Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Documenti di spedizione 000293949040405959000.exe
|
"C:\Users\user\Desktop\Documenti di spedizione 000293949040405959000.exe"
|
 |
|
|
C:\Users\user\Desktop\Documenti di spedizione 000293949040405959000.exe
|
"C:\Users\user\Desktop\Documenti di spedizione 000293949040405959000.exe"
|
|
|
|
C:\Users\user\Desktop\Documenti di spedizione 000293949040405959000.exe
|
"C:\Users\user\Desktop\Documenti di spedizione 000293949040405959000.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://api.ipify.org/
|
104.26.12.205
|
||
|
https://api.ipify.org
|
unknown
|
||
|
http://ftp.concaribe.com
|
unknown
|
||
|
https://aka.ms/dotnet-test.
|
unknown
|
||
|
https://aka.ms/vstest-configure-datacollector
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
||
|
http://concaribe.com
|
unknown
|
||
|
https://api.ipify.org/t
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://aka.ms/vstest-runsettings-arguments
|
unknown
|
||
|
https://aka.ms/console-logger
|
unknown
|
||
|
https://aka.ms/vstest-collect
|
unknown
|
There are 2 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
concaribe.com
|
192.185.13.234
|
|
|
|
ftp.concaribe.com
|
unknown
|
|
|
|
api.ipify.org
|
104.26.12.205
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.185.13.234
|
concaribe.com
|
United States
|
|
|
|
104.26.12.205
|
api.ipify.org
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Documenti di spedizione 000293949040405959000_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Documenti di spedizione 000293949040405959000_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Documenti di spedizione 000293949040405959000_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Documenti di spedizione 000293949040405959000_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Documenti di spedizione 000293949040405959000_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Documenti di spedizione 000293949040405959000_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Documenti di spedizione 000293949040405959000_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Documenti di spedizione 000293949040405959000_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Documenti di spedizione 000293949040405959000_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Documenti di spedizione 000293949040405959000_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Documenti di spedizione 000293949040405959000_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Documenti di spedizione 000293949040405959000_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Documenti di spedizione 000293949040405959000_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\Documenti di spedizione 000293949040405959000_RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
29EC000
|
trusted library allocation
|
page read and write
|
|
|
|
3EB9000
|
trusted library allocation
|
page read and write
|
|
|
|
29C1000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
5010000
|
heap
|
page read and write
|
||
|
521E000
|
unkown
|
page read and write
|
||
|
6500000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FA0000
|
heap
|
page execute and read and write
|
||
|
6490000
|
trusted library allocation
|
page read and write
|
||
|
7F2B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
637E000
|
stack
|
page read and write
|
||
|
C9E000
|
heap
|
page read and write
|
||
|
2936000
|
trusted library allocation
|
page read and write
|
||
|
2EB1000
|
trusted library allocation
|
page read and write
|
||
|
4B0E000
|
stack
|
page read and write
|
||
|
13F0000
|
trusted library allocation
|
page read and write
|
||
|
60D5000
|
heap
|
page read and write
|
||
|
C20000
|
trusted library allocation
|
page read and write
|
||
|
70A000
|
stack
|
page read and write
|
||
|
135F000
|
stack
|
page read and write
|
||
|
65E7000
|
trusted library allocation
|
page read and write
|
||
|
C88000
|
heap
|
page read and write
|
||
|
1100000
|
trusted library allocation
|
page read and write
|
||
|
27CC000
|
stack
|
page read and write
|
||
|
A90000
|
unkown
|
page readonly
|
||
|
29EA000
|
trusted library allocation
|
page read and write
|
||
|
C33000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E90000
|
trusted library allocation
|
page read and write
|
||
|
52F4000
|
trusted library allocation
|
page read and write
|
||
|
52F0000
|
trusted library allocation
|
page read and write
|
||
|
13DE000
|
stack
|
page read and write
|
||
|
5810000
|
heap
|
page read and write
|
||
|
C3D000
|
trusted library allocation
|
page execute and read and write
|
||
|
13E0000
|
trusted library allocation
|
page read and write
|
||
|
5490000
|
heap
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
54A3000
|
heap
|
page read and write
|
||
|
116E000
|
heap
|
page read and write
|
||
|
2942000
|
trusted library allocation
|
page read and write
|
||
|
29E8000
|
trusted library allocation
|
page read and write
