Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\unpacked_svchost.exe
|
"C:\Users\user\Desktop\unpacked_svchost.exe"
|
 |
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://nizaoplov.xyz/photo.png?id=011E3D33FBC8A0E3EE00FF0000000000000000
|
unknown
|
||
|
https://ilu21plane.xyz/
|
unknown
|
||
|
https://nizaoplov.xyz/A_
|
unknown
|
||
|
https://nizaoplov.xyz/photo.png?id=011E3D33FBC8A0E3EE00FF0000000000000000V)T
|
unknown
|
||
|
https://nizaoplov.xyz/photo.png?id=011E3D33FBC8A0E3EE00FF00000000000000000004
|
unknown
|
||
|
https://153ishak.best/A_
|
unknown
|
||
|
https://nizaoplov.xyz/
|
unknown
|
||
|
https://boldidiotruss.xyz/photo.png?id=011E3D33FBC8A0E3EE00FF00000000000000004
|
unknown
|
||
|
https://boldidiotruss.xyz/-
|
unknown
|
||
|
https://boldidiotruss.xyz/photo.png?id=011E3D33FBC8A0E3EE00FF0000000000000000
|
unknown
|
||
|
https://boldidiotruss.xyz/
|
unknown
|
||
|
https://boldidiotruss.xyz/1
|
unknown
|
There are 2 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
nizaoplov.xyz
|
unknown
|
|
|
|
boldidiotruss.xyz
|
unknown
|
|
|
|
ilu21plane.xyz
|
unknown
|
|
|
|
153ishak.best
|
unknown
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
133B000
|
heap
|
page read and write
|
||
|
33E0000
|
remote allocation
|
page read and write
|
||
|
134C000
|
heap
|
page read and write
|
||
|
1002000
|
unkown
|
page readonly
|
||
|
1000000
|
unkown
|
page readonly
|
||
|
1004000
|
unkown
|
page readonly
|
||
|
134F000
|
heap
|
page read and write
|
||
|
1328000
|
heap
|
page read and write
|
||
|
1328000
|
heap
|
page read and write
|
||
|
134F000
|
heap
|
page read and write
|
||
|
304E000
|
stack
|
page read and write
|
||
|
1001000
|
unkown
|
page execute read
|
||
|
1339000
|
heap
|
page read and write
|
||
|
32CE000
|
stack
|
page read and write
|
||
|
33E0000
|
remote allocation
|
page read and write
|
||
|
342E000
|
stack
|
page read and write
|
||
|
1368000
|
heap
|
page read and write
|
||
|
1003000
|
unkown
|
page read and write
|
||
|
135D000
|
heap
|
page read and write
|
||
|
1339000
|
heap
|
page read and write
|
||
|
12FE000
|
heap
|
page read and write
|
||
|
2F0D000
|
stack
|
page read and write
|
||
|
134F000
|
heap
|
page read and write
|
||
|
134C000
|
heap
|
page read and write
|
||
|
1368000
|
heap
|
page read and write
|
||
|
12E0000
|
heap
|
page read and write
|
||
|
1358000
|
heap
|
page read and write
|
||
|
1170000
|
heap
|
page read and write
|
||
|
1004000
|
unkown
|
page readonly
|
||
|
1002000
|
unkown
|
page readonly
|
||
|
1358000
|
heap
|
page read and write
|
||
|
314D000
|
stack
|
page read and write
|
||
|
BCC000
|
stack
|
page read and write
|
||
|
352E000
|
stack
|
page read and write
|
||
|
1000000
|
unkown
|
page readonly
|
||
|
300E000
|
stack
|
page read and write
|
||
|
1358000
|
heap
|
page read and write
|
||
|
1368000
|
heap
|
page read and write
|
||
|
12F0000
|
heap
|
page read and write
|
||
|
134F000
|
heap
|
page read and write
|
||
|
328F000
|
stack
|
page read and write
|
||
|
33E0000
|
remote allocation
|
page read and write
|
||
|
12FA000
|
heap
|
page read and write
|
||
|
1358000
|
heap
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
318E000
|
stack
|
page read and write
|
||
|
33CF000
|
stack
|
page read and write
|
||
|
1003000
|
unkown
|
page write copy
|
||
|
1001000
|
unkown
|
page execute read
|
||
|
EFC000
|
stack
|
page read and write
|
||
|
1010000
|
heap
|
page read and write
|
There are 41 hidden memdumps, click here to show them.