Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\file.exe
|
"C:\Users\user\Desktop\file.exe"
|
 |
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://occupy-blushi.sbs/api
|
172.67.187.240
|
||
|
https://occupy-blushi.sbs:443/apiNs
|
unknown
|
||
|
https://property-imper.sbs:443/api)t
|
unknown
|
||
|
https://occupy-blushi.sbs:443/api
|
unknown
|
||
|
https://occupy-blushi.sbs/
|
unknown
|
||
|
https://occupy-blushi.sbs/apil8
|
unknown
|
||
|
https://frogs-severz.sbs:443/api
|
unknown
|
||
|
https://occupy-blushi.sbs/=H3
|
unknown
|
||
|
https://occupy-blushi.sbs/apiS
|
unknown
|
||
|
https://occupy-blushi.sbs/api4
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
occupy-blushi.sbs
|
172.67.187.240
|
||
|
property-imper.sbs
|
unknown
|
||
|
frogs-severz.sbs
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.67.187.240
|
occupy-blushi.sbs
|
United States
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
38FF000
|
stack
|
page read and write
|
||
|
BF5000
|
unkown
|
page execute and read and write
|
||
|
73C8F000
|
unkown
|
page readonly
|
||
|
3F3F000
|
stack
|
page read and write
|
||
|
31F0000
|
heap
|
page read and write
|
||
|
5304000
|
direct allocation
|
page read and write
|
||
|
4BFE000
|
stack
|
page read and write
|
||
|
5910000
|
remote allocation
|
page read and write
|
||
|
393E000
|
stack
|
page read and write
|
||
|
BB0000
|
unkown
|
page readonly
|
||
|
1646000
|
heap
|
page read and write
|
||
|
5400000
|
direct allocation
|
page execute and read and write
|
||
|
4BBF000
|
stack
|
page read and write
|
||
|
3E3E000
|
stack
|
page read and write
|
||
|
357E000
|
stack
|
page read and write
|
||
|
31F7000
|
heap
|
page read and write
|
||
|
5A7F000
|
stack
|
page read and write
|
||
|
15D0000
|
direct allocation
|
page read and write
|
||
|
4E41000
|
heap
|
page read and write
|
||
|
5440000
|
direct allocation
|
page execute and read and write
|
||
|
556D000
|
stack
|
page read and write
|
||
|
4E41000
|
heap
|
page read and write
|
||
|
11DE000
|
stack
|
page read and write
|
||
|
164F000
|
heap
|
page read and write
|
||
|
15D0000
|
direct allocation
|
page read and write
|
||
|
4CFF000
|
stack
|
page read and write
|
||
|
15D0000
|
direct allocation
|
page read and write
|
||
|
1170000
|
heap
|
page read and write
|
||
|
5430000
|
direct allocation
|
page execute and read and write
|
||
|
16B5000
|
heap
|
page read and write
|
||
|
497E000
|
stack
|
page read and write
|
||
|
4D3E000
|
stack
|
page read and write
|
||
|
5C2E000
|
stack
|
page read and write
|
||
|
4E41000
|
heap
|
page read and write
|
||
|
4E41000
|
heap
|
page read and write
|
||
|
41FE000
|
stack
|
page read and write
|
||
|
407F000
|
stack
|
page read and write
|
||
|
1618000
|
heap
|
page read and write
|
||
|
3BBE000
|
stack
|
page read and write
|
||
|
4E41000
|
heap
|
page read and write
|
||
|
41BF000
|
stack
|
page read and write
|
||
|
493F000
|
stack
|
page read and write
|
||
|
4E41000
|
heap
|
page read and write
|
||
|
3DFF000
|
stack
|
page read and write
|
||
|
40BE000
|
stack
|
page read and write
|
||
|
32FF000
|
stack
|
page read and write
|
||
|
1160000
|
heap
|
page read and write
|
||
|
46BF000
|
stack
|
page read and write
|
||
|
367F000
|
stack
|
page read and write
|
||
|
4E41000
|
heap
|
page read and write
|
||
|
5410000
|
direct allocation
|
page execute and read and write
|
||
|
3CFE000