|
||
|
AF9000
|
stack
|
page read and write
|
||
|
3971000
|
trusted library allocation
|
page read and write
|
||
|
61E0000
|
heap
|
page read and write
|
||
|
54C2000
|
trusted library allocation
|
page read and write
|
||
|
5FBE000
|
stack
|
page read and write
|
||
|
2A00000
|
trusted library allocation
|
page read and write
|
||
|
FE7000
|
heap
|
page read and write
|
||
|
5D2D000
|
heap
|
page read and write
|
||
|
552E000
|
stack
|
page read and write
|
||
|
5A20000
|
heap
|
page read and write
|
||
|
1140000
|
trusted library allocation
|
page read and write
|
||
|
A92000
|
unkown
|
page readonly
|
||
|
2910000
|
trusted library allocation
|
page read and write
|
||
|
5D49000
|
heap
|
page read and write
|
||
|
2954000
|
trusted library allocation
|
page read and write
|
||
|
64E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
C65000
|
trusted library allocation
|
page execute and read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
F7E000
|
stack
|
page read and write
|
||
|
61DD000
|
stack
|
page read and write
|
||
|
5910000
|
heap
|
page read and write
|
||
|
530A000
|
trusted library allocation
|
page read and write
|
||
|
10E4000
|
trusted library allocation
|
page read and write
|
||
|
1150000
|
trusted library allocation
|
page execute and read and write
|
||
|
531D000
|
trusted library allocation
|
page read and write
|
||
|
2922000
|
trusted library allocation
|
page read and write
|
||
|
2EA0000
|
heap
|
page read and write
|
||
|
2960000
|
heap
|
page read and write
|
||
|
6480000
|
trusted library allocation
|
page read and write
|
||
|
5D05000
|
heap
|
page read and write
|
||
|
C4D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3EB1000
|
trusted library allocation
|
page read and write
|
||
|
679F000
|
stack
|
page read and write
|
||
|
291B000
|
trusted library allocation
|
page read and write
|
||
|
2DCF000
|
stack
|
page read and write
|
||
|
D01000
|
heap
|
page read and write
|
||
|
1210000
|
heap
|
page read and write
|
||
|
152E000
|
stack
|
page read and write
|
||
|
10FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
10E3000
|
trusted library allocation
|
page execute and read and write
|
||
|
C62000
|
trusted library allocation
|
page read and write
|
||
|
2E70000
|
trusted library allocation
|
page read and write
|
||
|
4978000
|
trusted library allocation
|
page read and write
|
||
|
6860000
|
trusted library allocation
|
page execute and read and write
|
||
|
54C0000
|
trusted library allocation
|
page read and write
|
||
|
5CB5000
|
heap
|
page read and write
|
||
|
6850000
|
heap
|
page read and write
|
||
|
ECE000
|
stack
|
page read and write
|
||
|
5530000
|
trusted library section
|
page read and write
|
||
|
10F3000
|
trusted library allocation
|
page read and write
|
||
|
293D000
|
trusted library allocation
|
page read and write
|
||
|
CAA000
|
heap
|
page read and write
|
||
|
5CEB000
|
heap
|
page read and write
|
||
|
4E50000
|
trusted library allocation
|
page read and write
|
||
|
10ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
54B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1194000
|
heap
|
page read and write
|
||
|
1168000
|
heap
|
page read and write
|
||
|
52FB000
|
trusted library allocation
|
page read and write
|
||
|
13E3000
|
trusted library allocation
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
29B1000
|
trusted library allocation
|
page read and write
|
||
|
2931000
|
trusted library allocation
|
page read and write
|
||
|
CB5000
|
heap
|
page read and write
|
||
|
FBE000
|
stack
|
page read and write
|
||
|
2971000
|
trusted library allocation
|
page read and write
|
||
|
CB8000
|
heap
|
page read and write
|
||
|
E80000
|
trusted library allocation
|
page read and write
|
||
|
2916000
|
trusted library allocation
|
page read and write
|
||
|
5D24000
|
heap
|
page read and write
|
||
|
4FEC000
|
stack
|
page read and write
|
||
|
5A10000
|
heap
|
page read and write
|
||
|
ED7000
|
heap
|
page read and write
|
||
|
648D000
|
trusted library allocation
|
page read and write
|
||
|
65DE000
|
stack
|
page read and write
|
||
|
1117000
|
heap
|
page read and write
|
||
|
D0A000
|
heap
|
page read and write
|
||
|
5320000
|
trusted library allocation
|
page read and write
|
||
|
55A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
291E000
|
trusted library allocation
|
page read and write
|
||
|
28EE000
|
stack
|
page read and write
|
||
|
EF7000
|
stack
|
page read and write
|
||
|
1420000
|
heap
|
page read and write
|
||
|
39D6000
|
trusted library allocation
|
page read and write
|
||
|
2E85000
|
trusted library allocation
|
page read and write
|
||
|
555D000
|
stack
|
page read and write
|
||
|
67DE000
|
stack
|
page read and write
|
||
|
3999000
|
trusted library allocation
|
page read and write
|
||
|
511C000
|
stack
|
page read and write
|
||
|
65E0000
|
trusted library allocation
|
page read and write
|
||
|
110A000
|
trusted library allocation
|
