Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\HkppfZO2WW.exe
|
"C:\Users\user\Desktop\HkppfZO2WW.exe" -install
|
||
|
C:\Program Files (x86)\Java\jre-1.8\bin\javaw.exe
|
"C:\Program Files (x86)\Java\jre-1.8\bin\javaw.exe" -jar "C:\Users\user\Desktop\HkppfZO2WW.exe" -install
|
||
|
C:\Users\user\Desktop\HkppfZO2WW.exe
|
"C:\Users\user\Desktop\HkppfZO2WW.exe" /install
|
||
|
C:\Program Files (x86)\Java\jre-1.8\bin\javaw.exe
|
"C:\Program Files (x86)\Java\jre-1.8\bin\javaw.exe" -jar "C:\Users\user\Desktop\HkppfZO2WW.exe" /install
|
||
|
C:\Users\user\Desktop\HkppfZO2WW.exe
|
"C:\Users\user\Desktop\HkppfZO2WW.exe" /load
|
||
|
C:\Program Files (x86)\Java\jre-1.8\bin\javaw.exe
|
"C:\Program Files (x86)\Java\jre-1.8\bin\javaw.exe" -jar "C:\Users\user\Desktop\HkppfZO2WW.exe" /load
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://cert.ssl.com/SSLcom-SubCA-EV-codeSigning-ECC-384-R2.cer0
|
unknown
|
||
|
http://www.ssl.com/repository/SSLcom-RootCA-EV-ECC-384-R1.crt0
|
unknown
|
||
|
http://ocsps.ssl.com0
|
unknown
|
||
|
http://crls.ssl.com/ssl.com-EVecc-RootCA.crl0
|
unknown
|
||
|
http://crls.ssl.com/SSLcom-SubCA-EV-codeSigning-ECC-384-R2.crl0
|
unknown
|
||
|
https://www.ssl.com/repository0
|
unknown
|
||
|
http://ocsps.ssl.com0P
|
unknown
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
9C000
|
stack
|
page read and write
|
||
|
123000
|
heap
|
page read and write
|
||
|
2C6E000
|
stack
|
page read and write
|
||
|
130D000
|
heap
|
page read and write
|
||
|
670000
|
heap
|
page read and write
|
||
|
495000
|
heap
|
page read and write
|
||
|
645000
|
stack
|
page read and write
|
||
|
ADC000
|
stack
|
page read and write
|
||
|
40F000
|
unkown
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
5170000
|
trusted library allocation
|
page read and write
|
||
|
58E000
|
stack
|
page read and write
|
||
|
411000
|
unkown
|
page write copy
|
||
|
B40000
|
heap
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
244F000
|
stack
|
page read and write
|
||
|
13E000
|
stack
|
page read and write
|
||
|
12F0000
|
heap
|
page read and write
|
||
|
1327000
|
heap
|
page read and write
|
||
|
1319000
|
heap
|
page read and write
|
||
|
494000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
57D0000
|
trusted library allocation
|
page read and write
|
||
|
DFA000
|
stack
|
page read and write
|
||
|
C74000
|
heap
|
page read and write
|
||
|
17A000
|
stack
|
page read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
10A0000
|
heap
|
page read and write
|
||
|
6F6000
|
heap
|
page read and write
|
||
|
E50000
|
heap
|
page read and write
|
||
|
EC0000
|
heap
|
page read and write
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
1108000
|
heap
|
page read and write
|
||
|
450000
|
heap
|
page read and write
|
||
|
1129000
|
heap
|
page read and write
|
||
|
78F000
|
stack
|
page read and write
|
||
|
1316000
|
heap
|
page read and write
|
||
|
40F000
|
unkown
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
410000
|
unkown
|
page write copy
|
||
|
720000
|
heap
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
48D000
|
heap
|
page read and write
|
||
|
CEF000
|
stack
|
page read and write
|
||
|
EB0000
|
heap
|
page read and write
|
||
|
E54000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
140000
|
heap
|
page read and write
|
||
|
1145000
|
heap
|
page read and write
|
||
|
406000
|
unkown
|
page readonly
|
||
|
406000
|
unkown
|
page readonly
|
||
|
170000
|
heap
|
page read and write
|
||
|
469000
|
heap
|
page read and write
|
||
|
4540000
|
heap
|
page read and write
|
||
|
D5E000
|
stack
|
page read and write
|
||
|
C0000
|
heap
|
page read and write
|
||
|
F0000
|
heap
|
page read and write
|
||
|
66E000
|
stack
|
page read and write
|
||
|
AEF000
|
stack
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1335000
|
heap
|
page read and write
|
||
|
1122000
|
heap
|
page read and write
|
||
|
737000
|
heap
|
page read and write
|
||
|
406000
|
unkown
|
page readonly
|
||
|
F0000
|
heap
|
page read and write
|
||
|
CD0000
|
heap
|
page read and write
|
||
|
666000
|
stack
|
page read and write
|
||
|
472000
|
heap
|
page read and write
