Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\LGvZDRRknR.exe
|
"C:\Users\user\Desktop\LGvZDRRknR.exe"
|
 |
|
|
C:\Windows\System32\svchost.exe
|
"C:\Windows\System32\svchost.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://154.216.20.224:9773/a36090f1390c7cab81330/1a7qev84.1gopp
|
|
||
|
https://cloudflare-dns.com/dns-query
|
unknown
|
||
|
https://cloudflare-dns.com/dns-queryMachineGuidSOFTWARE
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
154.216.20.224
|
unknown
|
Seychelles
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\SibCode
|
sn3
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
19E4DBB1000
|
direct allocation
|
page execute and read and write
|
|
|
|
19E4D980000
|
direct allocation
|
page read and write
|
|
|
|
166CD6D1000
|
direct allocation
|
page execute and read and write
|
|
|
|
166CD3B0000
|
direct allocation
|
page read and write
|
|
|
|
166CD471000
|
heap
|
page read and write
|
||
|
166CD3D0000
|
direct allocation
|
page read and write
|
||
|
166CD554000
|
heap
|
page read and write
|
||
|
19E4D9EF000
|
heap
|
page read and write
|
||
|
166CF922000
|
unkown
|
page read and write
|
||
|
19E4FB02000
|
heap
|
page read and write
|
||
|
7FF653251000
|
unkown
|
page execute read
|
||
|
19E4FF06000
|
unkown
|
page read and write
|
||
|
E711EC000
|
stack
|
page read and write
|
||
|
19E4FD08000
|
unkown
|
page read and write
|
||
|
166CF8A0000
|
unkown
|
page read and write
|
||
|
19E4D9ED000
|
heap
|
page read and write
|
||
|
19E4FE70000
|
unkown
|
page read and write
|
||
|
A02C7B000
|
stack
|
page read and write
|
||
|
166CF900000
|
heap
|
page read and write
|
||
|
166CF5C0000
|
unkown
|
page read and write
|
||
|
7FF653263000
|
unkown
|
page execute and read and write
|
||
|
E715FF000
|
stack
|
page read and write
|
||
|
7FF653263000
|
unkown
|
page execute and read and write
|
||
|
7FF6532C4000
|
unkown
|
page write copy
|
||
|
19E4DA58000
|
heap
|
page read and write
|
||
|
19E4FB90000
|
unkown
|
page read and write
|
||
|
A0279E000
|
stack
|
page read and write
|
||
|
19E4D9C6000
|
heap
|
page read and write
|
||
|
A0271B000
|
stack
|
page read and write
|
||
|
7FF653250000
|
unkown
|
page readonly
|
||
|
166CF734000
|
unkown
|
page read and write
|
||
|
19E4DA8A000
|
heap
|
page read and write
|
||
|
166CF680000
|
unkown
|
page read and write
|
||
|
166CD3B0000
|
heap
|
page read and write
|
||
|
19E4D950000
|
heap
|
page read and write
|
||
|
166CD46B000
|
heap
|
page read and write
|
||
|
19E4DA86000
|
heap
|
page read and write
|
||
|
166CD400000
|
heap
|
page read and write
|
||
|
7FF6532C4000
|
unkown
|
page write copy
|
||
|
A02B7E000
|
stack
|
page read and write
|
||
|
19E4FB90000
|
unkown
|
page read and write
|
||
|
166CD370000
|
heap
|
page read and write
|
||
|
19E4DA2F000
|
heap
|
page read and write
|
||
|
19E50105000
|
unkown
|
page read and write
|
||
|
166CF5C0000
|
unkown
|
page read and write
|
||
|
19E4FC50000
|
unkown
|
page read and write
|
||
|
166CD5A3000
|
heap
|
page read and write
|
||
|
19E4DA58000
|
heap
|
page read and write
|
||
|
19E4FEF2000
