Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
P.O.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\P.O.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\P.O.exe
|
"C:\Users\user\Desktop\P.O.exe"
|
|
|
|
C:\Users\user\Desktop\P.O.exe
|
"C:\Users\user\Desktop\P.O.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
http://tempuri.org/ianiDataSet2.xsdM
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://tempuri.org/ianiDataSet.xsd
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
http://tempuri.org/ianiDataSet1.xsd
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
There are 18 hidden URLs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1210000
|
direct allocation
|
page read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
A20000
|
heap
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
7C30000
|
trusted library section
|
page read and write
|
||
|
3F11000
|
trusted library allocation
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
A3CE000
|
stack
|
page read and write
|
||
|
55A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
118A000
|
trusted library allocation
|
page execute and read and write
|
||
|
5937000
|
heap
|
page read and write
|
||
|
1027000
|
heap
|
page read and write
|
||
|
143C000
|
stack
|
page read and write
|
||
|
53B0000
|
trusted library allocation
|
page read and write
|
||
|
5440000
|
trusted library allocation
|
page read and write
|
||
|
4FE000
|
stack
|
page read and write
|
||
|
2F00000
|
heap
|
page read and write
|
||
|
1045000
|
heap
|
page read and write
|
||
|
2EF0000
|
trusted library allocation
|
page read and write
|
||
|
5650000
|
heap
|
page execute and read and write
|
||
|
116D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1186000
|
direct allocation
|
page execute and read and write
|
||
|
A64E000
|
stack
|
page read and write
|
||
|
5900000
|
heap
|
page read and write
|
||
|
5390000
|
trusted library allocation
|
page read and write
|
||
|
A70000
|
unkown
|
page readonly
|
||
|
58EE000
|
stack
|
page read and write
|
||
|
1171000
|
direct allocation
|
page execute and read and write
|
||
|
75A0000
|
heap
|
page read and write
|
||
|
1190000
|
trusted library allocation
|
page read and write
|
||
|
5919000
|
heap
|
page read and write
|
||
|
D5F000
|
stack
|
page read and write
|
||
|
FE9000
|
direct allocation
|
page execute and read and write
|
||
|
8FC000
|
stack
|
page read and write
|
||
|
5371000
|
trusted library allocation
|
page read and write
|
||
|
5382000
|
trusted library allocation
|
page read and write
|
||
|
A4CF000
|
stack
|
page read and write
|
||
|
7430000
|
heap
|
page read and write
|
||
|
2F11000
|
trusted library allocation
|
page read and write
|
||
|
1460000
|
heap
|
page read and write
|
||
|
1180000
|
trusted library allocation
|
page read and write
|
||
|
105E000
|
direct allocation
|
page execute and read and write
|
||
|
2EF5000
|
trusted library allocation
|
page read and write
|
||
|
120E000
|
heap
|
page read and write
|
||
|
5580000
|
heap
|
page read and write
|
||
|
6FE0000
|
trusted library allocation
|
page read and write
|
||
|
5640000
|
trusted library section
|
page read and write
|
||
|
500C000
|
stack
|
page read and write
|
||
|
FED000
|
direct allocation
|
page execute and read and write
|
||
|
A0E000
|
stack
|
page read and write
|
||
|
A72000
|
unkown
|
page readonly
|
||
|
5A10000
|
trusted library allocation
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
5911000
|
heap
|
page read and write
|
||
|
100E000
|
stack
|
page read and write
|
||
|
5450000
|
heap
|
page read and write
|
||
|
55B0000
|
heap
|
page read and write
|
||
|
5354000
|
trusted library allocation
|
page read and write
|
||
|
E3A000
|
stack
|
page read and write
|
||
|
537D000
|
trusted library allocation
|
page read and write
|
||
|
4B0000
|
heap
|
page read and write
|
||
|
1164000
|
trusted library allocation
|
page read and write
|
||
|
1192000
|
trusted library allocation
|
page read and write
|
||
|
7DBF000
|
stack
|
page read and write
|
||
|
13FE000
|
stack
|
page read and write
|
||
|
7790000
|
trusted library allocation
|
page read and write
|
||
|
A67000
|
heap
|
page read and write
|
||
|
536E000
|
trusted library allocation
|
page read and write