|
stack
|
page read and write
|
||
|
15D0000
|
direct allocation
|
page read and write
|
||
|
15D0000
|
direct allocation
|
page read and write
|
||
|
52FC000
|
stack
|
page read and write
|
||
|
EB3000
|
unkown
|
page execute and read and write
|
||
|
3A7E000
|
stack
|
page read and write
|
||
|
15D0000
|
direct allocation
|
page read and write
|
||
|
56AE000
|
stack
|
page read and write
|
||
|
4E41000
|
heap
|
page read and write
|
||
|
53FF000
|
stack
|
page read and write
|
||
|
EA6000
|
unkown
|
page execute and read and write
|
||
|
5BBE000
|
stack
|
page read and write
|
||
|
1565000
|
heap
|
page read and write
|
||
|
16A6000
|
heap
|
page read and write
|
||
|
1054000
|
unkown
|
page execute and write copy
|
||
|
15D0000
|
direct allocation
|
page read and write
|
||
|
16A3000
|
heap
|
page read and write
|
||
|
5430000
|
direct allocation
|
page execute and read and write
|
||
|
447E000
|
stack
|
page read and write
|
||
|
5910000
|
remote allocation
|
page read and write
|
||
|
1654000
|
heap
|
page read and write
|
||
|
4E41000
|
heap
|
page read and write
|
||
|
73C70000
|
unkown
|
page readonly
|
||
|
5450000
|
direct allocation
|
page execute and read and write
|
||
|
16B5000
|
heap
|
page read and write
|
||
|
16C4000
|
heap
|
page read and write
|
||
|
483E000
|
stack
|
page read and write
|
||
|
4E41000
|
heap
|
page read and write
|
||
|
4E50000
|
heap
|
page read and write
|
||
|
47FF000
|
stack
|
page read and write
|
||
|
4E40000
|
heap
|
page read and write
|
||
|
1560000
|
heap
|
page read and write
|
||
|
5430000
|
direct allocation
|
page execute and read and write
|
||
|
5ABE000
|
stack
|
page read and write
|
||
|
31BE000
|
stack
|
page read and write
|
||
|
3CBF000
|
stack
|
page read and write
|
||
|
31D0000
|
direct allocation
|
page read and write
|
||
|
4E41000
|
heap
|
page read and write
|
||
|
37FE000
|
stack
|
page read and write
|
||
|
C09000
|
unkown
|
page execute and read and write
|
||
|
4E41000
|
heap
|
page read and write
|
||
|
E9D000
|
unkown
|
page execute and read and write
|
||
|
15EA000
|
heap
|
page read and write
|
||
|
37BF000
|
stack
|
page read and write
|
||
|
1053000
|
unkown
|
page execute and read and write
|
||
|
16AD000
|
heap
|
page read and write
|
||
|
31FD000
|
heap
|
page read and write
|
||
|
46FE000
|
stack
|
page read and write
|
||
|
4E41000
|
heap
|
page read and write
|
||
|
1650000
|
heap
|
page read and write
|
||
|
57AF000
|
stack
|
page read and write
|
||
|
BB1000
|
unkown
|
page execute and write copy
|
||
|
5430000
|
direct allocation
|
page execute and read and write
|
||
|
15D0000
|
direct allocation
|
page read and write
|
||
|
EB4000
|
unkown
|
page execute and write copy
|
||
|
73C86000
|
unkown
|
page readonly
|
||
|
4E41000
|
heap
|
page read and write
|
||
|
15E0000
|
heap
|
page read and write
|
||
|
C07000
|
unkown
|
page read and write
|
||
|
443F000
|
stack
|
page read and write
|
||
|
17DE000
|
stack
|
page read and write
|
||
|
4E41000
|
heap
|
page read and write
|
||
|
4E41000
|
heap
|
page read and write
|
||
|
16B8000
|
heap
|
page read and write
|
||
|
15AB000
|
stack
|
page read and write
|
||
|
4E41000
|
heap
|
page read and write
|
||
|
353F000
|
stack
|
page read and write
|
||
|
4E41000
|
heap
|
page read and write
|
||
|
547C000
|
trusted library allocation
|
page read and write
|
||
|
15D0000
|
direct allocation
|
