and write
|
||
|
229479AE000
|
heap
|
page read and write
|
||
|
229456B0000
|
heap
|
page readonly
|
||
|
22947955000
|
heap
|
page read and write
|
||
|
7FF77263B000
|
unkown
|
page readonly
|
||
|
7FF8BFB90000
|
unkown
|
page readonly
|
||
|
1AFE2088000
|
heap
|
page read and write
|
||
|
22945833000
|
heap
|
page read and write
|
||
|
229479A4000
|
heap
|
page read and write
|
||
|
7FF772610000
|
unkown
|
page readonly
|
||
|
22947913000
|
heap
|
page read and write
|
||
|
2294580F000
|
heap
|
page read and write
|
||
|
22947180000
|
direct allocation
|
page read and write
|
||
|
22945859000
|
heap
|
page read and write
|
||
|
229478E1000
|
heap
|
page read and write
|
||
|
22945855000
|
heap
|
page read and write
|
||
|
22947953000
|
heap
|
page read and write
|
||
|
22945855000
|
heap
|
page read and write
|
||
|
22947935000
|
heap
|
page read and write
|
||
|
7FF772652000
|
unkown
|
page readonly
|
||
|
1AFE1FF0000
|
heap
|
page readonly
|
||
|
22947A54000
|
direct allocation
|
page read and write
|
||
|
1AFE1F10000
|
heap
|
page read and write
|
||
|
22945820000
|
heap
|
page read and write
|
||
|
22947955000
|
heap
|
page read and write
|
||
|
2294580B000
|
heap
|
page read and write
|
||
|
22945816000
|
heap
|
page read and write
|
||
|
22945820000
|
heap
|
page read and write
|
||
|
2294793D000
|
heap
|
page read and write
|
||
|
22945808000
|
heap
|
page read and write
|
||
|
229479B3000
|
heap
|
page read and write
|
||
|
22945760000
|
heap
|
page read and write
|
||
|
229479B0000
|
heap
|
page read and write
|
||
|
22945855000
|
heap
|
page read and write
|
||
|
22947955000
|
heap
|
page read and write
|
||
|
7FF77264E000
|
unkown
|
page read and write
|
||
|
22945832000
|
heap
|
page read and write
|
||
|
22947928000
|
heap
|
page read and write
|
||
|
22945857000
|
heap
|
page read and write
|
||
|
229457E2000
|
heap
|
page read and write
|
||
|
22945821000
|
heap
|
page read and write
|
||
|
229457E9000
|
heap
|
page read and write
|
||
|
1AFE2082000
|
heap
|
page read and write
|
||
|
229457A3000
|
heap
|
page read and write
|
||
|
22947936000
|
heap
|
page read and write
|
||
|
22947911000
|
heap
|
page read and write
|
||
|
229457D5000
|
heap
|
page read and write
|
||
|
22945787000
|
heap
|
page read and write
|
||
|
22947931000
|
heap
|
page read and write
|
||
|
229478FE000
|
heap
|
page read and write
|
||
|
2294580F000
|
heap
|
page read and write
|
||
|
229457C3000
|
heap
|
page read and write
|
||
|
7FF8A8E1E000
|
unkown
|
page readonly
|
||
|
2294581B000
|
heap
|
page read and write
|
||
|
2294582F000
|
heap
|
page read and write
|
||
|
22945859000
|
heap
|
page read and write
|
||
|
2294585D000
|
heap
|
page read and write
|
||
|
22947A90000
|
direct allocation
|
page read and write
|
||
|
229479A4000
|
heap
|
page read and write
|
||
|
229457F7000
|
heap
|
page read and write
|
||
|
2294799E000
|
heap
|
page read and write
|
||
|
2294582F000
|
heap
|
page read and write
|
||
|
2294799E000
|
heap
|
page read and write
|
||
|
6A5ABE5000
|
stack
|
page read and write
|
||
|
229478ED000
|
heap
|
page read and write
|
||
|
229479B3000
|
heap
|
page read and write
|
||
|
2294793D000
|
heap
|
page read and write
|
||
|
2294799F000
|
heap
|
page read and write
|
||
|
229478E5000
|
heap
|
page read and write
|
||
|
229457F5000
|
heap
|
page read and write
|
||
|
2294791E000
|
heap
|
page read and write
|
||
|
2294580F000
|
heap
|
page read and write
|
||
|
229457E7000
|
heap
|
page read and write
|
||
|
1AFE2082000
|
heap
|
page read and write
|
||
|
22945818000
|
heap
|
page read and write
|
||
|
2294580F000
|
heap
|
page read and write
|
||
|
2294791E000
|
heap
|
page read and write
|
||
|
C2311DE000
|
stack
|
page read and write
|
||
|
229479B5000
|
heap
|
page read and write
|
||
|
22945855000
|
heap
|
page read and write
|
||
|
2294581A000
|
heap
|
page read and write
|
||
|
229457E2000
|
heap
|
page read and write
|
||
|
7FF8A8F04000
|
unkown
|
page read and write
|
||
|
2294585C000
|
heap
|
page read and write
|
||
|
229456F0000
|
heap
|
page read and write
|
||
|
7FF772611000
|
unkown
|
page execute read
|
||
|
22945855000
|
heap
|
page read and write
|
||
|
22947AD8000
|
direct allocation
|
page read and write
|
||
|
7FF772610000
|
unkown
|
page readonly
|
||
|
229471A4000
|
direct allocation
|
page read and write
|
||
|
229457A0000
|
heap
|
