Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Users\user\Desktop\download\trinity-player.js
|
ASCII text, with very long lines (65536), with no line terminators
|
dropped
|
 |
|
|
C:\Users\user\Desktop\cmdline.out
|
ASCII text, with CRLF line terminators
|
modified
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\download\trinity-player.js"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c wget -t 2 -v -T 60 -P "C:\Users\user\Desktop\download" --no-check-certificate --content-disposition
--user-agent="Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; AS; rv:11.0) like Gecko" "https://vd.trinitymedia.ai/trinity-player/tts-player/20240326_55ac2d82cc134f115fe47a2f6d79101d1306d03c/trinity-player.js"
> cmdline.out 2>&1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\wget.exe
|
wget -t 2 -v -T 60 -P "C:\Users\user\Desktop\download" --no-check-certificate --content-disposition --user-agent="Mozilla/5.0
(Windows NT 6.1; WOW64; Trident/7.0; AS; rv:11.0) like Gecko" "https://vd.trinitymedia.ai/trinity-player/tts-player/20240326_55ac2d82cc134f115fe47a2f6d79101d1306d03c/trinity-player.js"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://vd.trinitymedia.ai/trinity-player/tts-player/20240326_55ac2d82cc134f115fe47a2f6d79101d1306d03c/trinity-player.js
|
|||
|
https://vd.t=G
|
unknown
|
||
|
https://vd.trinitymedia.ai/trinity-player/tts-player/20240326_55ac2d82cc134f115fe47a2f6d79101d1306d0
|
unknown
|
||
|
https://vd.trinitymedia.ai/trinity-player/tts-player/20240326_55ac2d82cc134f115fe47a2f6d79101d1306d03c/trinity-player.js
|
37.19.207.34
|
||
|
https://vd.trinitymedia.ai/trinity-player/tts-player/20240326_55ac2d82cc134f115
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
staticvim.b-cdn.net
|
37.19.207.34
|
||
|
vd.trinitymedia.ai
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
37.19.207.34
|
staticvim.b-cdn.net
|
Ukraine
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1F5ECD8A000
|
heap
|
page read and write
|
||
|
1F5ED536000
|
heap
|
page read and write
|
||
|
1F5EAEE1000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
1F5ECD9D000
|
heap
|
page read and write
|
||
|
1F5ECD99000
|
heap
|
page read and write
|
||
|
10DE000
|
stack
|
page read and write
|
||
|
1F5ECC71000
|
heap
|
page read and write
|
||
|
1F5ECD7C000
|
heap
|
page read and write
|
||
|
1E6000
|
heap
|
page read and write
|
||
|
1F5ECDD1000
|
heap
|
page read and write
|
||
|
1F5ECD9A000
|
heap
|
page read and write
|
||
|
110C000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
1F5EAE30000
|
heap
|
page read and write
|
||
|
1F5ECD95000
|
heap
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
110B000
|
heap
|
page read and write
|
||
|
1F5ED1F7000
|
heap
|
page read and write
|
||
|
1F5ECD95000
|
heap
|
page read and write
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
1F5EACF0000
|
heap
|
page read and write
|
||
|
1F5ECD79000
|
heap
|
page read and write
|
||
|
3CF43FE000
|
stack
|
page read and write
|
||
|
FAB000
|
heap
|
page read and write
|
||
|
1F5ECD82000
|
heap
|
page read and write
|
||
|
1F5EAEC0000
|
heap
|
page read and write
|
||
|
1F5ECE71000
|
heap
|
page read and write
|
||
|
1F5ECD70000
|
heap
|
page read and write
|
||
|
1F5EAEE1000
|
heap
|
page read and write
|
||
|
1F5ECD7E000
|
heap
|
page read and write
|
||
|
1F5ECD7E000
|
heap
|
page read and write
|
||
|
1F5ECD79000
|
heap
|
page read and write
|
||
|
1F5ECD5C000
|
heap
|
page read and write
|
||
|
1F5ECD42000
|
heap
|
page read and write
|
||
|
1F5ECD79000
|
heap
|
page read and write
|
||
|
1F5ECDD1000
|
heap
|
page read and write
|
||
|
1F5ED3B0000
|
heap
|