|
||
|
111D000
|
heap
|
page read and write
|
||
|
472000
|
heap
|
page read and write
|
||
|
13E000
|
stack
|
page read and write
|
||
|
AAF000
|
stack
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
CBF000
|
stack
|
page read and write
|
||
|
113D000
|
heap
|
page read and write
|
||
|
487000
|
heap
|
page read and write
|
||
|
430000
|
heap
|
page read and write
|
||
|
657000
|
stack
|
page read and write
|
||
|
10A000
|
heap
|
page read and write
|
||
|
6E0000
|
heap
|
page read and write
|
||
|
406000
|
unkown
|
page readonly
|
||
|
121000
|
heap
|
page read and write
|
||
|
666000
|
stack
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
40F000
|
unkown
|
page read and write
|
||
|
1619000
|
heap
|
page read and write
|
||
|
1119000
|
heap
|
page read and write
|
||
|
2CFF000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
190000
|
heap
|
page read and write
|
||
|
BDF000
|
stack
|
page read and write
|
||
|
1A0000
|
heap
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
100000
|
heap
|
page read and write
|
||
|
12CE000
|
stack
|
page read and write
|
||
|
6E8000
|
heap
|
page read and write
|
||
|
1BE000
|
stack
|
page read and write
|
||
|
12F8000
|
heap
|
page read and write
|
||
|
143F000
|
stack
|
page read and write
|
||
|
140000
|
heap
|
page read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
819000
|
heap
|
page read and write
|
||
|
2CBE000
|
stack
|
page read and write
|
||
|
410000
|
unkown
|
page write copy
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
4544000
|
heap
|
page read and write
|
||
|
406000
|
unkown
|
page readonly
|
||
|
815000
|
heap
|
page read and write
|
||
|
128F000
|
stack
|
page read and write
|
||
|
D0E000
|
stack
|
page read and write
|
||
|
645000
|
stack
|
page read and write
|
||
|
73E000
|
stack
|
page read and write
|
||
|
131C000
|
heap
|
page read and write
|
||
|
1137000
|
heap
|
page read and write
|
||
|
479000
|
heap
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
1309000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1309000
|
heap
|
page read and write
|
||
|
1610000
|
heap
|
page read and write
|
||
|
4480000
|
heap
|
page read and write
|
||
|
123E000
|
stack
|
page read and write
|
||
|
6FF000
|
stack
|
page read and write
|
||
|
469000
|
heap
|
page read and write
|
||
|
728000
|
heap
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
A8A000
|
stack
|
page read and write
|
||
|
10E000
|
heap
|
page read and write
|
||
|
1EE000
|
stack
|
page read and write
|
||
|
1312000
|
heap
|
page read and write
|
||
|
657000
|
stack
|
page read and write
|
||
|
C6E000
|
stack
|
page read and write
|
||
|
E4C000
|
stack
|
page read and write
|
||
|
10A9000
|
heap
|
page read and write
|
||
|
47C000
|
heap
|
page read and write
|
||
|
9DE000
|
stack
|
page read and write
|
||
|
657000
|
stack
|
page read and write
|
||
|
645000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1CC000
|
stack
|
page read and write
|
||
|
666000
|
stack
|
page read and write
|
||
|
66E000
|
stack
|
page read and write
|
||
|
410000
|
unkown
|
page write copy
|
||
|
1334000
|
heap
|
page read and write
|
||
|
476000
|
heap
|
page read and write
|
||
|
79E000
|
stack
|
page read and write
|
||
|
15F0000
|
heap
|
page read and write
|
||
|
1615000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
411000
|
unkown
|
page write copy
|
||
|
9C000
|
stack
|
page read and write
|
||
|
66E000
|
stack
|
page read and write
|
||
|
1312000
|
heap
|
page read and write
|
||
|
1126000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
5C80000
|
trusted library allocation
|
page read and write
|
||
|
46D000
|
heap
|
page read and write
|
||
|
406000
|
unkown
|
page readonly
|
||
|
458000
|
heap
|
page read and write
|
||
|
112C000
|
heap
|
page read and write
|
||
|
10A5000
|
heap
|
page read and write
|
||
|
1144000
|
heap
|
page read and write
|
||
|
440000
|
heap
|
page read and write
|
||
|
1119000
|
heap
|
page read and write
|
||
|
99F000
|
stack
|
page read and write
|
||
|
411000
|
unkown
|
page write copy
|
||
|
1122000
|
heap
|
page read and write
|
There are 163 hidden memdumps, click here to show them.