page read and write
|
||
|
229457D7000
|
heap
|
page read and write
|
||
|
7FF772650000
|
unkown
|
page read and write
|
||
|
2294580F000
|
heap
|
page read and write
|
||
|
22945818000
|
heap
|
page read and write
|
||
|
7FF772652000
|
unkown
|
page readonly
|
||
|
22947A8C000
|
direct allocation
|
page read and write
|
||
|
229478FB000
|
heap
|
page read and write
|
||
|
2294799E000
|
heap
|
page read and write
|
||
|
229457A3000
|
heap
|
page read and write
|
||
|
22947B04000
|
direct allocation
|
page read and write
|
||
|
229457BF000
|
heap
|
page read and write
|
||
|
22947952000
|
heap
|
page read and write
|
||
|
2294577E000
|
heap
|
page read and write
|
||
|
229457FD000
|
heap
|
page read and write
|
||
|
229457EB000
|
heap
|
page read and write
|
||
|
7FF8A8F08000
|
unkown
|
page read and write
|
||
|
22947952000
|
heap
|
page read and write
|
||
|
2294583E000
|
heap
|
page read and write
|
||
|
229457A9000
|
heap
|
page read and write
|
||
|
22947174000
|
direct allocation
|
page read and write
|
||
|
229479AE000
|
heap
|
page read and write
|
||
|
7FF772652000
|
unkown
|
page readonly
|
||
|
22945830000
|
heap
|
page read and write
|
||
|
22947A0C000
|
direct allocation
|
page read and write
|
||
|
22945816000
|
heap
|
page read and write
|
||
|
22945857000
|
heap
|
page read and write
|
||
|
22945852000
|
heap
|
page read and write
|
||
|
7FF772611000
|
unkown
|
page execute read
|
||
|
22945858000
|
heap
|
page read and write
|
||
|
7FF8A8ECB000
|
unkown
|
page read and write
|
||
|
229457E2000
|
heap
|
page read and write
|
||
|
229457F5000
|
heap
|
page read and write
|
||
|
22947250000
|
heap
|
page read and write
|
||
|
22947A3C000
|
direct allocation
|
page read and write
|
||
|
22945831000
|
heap
|
page read and write
|
||
|
229457FD000
|
heap
|
page read and write
|
||
|
7FF772610000
|
unkown
|
page readonly
|
||
|
2294711C000
|
direct allocation
|
page read and write
|
||
|
22947914000
|
heap
|
page read and write
|
||
|
22947910000
|
heap
|
page read and write
|
||
|
22945852000
|
heap
|
page read and write
|
||
|
7FF77263B000
|
unkown
|
page readonly
|
||
|
7FF8A8AF1000
|
unkown
|
page execute read
|
||
|
229478E8000
|
heap
|
page read and write
|
||
|
22945823000
|
heap
|
page read and write
|
||
|
229457E7000
|
heap
|
page read and write
|
||
|
2294580F000
|
heap
|
page read and write
|
||
|
22947913000
|
heap
|
page read and write
|
||
|
1AFE206F000
|
heap
|
page read and write
|
||
|
22945813000
|
heap
|
page read and write
|
||
|
22947952000
|
heap
|
page read and write
|
||
|
229478FC000
|
heap
|
page read and write
|
||
|
22947935000
|
heap
|
page read and write
|
||
|
1AFE208C000
|
heap
|
page read and write
|
||
|
22947AE4000
|
direct allocation
|
page read and write
|
||
|
229478F0000
|
heap
|
page read and write
|
||
|
22945840000
|
heap
|
page read and write
|
||
|
229457FA000
|
heap
|
page read and write
|
||
|
2294580B000
|
heap
|
page read and write
|
||
|
2294585C000
|
heap
|
page read and write
|
||
|
22945855000
|
heap
|
page read and write
|
||
|
22947911000
|
heap
|
page read and write
|
||
|
7FF8A8F0B000
|
unkown
|
page read and write
|
||
|
2294576E000
|
heap
|
page read and write
|
||
|
2294799E000
|
heap
|
page read and write
|
||
|
7FF8A8DF9000
|
unkown
|
page readonly
|
||
|
7FF8A8EE9000
|
unkown
|
page read and write
|
||
|
22945808000
|
heap
|
page read and write
|
||
|
22945832000
|
heap
|
page read and write
|
||
|
22945852000
|
heap
|
page read and write
|
||
|
2294582D000
|
heap
|
page read and write
|
||
|
7FF77264E000
|
unkown
|
page write copy
|
||
|
22945855000
|
heap
|
page read and write
|
||
|
229478FC000
|
heap
|
page read and write
|
||
|
2294790F000
|
heap
|
page read and write
|
||
|
7FF8BFB91000
|
unkown
|
page execute read
|
||
|
22947178000
|
direct allocation
|
page read and write
|
||
|
2294790B000
|
heap
|
page read and write
|
||
|
229479B4000
|
heap
|
page read and write
|
||
|
22945816000
|
heap
|
page read and write
|
||
|
1AFE2082000
|
heap
|
page read and write
|
||
|
1AFE2082000
|
heap
|
page read and write
|
||
|
2294583E000
|
heap
|
page read and write
|
||
|
22945835000
|
heap
|
page read and write
|
||
|
22947938000
|
heap
|
page read and write
|
||
|
22947AC4000
|
direct allocation
|
page read and write
|
||
|
229457E7000
|
heap
|
page read and write
|
There are 331 hidden memdumps, click here to show them.