page read and write
|
||
|
1F5ECD76000
|
heap
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
1F5EAEE9000
|
heap
|
page read and write
|
||
|
1F5ED536000
|
heap
|
page read and write
|
||
|
1F5ECD9D000
|
heap
|
page read and write
|
||
|
FE4000
|
heap
|
page read and write
|
||
|
1F5ECD71000
|
heap
|
page read and write
|
||
|
1F5ECD99000
|
heap
|
page read and write
|
||
|
B3E000
|
stack
|
page read and write
|
||
|
1F5ECD99000
|
heap
|
page read and write
|
||
|
1105000
|
heap
|
page read and write
|
||
|
1F5EAF00000
|
heap
|
page read and write
|
||
|
1F5ED474000
|
heap
|
page read and write
|
||
|
1F5EAEFF000
|
heap
|
page read and write
|
||
|
1F5ED135000
|
heap
|
page read and write
|
||
|
3CF3F6A000
|
stack
|
page read and write
|
||
|
1F5ECD95000
|
heap
|
page read and write
|
||
|
100000
|
heap
|
page read and write
|
||
|
1F5ECD33000
|
heap
|
page read and write
|
||
|
1F5EAEDC000
|
heap
|
page read and write
|
||
|
FD8000
|
heap
|
page read and write
|
||
|
1F5ECD86000
|
heap
|
page read and write
|
||
|
1F5EADD0000
|
heap
|
page read and write
|
||
|
1F5ECD72000
|
heap
|
page read and write
|
||
|
FDC000
|
heap
|
page read and write
|
||
|
1F5ECD79000
|
heap
|
page read and write
|
||
|
1F5ECD3E000
|
heap
|
page read and write
|
||
|
1F5EAEE8000
|
heap
|
page read and write
|
||
|
1F5EAEC8000
|
heap
|
page read and write
|
||
|
1F5ECD81000
|
heap
|
page read and write
|
||
|
1F5EAE35000
|
heap
|
page read and write
|
||
|
3CF42FE000
|
stack
|
page read and write
|
||
|
1F5ECDD2000
|
heap
|
page read and write
|
||
|
1F5EC834000
|
heap
|
page read and write
|
||
|
1F5ED27E000
|
heap
|
page read and write
|
||
|
3CF45FF000
|
stack
|
page read and write
|
||
|
3CF49FF000
|
stack
|
page read and write
|
||
|
1F5ECD7C000
|
heap
|
page read and write
|
||
|
1F5ECD3E000
|
heap
|
page read and write
|
||
|
1F5ED070000
|
heap
|
page read and write
|
||
|
3CF48FE000
|
stack
|
page read and write
|
||
|
1F5ECDD1000
|
heap
|
page read and write
|
||
|
1F5ECD3A000
|
heap
|
page read and write
|
||
|
1F5ECD74000
|
heap
|
page read and write
|
||
|
FE2000
|
heap
|
page read and write
|
||
|
1F5ED3B1000
|
heap
|
page read and write
|
||
|
FAD000
|
heap
|
page read and write
|
||
|
F7F000
|
stack
|
page read and write
|
||
|
1F5ECC70000
|
heap
|
page read and write
|
||
|
D3F000
|
stack
|
page read and write
|
||
|
9CC000
|
stack
|
page read and write
|
||
|
1F5ECE70000
|
heap
|
page read and write
|
||
|
1F5ECD99000
|
heap
|
page read and write
|
||
|
1F5ECD99000
|
heap
|
page read and write
|
||
|
1F5ECD73000
|
heap
|
page read and write
|
||
|
1F5ECD42000
|
heap
|
page read and write
|
||
|
1F5ECD3E000
|
heap
|
page read and write
|
||
|
D7E000
|
stack
|
page read and write
|
||
|
1F5ECD8E000
|
heap
|
page read and write
|
||
|
1F5ECD95000
|
heap
|
page read and write
|
||
|
1F5ED133000
|
heap
|
page read and write
|
||
|
1F5ED071000
|
heap
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
1F5EADF0000
|
heap
|
page read and write
|
||
|
1F5ECD95000
|
heap
|
page read and write
|
||
|
3CF46FE000
|
stack
|
page read and write
|
||
|
2DEF000
|
stack
|
page read and write
|
||
|
1F5EC830000
|
heap
|
page read and write
|
||
|
1F5EF010000
|
trusted library allocation
|
page read and write
|
||
|
1F5ECD92000
|
heap
|
page read and write
|
||
|
3CF47FF000
|
stack
|
page read and write
|
||
|
A08000
|
heap
|
page read and write
|
||
|
1F5ECDD1000
|
heap
|
page read and write
|
||
|
1F5ECD42000
|
heap
|
page read and write
|
||
|
1F5EC780000
|
heap
|
page read and write
|
||
|
1F5ECD99000
|
heap
|
page read and write
|
There are 108 hidden memdumps, click here to show them.