Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\service_worker.js"
|
 |
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://francjohn.com/api/action/
|
unknown
|
||
|
https://francjohn.com/api/config/
|
unknown
|
||
|
https://francjohn.com/uninstall/
|
unknown
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1A6B4520000
|
heap
|
page read and write
|
||
|
1A6B4510000
|
heap
|
page read and write
|
||
|
1A6B4539000
|
heap
|
page read and write
|
||
|
1A6B4501000
|
heap
|
page read and write
|
||
|
1A6B4541000
|
heap
|
page read and write
|
||
|
1A6B4520000
|
heap
|
page read and write
|
||
|
1A6B450F000
|
heap
|
page read and write
|
||
|
1A6B7C80000
|
trusted library allocation
|
page read and write
|
||
|
1A6B4520000
|
heap
|
page read and write
|
||
|
1A6B4470000
|
heap
|
page read and write
|
||
|
1A6B453D000
|
heap
|
page read and write
|
||
|
BF39FE000
|
stack
|
page read and write
|
||
|
1A6B4520000
|
heap
|
page read and write
|
||
|
BF3CFE000
|
stack
|
page read and write
|
||
|
BF3BFE000
|
stack
|
page read and write
|
||
|
1A6B4501000
|
heap
|
page read and write
|
||
|
1A6B4542000
|
heap
|
page read and write
|
||
|
1A6B44A0000
|
heap
|
page read and write
|
||
|
1A6B4545000
|
heap
|
page read and write
|
||
|
1A6B453D000
|
heap
|
page read and write
|
||
|
1A6B4539000
|
heap
|
page read and write
|
||
|
1A6B451E000
|
heap
|
page read and write
|
||
|
1A6B453D000
|
heap
|
page read and write
|
||
|
BF33CA000
|
stack
|
page read and write
|
||
|
1A6B44FD000
|
heap
|
page read and write
|
||
|
1A6B4549000
|
heap
|
page read and write
|
||
|
1A6B4521000
|
heap
|
page read and write
|
||
|
BF38FE000
|
stack
|
page read and write
|
||
|
1A6B4539000
|
heap
|
page read and write
|
||
|
BF3AFF000
|
stack
|
page read and write
|
||
|
1A6B60D4000
|
heap
|
page read and write
|
||
|
1A6B4539000
|
heap
|
page read and write
|
||
|
1A6B60D0000
|
heap
|
page read and write
|
||
|
1A6B4480000
|
heap
|
page read and write
|
||
|
1A6B4520000
|
heap
|
page read and write
|
||
|
1A6B4541000
|
heap
|
page read and write
|
||
|
1A6B455E000
|
heap
|
page read and write
|
||
|
1A6B47B0000
|
heap
|
page read and write
|
||
|
1A6B44E9000
|
heap
|
page read and write
|
||
|
1A6B452F000
|
heap
|
page read and write
|
||
|
1A6B453D000
|
heap
|
page read and write
|
||
|
1A6B47BE000
|
heap
|
page read and write
|
||
|
1A6B4541000
|
heap
|
page read and write
|
||
|
1A6B4541000
|
heap
|
page read and write
|
||
|
1A6B4549000
|
heap
|
page read and write
|
||
|
1A6B5FF0000
|
heap
|
page read and write
|
||
|
1A6B4539000
|
heap
|
page read and write
|
||
|
1A6B4539000
|
heap
|
page read and write
|
||
|
1A6B4516000
|
heap
|
page read and write
|
||
|
BF36FE000
|
stack
|
page read and write
|
||
|
1A6B4535000
|
heap
|
page read and write
|
||
|
1A6B453D000
|
heap
|
page read and write
|
||
|
1A6B8480000
|
heap
|
page read and write
|
||
|
1A6B44E0000
|
heap
|
page read and write
|
||
|
1A6B455C000
|
heap
|
page read and write
|
||
|
1A6B47B5000
|
heap
|
page read and write
|
||
|
1A6B4541000
|
heap
|
page read and write
|
||
|
1A6B453D000
|
heap
|
page read and write
|
||
|
1A6B4543000
|
heap
|
page read and write
|
||
|
1A6B4534000
|
heap
|
page read and write
|
||
|
BF37FD000
|
stack
|
page read and write
|
||
|
1A6B4522000
|
heap
|
page read and write
|
||
|
1A6B4515000
|
heap
|
page read and write
|
||
|
1A6B4541000
|
heap
|
page read and write
|
There are 54 hidden memdumps, click here to show them.