|
||
|
2EC0000
|
trusted library allocation
|
page read and write
|
||
|
7052000
|
trusted library allocation
|
page read and write
|
||
|
2ED0000
|
trusted library allocation
|
page read and write
|
||
|
3F19000
|
trusted library allocation
|
page read and write
|
||
|
156E000
|
stack
|
page read and write
|
||
|
E5F000
|
stack
|
page read and write
|
||
|
1197000
|
trusted library allocation
|
page execute and read and write
|
||
|
12D3000
|
heap
|
page read and write
|
||
|
12B0000
|
heap
|
page read and write
|
||
|
53F0000
|
heap
|
page read and write
|
||
|
771E000
|
stack
|
page read and write
|
||
|
1163000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F6A000
|
trusted library allocation
|
page read and write
|
||
|
5410000
|
trusted library allocation
|
page execute and read and write
|
||
|
78DE000
|
stack
|
page read and write
|
||
|
1450000
|
trusted library allocation
|
page read and write
|
||
|
5463000
|
heap
|
page read and write
|
||
|
7030000
|
trusted library allocation
|
page read and write
|
||
|
A60000
|
heap
|
page read and write
|
||
|
7020000
|
trusted library allocation
|
page read and write
|
||
|
555B000
|
stack
|
page read and write
|
||
|
A74E000
|
stack
|
page read and write
|
||
|
1120000
|
heap
|
page read and write
|
||
|
12A5000
|
heap
|
page read and write
|
||
|
1170000
|
trusted library allocation
|
page read and write
|
||
|
76DE000
|
stack
|
page read and write
|
||
|
117D000
|
trusted library allocation
|
page execute and read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
1020000
|
heap
|
page read and write
|
||
|
58F0000
|
heap
|
page read and write
|
||
|
777E000
|
stack
|
page read and write
|
||
|
5570000
|
heap
|
page read and write
|
||
|
1186000
|
trusted library allocation
|
page execute and read and write
|
||
|
5455000
|
heap
|
page read and write
|
||
|
7780000
|
trusted library allocation
|
page read and write
|
||
|
FCE000
|
stack
|
page read and write
|
||
|
2E10000
|
heap
|
page execute and read and write
|
||
|
5402000
|
trusted library allocation
|
page read and write
|
||
|
77DE000
|
stack
|
page read and write
|
||
|
535B000
|
trusted library allocation
|
page read and write
|
||
|
702F000
|
trusted library allocation
|
page read and write
|
||
|
2E0E000
|
stack
|
page read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
1242000
|
heap
|
page read and write
|
||
|
119B000
|
trusted library allocation
|
page execute and read and write
|
||
|
A60E000
|
stack
|
page read and write
|
||
|
6FD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1160000
|
trusted library allocation
|
page read and write
|
||
|
1440000
|
trusted library allocation
|
page execute and read and write
|
||
|
1173000
|
trusted library allocation
|
page read and write
|
||
|
1236000
|
heap
|
page read and write
|
||
|
B6C000
|
unkown
|
page readonly
|
||
|
11B0000
|
trusted library allocation
|
page read and write
|
||
|
2E28000
|
trusted library allocation
|
page read and write
|
||
|
5460000
|
heap
|
page read and write
|
||
|
2F73000
|
trusted library allocation
|
page read and write
|
||
|
A50E000
|
stack
|
page read and write
|
||
|
2EE0000
|
trusted library allocation
|
page read and write
|
||
|
1150000
|
trusted library allocation
|
page read and write
|
||
|
5560000
|
trusted library section
|
page readonly
|
||
|
118D000
|
direct allocation
|
page execute and read and write
|
||
|
5376000
|
trusted library allocation
|
page read and write
|
||
|
5350000
|
trusted library allocation
|
page read and write
|
||
|
1229000
|
heap
|
page read and write
|
||
|
11FE000
|
stack
|
page read and write
|
||
|
1244000
|
heap
|
page read and write
|
||
|
5420000
|
trusted library allocation
|
page read and write
|
||
|
F37000
|
stack
|
page read and write
|
||
|
1208000
|
direct allocation
|
page execute and read and write
|
||
|
59D000
|
stack
|
page read and write
|
||
|
5400000
|
trusted library allocation
|
page read and write
|
||
|
7730000
|
trusted library allocation
|
page execute and read and write
|
||
|
1040000
|
heap
|
page read and write
|
||
|
1208000
|
heap
|
page read and write
|
||
|
EC0000
|
direct allocation
|
page execute and read and write
|
There are 134 hidden memdumps, click here to show them.