page read and write
|
||
|
33FF000
|
stack
|
page read and write
|
||
|
5430000
|
direct allocation
|
page execute and read and write
|
||
|
E73000
|
unkown
|
page execute and read and write
|
||
|
31D0000
|
direct allocation
|
page read and write
|
||
|
597E000
|
stack
|
page read and write
|
||
|
D94000
|
unkown
|
page execute and read and write
|
||
|
4A7F000
|
stack
|
page read and write
|
||
|
4ABE000
|
stack
|
page read and write
|
||
|
115B000
|
stack
|
page read and write
|
||
|
150E000
|
stack
|
page read and write
|
||
|
5D2F000
|
stack
|
page read and write
|
||
|
4E3F000
|
stack
|
page read and write
|
||
|
73C8D000
|
unkown
|
page read and write
|
||
|
16B8000
|
heap
|
page read and write
|
||
|
4E41000
|
heap
|
page read and write
|
||
|
52C0000
|
direct allocation
|
page read and write
|
||
|
45BE000
|
stack
|
page read and write
|
||
|
154E000
|
stack
|
page read and write
|
||
|
C07000
|
unkown
|
page write copy
|
||
|
42FF000
|
stack
|
page read and write
|
||
|
1625000
|
heap
|
page read and write
|
||
|
16A0000
|
heap
|
page read and write
|
||
|
BB1000
|
unkown
|
page execute and read and write
|
||
|
15D0000
|
direct allocation
|
page read and write
|
||
|
B4B000
|
stack
|
page read and write
|
||
|
15D0000
|
direct allocation
|
page read and write
|
||
|
15D0000
|
direct allocation
|
page read and write
|
||
|
15D0000
|
direct allocation
|
page read and write
|
||
|
566D000
|
stack
|
page read and write
|
||
|
3A3F000
|
stack
|
page read and write
|
||
|
5430000
|
direct allocation
|
page execute and read and write
|
||
|
163B000
|
heap
|
page read and write
|
||
|
1654000
|
heap
|
page read and write
|
||
|
15EE000
|
heap
|
page read and write
|
||
|
BB0000
|
unkown
|
page read and write
|
||
|
EB3000
|
unkown
|
page execute and write copy
|
||
|
433E000
|
stack
|
page read and write
|
||
|
5460000
|
direct allocation
|
page execute and read and write
|
||
|
16BA000
|
heap
|
page read and write
|
||
|
4E41000
|
heap
|
page read and write
|
||
|
16B2000
|
heap
|
page read and write
|
||
|
3F7E000
|
stack
|
page read and write
|
||
|
15B0000
|
heap
|
page read and write
|
||
|
3B7F000
|
stack
|
page read and write
|
||
|
5910000
|
remote allocation
|
page read and write
|
||
|
15D0000
|
direct allocation
|
page read and write
|
||
|
31D0000
|
direct allocation
|
page read and write
|
||
|
4E41000
|
heap
|
page read and write
|
||
|
52BD000
|
stack
|
page read and write
|
||
|
317F000
|
stack
|
page read and write
|
||
|
4E41000
|
heap
|
page read and write
|
||
|
16A6000
|
heap
|
page read and write
|
||
|
5420000
|
direct allocation
|
page execute and read and write
|
||
|
1550000
|
heap
|
page read and write
|
||
|
4F40000
|
trusted library allocation
|
page read and write
|
||
|
4E41000
|
heap
|
page read and write
|
||
|
73C71000
|
unkown
|
page execute read
|
||
|
18DF000
|
stack
|
page read and write
|
||
|
343E000
|
stack
|
page read and write
|
||
|
5D70000
|
heap
|
page read and write
|
||
|
58EE000
|
stack
|
page read and write
|
||
|
16C4000
|
heap
|
page read and write
|
||
|
16C4000
|
heap
|
page read and write
|
||
|
57EE000
|
stack
|
page read and write
|
||
|
36BE000
|
stack
|
page read and write
|
||
|
457F000
|
stack
|
page read and write
|
||
|
1631000
|
heap
|
page read and write
|
||
|
543D000
|
stack
|
page read and write
|
There are 179 hidden memdumps, click here to show them.