Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Quotation.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\nsp1B2F.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\Music\antithetic.ini
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\overlays\besvangredes\Emmens.udk
|
data
|
dropped
|
||
|
C:\Users\user\overlays\besvangredes\Launeddas.Bag176
|
data
|
dropped
|
||
|
C:\Users\user\overlays\besvangredes\Phenomenalizing\gear.dra
|
data
|
dropped
|
||
|
C:\Users\user\overlays\besvangredes\Phenomenalizing\jagtfalk.ill
|
data
|
dropped
|
||
|
C:\Users\user\overlays\besvangredes\Phenomenalizing\regill.ful
|
data
|
dropped
|
||
|
C:\Users\user\overlays\besvangredes\Phenomenalizing\sortlistningens.txt
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\overlays\besvangredes\Proprietrer.bet
|
data
|
dropped
|
||
|
C:\Users\user\overlays\besvangredes\Stridbar.Rek181
|
data
|
dropped
|
||
|
C:\Users\user\overlays\besvangredes\Trikstanks.pra
|
data
|
dropped
|
||
|
C:\Users\user\overlays\besvangredes\boyaus.rom
|
data
|
dropped
|
There are 3 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Quotation.exe
|
"C:\Users\user\Desktop\Quotation.exe"
|
|
|
|
C:\Users\user\Desktop\Quotation.exe
|
"C:\Users\user\Desktop\Quotation.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
http://www.ftp.ftp://ftp.gopher.
|
unknown
|
||
|
https://drive.usercontent.google.com/
|
unknown
|
||
|
http://www.w3c.org/TR/1999/REC-html401-19991224/frameset.dtd
|
unknown
|
||
|
https://apis.google.com
|
unknown
|
||
|
http://nsis.sf.net/NSIS_Error...
|
unknown
|
||
|
https://drive.google.com/
|
unknown
|
||
|
https://drive.google.com/r
|
unknown
|
||
|
https://inference.location.live.net/inferenceservice/v21/Pox/GetLocationUsingFingerprinte1e71f6b-214
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
18.31.95.13.in-addr.arpa
|
unknown
|
|
|
|
50.23.12.20.in-addr.arpa
|
unknown
|
|
|
|
drive.google.com
|
142.250.186.174
|
||
|
drive.usercontent.google.com
|
142.250.186.129
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
142.250.186.129
|
drive.usercontent.google.com
|
United States
|
||
|
142.250.186.174
|
drive.google.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Zoofulvin68\Uninstall\brevbrere
|
aircondition
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
35660000
|
direct allocation
|
page read and write
|
|
|
|
592C000
|
direct allocation
|
page execute and read and write
|
|
|
|
57AB000
|
heap
|
page read and write
|
||
|
356B0000
|
direct allocation
|
page read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
57BD000
|
heap
|
page read and write
|
||
|
27D0000
|
heap
|
page read and write
|
||
|
59A0000
|
heap
|
page read and write
|
||
|
2DD0000
|
direct allocation
|
page read and write
|
||
|
56F7000
|
heap
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
39DC000
|
stack
|
page read and write
|
||
|
5794000
|
heap
|
page read and write
|
||
|
35C9D000
|
direct allocation
|
page execute and read and write
|
||
|
5F2000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute read
|
||
|
73400000
|
unkown
|
page readonly
|
||
|
57B8000
|
heap
|
page read and write
|
||
|
2C40000
|
heap
|
page read and write
|
||
|
649000
|
unkown
|
page execute read
|
||
|
53CC000
|
remote allocation
|
page execute and read and write
|
||
|
353EE000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
E79000
|
heap
|
page read and write
|
||
|
34D50000
|
direct allocation
|
page read and write
|
||
|
71000
|
heap
|
page read and write
|
||
|
626000
|
unkown
|
page execute read
|
||
|
401000
|
unkown
|
page execute read
|
||
|
D0F000
|
stack
|
page read and write
|
||
|
3542E000
|
stack
|
page read and write
|
||
|
5940000
|
direct allocation
|
page read and write
|
||
|
35660000
|
direct allocation
|
page read and write
|
||
|
73404000
|
unkown
|
page readonly
|
||
|
ABF000
|
stack
|
page read and write
|
||
|
268E000
|
stack
|
page read and write
|
||
|
7A2000
|
unkown
|
page read and write
|
||
|
2C20000
|
direct allocation
|
page read and write
|
||
|
57B8000
|
heap
|
page read and write
|
||
|
350FE000
|
stack
|
page read and write
|
||
|
57AB000
