Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\1707765188292b82159fb496a7b8faef3eed8405341a5e1f23597583777c553dcec1a90478611.dat-decoded.exe
|
C:\Users\user\Desktop\1707765188292b82159fb496a7b8faef3eed8405341a5e1f23597583777c553dcec1a90478611.dat-decoded.exe
|
 |
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
xwv5group7001.duckdns.org
|
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
xwv5group7001.duckdns.org
|
163.172.59.233
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
163.172.59.233
|
xwv5group7001.duckdns.org
|
United Kingdom
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
29F1000
|
trusted library allocation
|
page read and write
|
|
|
|
6F2000
|
unkown
|
page readonly
|
|
|
|
CD5000
|
heap
|
page read and write
|
||
|
7FFD9B7AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BFF8000
|
stack
|
page read and write
|
||
|
1AD7B000
|
heap
|
page read and write
|
||
|
2D20000
|
trusted library allocation
|
page read and write
|
||
|
C5C000
|
heap
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
1B80E000
|
stack
|
page read and write
|
||
|
BFC000
|
heap
|
page read and write
|
||
|
F75000
|
heap
|
page read and write
|
||
|
1B704000
|
stack
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B83C000
|
trusted library allocation
|
page execute and read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
7FFD9B784000
|
trusted library allocation
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
2830000
|
heap
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
1B505000
|
stack
|
page read and write
|
||
|
1BA73000
|
heap
|
page read and write
|
||
|
7FFD9B792000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
||
|
12A01000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B866000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B340000
|
heap
|
page read and write
|
||
|
D6F000
|
unkown
|
page read and write
|
||
|
1B400000
|
heap
|
page execute and read and write
|
||
|
7FFD9B836000
|
trusted library allocation
|
page read and write
|
||
|
1BEFC000
|
stack
|
page read and write
|
||
|
2A3B000
|
trusted library allocation
|
page read and write
|
||
|
F20000
|
trusted library allocation
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
C25000
|
heap
|
page read and write
|
||
|
1BA7E000
|
heap
|
page read and write
|
||
|
7FFD9B7A0000
|
trusted library allocation
|
page read and write
|
||
|
C23000
|
heap
|
page read and write
|
||
|
1BA40000
|
heap
|
page read and write
|
||
|
C30000
|
heap
|
page read and write
|
||
|
AF1000
|
stack
|
page read and write
|
||
|
7FFD9B7DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B3D0000
|
heap
|
page read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page read and write
|
||
|
1B343000
|
heap
|
page read and write
|
||
|
1AA20000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page execute and read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
7FFD9B830000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B840000
|
trusted library allocation
|
page execute and read and write
|
||
|
C33000
|
heap
|
page read and write
|
||
|
6F0000
|
unkown
|
page readonly
|
||
|
7FFD9B8A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
CBC000
|
heap
|
page read and write
|
||
|
1AF7D000
|
stack
|
page read and write
|
||
|
29AF000
|
stack
|
page read and write
|
||
|
1C1FC000
|
stack
|
page read and write
|
||
|
7FF46ABD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BDFC000
|
stack
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
F30000
|
trusted library allocation
|
page read and write
|
||
|
C75000
|
heap
|
page read and write
|
||
|
1B33F000
|
stack
|
page read and write
|
||
|
F33000
|
trusted library allocation
|
page read and write
|
||
|
CC8000
|
heap
|
page read and write
|
||
|
28A0000
|
heap
|
page execute and read and write
|
||
|
E6F000
|
stack
|
page read and write
|
||
|
129F1000
|
trusted library allocation
|
page read and write
|
||
|
C1A000
|
heap
|
page read and write
|
||
|
6F0000
|
unkown
|
page readonly
|
||
|
F00000
|
trusted library allocation
|
page read and write
|
||
|
107E000
|
stack
|
page read and write
|
||
|
CAC000
|
heap
|
page read and write
|
||
|
7FFD9B783000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B60A000
|
stack
|
page read and write
|
||
|
C05000
|
heap
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
29E0000
|
heap
|
page read and write
|
||
|
1BA10000
|
heap
|
page read and write
|
||
|
CB1000
|
heap
|
page read and write
|
||
|
129F8000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7C5000
|
heap
|
page read and write
|
There are 74 hidden memdumps, click here to show them.