page execute and read and write
|
||
|
6BBE000
|
stack
|
page read and write
|
||
|
5302000
|
trusted library allocation
|
page read and write
|
||
|
C30000
|
trusted library allocation
|
page read and write
|
||
|
2E7F000
|
trusted library allocation
|
page read and write
|
||
|
C56000
|
trusted library allocation
|
page execute and read and write
|
||
|
5580000
|
heap
|
page read and write
|
||
|
61F0000
|
heap
|
page read and write
|
||
|
11FB000
|
heap
|
page read and write
|
||
|
6ABE000
|
stack
|
page read and write
|
||
|
1110000
|
heap
|
page read and write
|
||
|
530E000
|
trusted library allocation
|
page read and write
|
||
|
53B0000
|
trusted library allocation
|
page read and write
|
||
|
1410000
|
trusted library allocation
|
page read and write
|
||
|
2950000
|
trusted library allocation
|
page read and write
|
||
|
64DE000
|
stack
|
page read and write
|
||
|
5013000
|
heap
|
page read and write
|
||
|
1400000
|
heap
|
page execute and read and write
|
||
|
1106000
|
trusted library allocation
|
page execute and read and write
|
||
|
1187000
|
heap
|
page read and write
|
||
|
5610000
|
heap
|
page execute and read and write
|
||
|
55A0000
|
heap
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
55FC000
|
stack
|
page read and write
|
||
|
29F2000
|
trusted library allocation
|
page read and write
|
||
|
5D40000
|
heap
|
page read and write
|
||
|
27E0000
|
heap
|
page execute and read and write
|
||
|
55C0000
|
trusted library allocation
|
page read and write
|
||
|
292E000
|
trusted library allocation
|
page read and write
|
||
|
F1E000
|
stack
|
page read and write
|
||
|
C34000
|
trusted library allocation
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
681E000
|
stack
|
page read and write
|
||
|
5316000
|
trusted library allocation
|
page read and write
|
||
|
5322000
|
trusted library allocation
|
page read and write
|
||
|
52F6000
|
trusted library allocation
|
page read and write
|
||
|
28F0000
|
trusted library allocation
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
6820000
|
trusted library allocation
|
page read and write
|
||
|
C67000
|
trusted library allocation
|
page execute and read and write
|
||
|
29A7000
|
trusted library allocation
|
page read and write
|
||
|
C50000
|
trusted library allocation
|
page read and write
|
||
|
2E80000
|
trusted library allocation
|
page read and write
|
||
|
5590000
|
trusted library allocation
|
page read and write
|
||
|
43E000
|
remote allocation
|
page execute and read and write
|
||
|
633E000
|
stack
|
page read and write
|
||
|
6497000
|
trusted library allocation
|
page read and write
|
||
|
647E000
|
stack
|
page read and write
|
||
|
5600000
|
trusted library section
|
page readonly
|
||
|
4FAE000
|
stack
|
page read and write
|
||
|
52FE000
|
trusted library allocation
|
page read and write
|
||
|
2900000
|
trusted library allocation
|
page read and write
|
||
|
1127000
|
trusted library allocation
|
page execute and read and write
|
||
|
C15000
|
heap
|
page read and write
|
||
|
659E000
|
stack
|
page read and write
|
||
|
292A000
|
trusted library allocation
|
page read and write
|
||
|
55C8000
|
trusted library allocation
|
page read and write
|
||
|
27D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
C40000
|
trusted library allocation
|
page read and write
|
||
|
7BD000
|
stack
|
page read and write
|
||
|
11A2000
|
heap
|
page read and write
|
||
|
6A70000
|
heap
|
page read and write
|
||
|
C52000
|
trusted library allocation
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
64F0000
|
trusted library allocation
|
page read and write
|
||
|
C6B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1120000
|
trusted library allocation
|
page read and write
|
||
|
60D0000
|
heap
|
page read and write
|
||
|
E7E000
|
stack
|
page read and write
|
||
|
4E70000
|
heap
|
page read and write
|
||
|
139E000
|
stack
|
page read and write
|
||
|
1160000
|
heap
|
page read and write
|
||
|
29BD000
|
trusted library allocation
|
page read and write
|
||
|
580F000
|
stack
|
page read and write
|
||
|
BBA000
|
stack
|
page read and write
|
||
|
112B000
|
trusted library allocation
|
page execute and read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
C5A000
|
trusted library allocation
|
page execute and read and write
|
||
|
29AF000
|
trusted library allocation
|
page read and write
|
||
|
CF7000
|
heap
|
page read and write
|
||
|
5311000
|
trusted library allocation
|
page read and write
|
||
|
ED0000
|
heap
|
page read and write
|
||
|
54A0000
|
heap
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
10D0000
|
trusted library allocation
|
page read and write
|
||
|
10E0000
|
trusted library allocation
|
page read and write
|
||
|
623E000
|
stack
|
page read and write
|
||
|
5C80000
|
heap
|
page read and write
|
||
|
65F0000
|
trusted library allocation
|
page read and write
|
||
|
D46000
|
heap
|
page read and write
|
There are 211 hidden memdumps, click here to show them.