|
heap
|
page read and write
|
||
|
356B0000
|
direct allocation
|
page read and write
|
||
|
5E6000
|
unkown
|
page execute read
|
||
|
4F2C000
|
direct allocation
|
page execute and read and write
|
||
|
57BA000
|
heap
|
page read and write
|
||
|
5E4000
|
unkown
|
page execute read
|
||
|
3550F000
|
stack
|
page read and write
|
||
|
579E000
|
heap
|
page read and write
|
||
|
56F0000
|
heap
|
page read and write
|
||
|
359D0000
|
direct allocation
|
page execute and read and write
|
||
|
3565D000
|
stack
|
page read and write
|
||
|
2D60000
|
direct allocation
|
page read and write
|
||
|
3581E000
|
heap
|
page read and write
|
||
|
57B8000
|
heap
|
page read and write
|
||
|
781000
|
unkown
|
page read and write
|
||
|
57BA000
|
heap
|
page read and write
|
||
|
57AB000
|
heap
|
page read and write
|
||
|
5803000
|
heap
|
page read and write
|
||
|
B18000
|
heap
|
page read and write
|
||
|
7AD000
|
unkown
|
page read and write
|
||
|
352FF000
|
stack
|
page read and write
|
||
|
820000
|
heap
|
page read and write
|
||
|
2D50000
|
direct allocation
|
page read and write
|
||
|
35947000
|
heap
|
page read and write
|
||
|
56D0000
|
heap
|
page read and write
|
||
|
2D90000
|
direct allocation
|
page read and write
|
||
|
3594B000
|
heap
|
page read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
57B1000
|
heap
|
page read and write
|
||
|
3ADB000
|
stack
|
page read and write
|
||
|
55F0000
|
heap
|
page read and write
|
||
|
5740000
|
heap
|
page read and write
|
||
|
35660000
|
heap
|
page read and write
|
||
|
5930000
|
direct allocation
|
page read and write
|
||
|
351FD000
|
stack
|
page read and write
|
||
|
351BF000
|
stack
|
page read and write
|
||
|
5980000
|
direct allocation
|
page read and write
|
||
|
57A8000
|
heap
|
page read and write
|
||
|
5EA000
|
unkown
|
page execute read
|
||
|
57BD000
|
heap
|
page read and write
|
||
|
5920000
|
direct allocation
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
772C000
|
direct allocation
|
page execute and read and write
|
||
|
7DB000
|
unkown
|
page readonly
|
||
|
21CC000
|
remote allocation
|
page execute and read and write
|
||
|
8B2C000
|
direct allocation
|
page execute and read and write
|
||
|
27D4000
|
heap
|
page read and write
|
||
|
6D2C000
|
direct allocation
|
page execute and read and write
|
||
|
35310000
|
heap
|
page read and write
|
||
|
2C50000
|
heap
|
page read and write
|
||
|
3110000
|
heap
|
page read and write
|
||
|
D4E000
|
stack
|
page read and write
|
||
|
356B0000
|
direct allocation
|
page read and write
|
||
|
57B8000
|
heap
|
page read and write
|
||
|
B10000
|
heap
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
57B1000
|
heap
|
page read and write
|
||
|
789000
|
unkown
|
page read and write
|
||
|
57BD000
|
heap
|
page read and write
|
||
|
5960000
|
direct allocation
|
page read and write
|
||
|
2BCC000
|
remote allocation
|
page execute and read and write
|
||
|
5748000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2D40000
|
direct allocation
|
page read and write
|
||
|
56F5000
|
heap
|
page read and write
|
||
|
5EC000
|
unkown
|
page execute read
|
||
|
35CA1000
|
direct allocation
|
page execute and read and write
|
||
|
5794000
|
heap
|
page read and write
|
||
|
58FF000
|
stack
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
3FCC000
|
remote allocation
|
page execute and read and write
|
||
|
5F0000
|
unkown
|
page execute read
|
||
|
812C000
|
direct allocation
|
page execute and read and write
|
||
|
57BA000
|
heap
|
page read and write
|
||
|
77C000
|
unkown
|
page read and write
|
||
|
1660000
|
remote allocation
|
page execute and read and write
|
||
|
35490000
|
remote allocation
|
page read and write
|
||
|
579E000
|
heap
|
page read and write
|
||
|
2D80000
|
direct allocation
|
page read and write
|
||
|
57FF000
|
heap
|
page read and write
|
||
|
5900000
|
direct allocation
|
page read and write
|
||
|
5803000
|
heap
|
page read and write
|
||
|
352BE000
|
stack
|
page read and write
|
||
|
35490000
|
remote allocation
|
page read and write
|
||
|
57BD000
|
heap
|
page read and write
|
||
|
B4A000
|
heap
|