|
unkown
|
page read and write
|
||
|
166CD533000
|
heap
|
page read and write
|
||
|
166CF916000
|
unkown
|
page read and write
|
||
|
19E4D990000
|
direct allocation
|
page read and write
|
||
|
19E4D980000
|
heap
|
page read and write
|
||
|
19E4FF77000
|
unkown
|
page read and write
|
||
|
166CD370000
|
unkown
|
page execute and read and write
|
||
|
166CD500000
|
heap
|
page read and write
|
||
|
166CD513000
|
heap
|
page read and write
|
||
|
19E4FD04000
|
unkown
|
page read and write
|
||
|
166CD3C0000
|
direct allocation
|
page read and write
|
||
|
166CD413000
|
heap
|
page read and write
|
||
|
166CD510000
|
heap
|
page read and write
|
||
|
19E4FB01000
|
heap
|
page read and write
|
||
|
166CD533000
|
heap
|
page read and write
|
||
|
166CD380000
|
heap
|
page read and write
|
||
|
166CD482000
|
heap
|
page read and write
|
||
|
19E4DA30000
|
heap
|
page read and write
|
||
|
7FF6532CF000
|
unkown
|
page readonly
|
||
|
166CD3A0000
|
heap
|
page read and write
|
||
|
7FF6532CC000
|
unkown
|
page read and write
|
||
|
19E4FB90000
|
unkown
|
page read and write
|
||
|
166CF270000
|
heap
|
page readonly
|
||
|
A02A7E000
|
stack
|
page read and write
|
||
|
A02BFE000
|
stack
|
page read and write
|
||
|
19E4FB3E000
|
heap
|
page read and write
|
||
|
7FF653273000
|
unkown
|
page readonly
|
||
|
19E4FEE6000
|
unkown
|
page read and write
|
||
|
166CD50E000
|
heap
|
page read and write
|
||
|
166CD5A3000
|
heap
|
page read and write
|
||
|
166CF936000
|
unkown
|
page read and write
|
||
|
166CD536000
|
heap
|
page read and write
|
||
|
166CD45D000
|
heap
|
page read and write
|
||
|
166CD40B000
|
heap
|
page read and write
|
||
|
166CF73B000
|
unkown
|
page read and write
|
||
|
19E4DA86000
|
heap
|
page read and write
|
||
|
166CD5A5000
|
heap
|
page read and write
|
||
|
166CF7B0000
|
unkown
|
page read and write
|
||
|
7FF653273000
|
unkown
|
page readonly
|
||
|
19E4FD0B000
|
unkown
|
page read and write
|
||
|
7FF653250000
|
unkown
|
page readonly
|
||
|
19E4D9E0000
|
heap
|
page read and write
|
||
|
7FF653251000
|
unkown
|
page execute read
|
||
|
166CD6E3000
|
direct allocation
|
page execute and read and write
|
||
|
E714FE000
|
stack
|
page read and write
|
||
|
166CF620000
|
direct allocation
|
page read and write
|
||
|
166CF802000
|
heap
|
page read and write
|
||
|
7FF6532CF000
|
unkown
|
page readonly
|
||
|
19E4DBC3000
|
direct allocation
|
page execute and read and write
|
||
|
19E4D9C0000
|
heap
|
page read and write
|
||
|
166CF738000
|
unkown
|
page read and write
|
||
|
19E4D960000
|
heap
|
page read and write
|
||
|
19E4DA2F000
|
heap
|
page read and write
|
||
|
166CF5C0000
|
unkown
|
page read and write
|
||
|
166CF9A7000
|
unkown
|
page read and write
|
||
|
166CD505000
|
heap
|
page read and write
|
||
|
19E4FD80000
|
unkown
|
page read and write
|
||
|
19E4FA90000
|
heap
|
page read and write
|
||
|
19E4DA58000
|
heap
|
page read and write
|
||
|
166CFB35000
|
unkown
|
page read and write
|
||
|
166CF902000
|
heap
|
page read and write
|
There are 99 hidden memdumps, click here to show them.