page read and write
|
||
|
3555E000
|
stack
|
page read and write
|
||
|
353AF000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2DC0000
|
direct allocation
|
page read and write
|
||
|
7AB000
|
unkown
|
page read and write
|
||
|
5950000
|
direct allocation
|
page read and write
|
||
|
34D60000
|
direct allocation
|
page read and write
|
||
|
57A6000
|
heap
|
page read and write
|
||
|
356B0000
|
direct allocation
|
page read and write
|
||
|
57FF000
|
heap
|
page read and write
|
||
|
58BE000
|
stack
|
page read and write
|
||
|
57FF000
|
heap
|
page read and write
|
||
|
35D12000
|
direct allocation
|
page execute and read and write
|
||
|
632C000
|
direct allocation
|
page execute and read and write
|
||
|
2D70000
|
direct allocation
|
page read and write
|
||
|
35CC000
|
remote allocation
|
page execute and read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
49CC000
|
remote allocation
|
page execute and read and write
|
||
|
5EE000
|
unkown
|
page execute read
|
||
|
408000
|
unkown
|
page readonly
|
||
|
5803000
|
heap
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
27C0000
|
heap
|
page read and write
|
||
|
35AF9000
|
direct allocation
|
page execute and read and write
|
||
|
B66000
|
heap
|
page read and write
|
||
|
5803000
|
heap
|
page read and write
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
97E000
|
stack
|
page read and write
|
||
|
93E000
|
stack
|
page read and write
|
||
|
4DC0000
|
direct allocation
|
page execute and read and write
|
||
|
7A6000
|
unkown
|
page read and write
|
||
|
5E8000
|
unkown
|
page execute read
|
||
|
2DE0000
|
direct allocation
|
page read and write
|
||
|
57A8000
|
heap
|
page read and write
|
||
|
7DB000
|
unkown
|
page readonly
|
||
|
5796000
|
heap
|
page read and write
|
||
|
B7F000
|
heap
|
page read and write
|
||
|
278F000
|
stack
|
page read and write
|
||
|
3517E000
|
stack
|
page read and write
|
||
|
73401000
|
unkown
|
page execute read
|
||
|
E4F000
|
stack
|
page read and write
|
||
|
57B1000
|
heap
|
page read and write
|
||
|
5803000
|
heap
|
page read and write
|
||
|
356B0000
|
direct allocation
|
page read and write
|
||
|
57FB000
|
heap
|
page read and write
|
||
|
57FF000
|
heap
|
page read and write
|
||
|
359BC000
|
heap
|
page read and write
|
||
|
57A6000
|
heap
|
page read and write
|
||
|
573E000
|
stack
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
5990000
|
direct allocation
|
page read and write
|
||
|
7B4000
|
unkown
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
579E000
|
heap
|
page read and write
|
||
|
57BA000
|
heap
|
page read and write
|
||
|
7DB000
|
unkown
|
page readonly
|
||
|
B46000
|
heap
|
page read and write
|
||
|
35490000
|
remote allocation
|
page read and write
|
||
|
354CE000
|
stack
|
page read and write
|
||
|
5970000
|
direct allocation
|
page read and write
|
||
|
35AFD000
|
direct allocation
|
page execute and read and write
|
||
|
5784000
|
heap
|
page read and write
|
||
|
356B0000
|
direct allocation
|
page read and write
|
||
|
57A8000
|
heap
|
page read and write
|
||
|
35B6E000
|
direct allocation
|
page execute and read and write
|
||
|
17CC000
|
remote allocation
|
page execute and read and write
|
||
|
3513F000
|
stack
|
page read and write
|
||
|
E75000
|
heap
|
page read and write
|
||
|
35783000
|
heap
|
page read and write
|
||
|
587F000
|
stack
|
page read and write
|
||
|
57A6000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2DA0000
|
direct allocation
|
page read and write
|
||
|
57FF000
|
heap
|
page read and write
|
||
|
57B8000
|
heap
|
page read and write
|
||
|
9B5000
|
heap
|
page read and write
|
||
|
98000
|
stack
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
2DB0000
|
direct allocation
|
page read and write
|
||
|
57BD000
|
heap
|
page read and write
|
||
|
5910000
|
direct allocation
|
page read and write
|
||
|
786000
|
unkown
|
page read and write
|
||
|
3523D000
|
stack
|
page read and write
|
||
|
73406000
|
unkown
|
page readonly
|
||
|
3536E000
|
stack
|
page read and write
|
||
|
70000
|
heap
|
page read and write
|
There are 203 hidden memdumps, click here to show them.