Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\6uxhmwu2e4.exe
|
"C:\Users\user\Desktop\6uxhmwu2e4.exe"
|
 |
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://support.avira.com/hc/fr/sections/360003574777-Installation-et-configuration-Windows
|
unknown
|
||
|
https://support.avira.com/hc/en-us/articles/360003162153-Uninstallation-of-Avira-for-Windows
|
unknown
|
||
|
http://www.fontfont.comhttp://www.fontfont.comhttp://www.fontfont.com/eula/license.html2009
|
unknown
|
||
|
http://ocsp.sectigo.com0
|
unknown
|
||
|
https://www.avira.com/ja/end-user-license-agreement-terms-of-use
|
unknown
|
||
|
http://ocsp.entrust.net03
|
unknown
|
||
|
https://www.avira.com/it/end-user-license-agreement-terms-of-use
|
unknown
|
||
|
http://ocsp.entrust.net02
|
unknown
|
||
|
https://www.avira.com/fr/general-privacy
|
unknown
|
||
|
https://beta.avira.com/download/Ohttp://download-acc.avira.org/download/
|
unknown
|
||
|
https://support.avira.com/hc/it/sections/360003574777-Installazione-e-configurazione-Windows
|
unknown
|
||
|
https://support.avira.com/hc/en-us/articles/360003958298-Issues-with-the-installation-
|
unknown
|
||
|
https://support.avira.com/hc/it/articles/360003162153-Disinstallazione-di-Avira-per-Windows
|
unknown
|
||
|
https://www.avira.com/pt-br/general-privacy
|
unknown
|
||
|
https://dispatch.avira-update.com/
|
unknown
|
||
|
https://www.avira.com/zh-tw/legal-terms
|
unknown
|
||
|
https://www.avira.com/ja/general-privacy
|
unknown
|
||
|
https://www.avira.com/fr/end-user-license-agreement-terms-of-use
|
unknown
|
||
|
http://www.fontfont.comhttp://www.fontfont.comhttp://www.fontfont.com/eula/license.htmlKievit
|
unknown
|
||
|
https://api.my.avira.com7https://api.oeacc.avira.com
|
unknown
|
||
|
https://support.avira.com/hc/fr/articles/360003162153-D
|
unknown
|
||
|
https://www.avira.com/de/general-privacy
|
unknown
|
||
|
https://download.avira.com/download/IEndpointProtectionConfiguration.json5Creating
|
unknown
|
||
|
https://www.avira.com/it/general-privacy
|
unknown
|
||
|
https://www.avira.com/zh-tw/end-user-license-agreement-terms-of-use
|
unknown
|
||
|
http://crl.thawte.com/ThawteTimestampingCA.crl0
|
unknown
|
||
|
https://www.avira.com/zh-cn/end-user-license-agreement-terms-of-use
|
unknown
|
||
|
https://www.avira.com/ru/general-privacy
|
unknown
|
||
|
http://www.fontfont.comhttp://www.fontfont.com/licensing-web2009
|
unknown
|
||
|
https://testing.update-bridge.avira.net
|
unknown
|
||
|
https://www.avira.com/nl/end-user-license-agreement-terms-of-use
|
unknown
|
||
|
https://www.getsentry.com.
|
unknown
|
||
|
http://crl.entrust.net/ts1ca.crl0
|
unknown
|
||
|
http://www.entrust.net/rpa0
|
unknown
|
||
|
https://support.avira.com/hc/de/sections/360003574777-Installation-Konfiguration-Windows
|
unknown
|
||
|
https://support.avira.com/hc/en-us/articles/360003077114-How-do-I-remove-an-Avira-browser-extension-
|
unknown
|
||
|
https://sectigo.com/CPS0
|
unknown
|
||
|
https://www.avira.com/zh-tw/general-privacy
|
unknown
|
||
|
https://support.avira.com/hc/de/articles/360003958298-Issues-with-the-installation-
|
unknown
|
||
|
http://www.entrust.net/rpa03
|
unknown
|
||
|
http://ocsp.thawte.com0
|
unknown
|
||
|
https://www.avira.com/en/end-user-license-agreement-terms-of-use
|
unknown
|
||
|
https://www.avira.com/ja/legal-terms
|
unknown
|
||
|
http://aia.entrust.net/ts1-chain256.cer01
|
unknown
|
||
|
https://www.avira.com/nl/legal-terms
|
unknown
|
||
|
https://support.avira.com/hc/en-us
|
unknown
|
||
|
https://www.avira.com/zh-cn/legal-terms
|
unknown
|
||
|
https://support.avira.com/hc/en-us/sections/360003574777-Installation-Configuration-Windows
|
unknown
|
||
|
https://www.avira.com/de/legal-terms
|
unknown
|
||
|
https://www.avira.com/tr/end-user-license-agreement-terms-of-use
|
unknown
|
||
|
https://www.avira.com/tr/legal-terms
|
unknown
|
||
|
https://www.avira.com/zh-cn/general-privacy
|
unknown
|
||
|
http://www.fontfont.comhttp://www.fontfont.comhttp://www.fontfont.com/eula/license.html
|
unknown
|
||
|
http://james.newtonking.com/projects/json
|
unknown
|
||
|
https://www.avira.com/de/end-user-license-agreement-terms-of-use
|
unknown
|
||
|
https://www.avira.com/tr/general-privacy
|
unknown
|
||
|
http://crl.sectigo.com/SectigoRSATimeStampingCA.crl0t
|
unknown
|
||
|
https://www.avira.com/pt-br/legal-terms
|
unknown
|
||
|
http://sentry-dsn.invalid
|
unknown
|
||
|
https://www.avira.com/ru/legal-terms
|
unknown
|
||
|
https://www.avira.com/en/general-privacy
|
unknown
|
||
|
https://www.avira.com/en/legal-terms
|
unknown
|
||
|
https://www.getsentry.com
|
unknown
|
||
|
https://www.avira.com/es/legal-terms
|
unknown
|
||
|
https://www.avira.com/es/general-privacy
|
unknown
|
||
|
http://crt.sectigo.com/SectigoRSATimeStampingCA.crt0#
|
unknown
|
||
|
https://support.avira.com/hc/de/articles/360003162153-Deinstallation-von-Avira-f
|
unknown
|
||
|
https://www.newtonsoft.com/jsonschema
|
unknown
|
||
|
https://www.avira.com/ru/end-user-license-agreement-terms-of-use
|
unknown
|
||
|
http://www.fontfont.comhttp://www.fontfont.com/licensing-web
|
unknown
|
||
|
https://www.nuget.org/packages/Newtonsoft.Json.Bson
|
unknown
|
||
|
https://www.avira.com/es/end-user-license-agreement-terms-of-use
|
unknown
|
||
|
https://www.avira.com/nl/general-privacy
|
unknown
|
||
|
http://crl.entrust.net/2048ca.crl0
|
unknown
|
||
|
https://cdn-download.securebrowser.com/avira/avira_secure_browser_setup.exe
|
unknown
|
||
|
https://www.avira.com/fr/legal-terms
|
unknown
|
||
|
https://www.avira.com/it/legal-terms
|
unknown
|
||
|
https://www.entrust.net/rpa0
|
unknown
|
||
|
https://www.avira.com/de/support-for-home-knowledgebase-detail/kbid/1766
|
unknown
|
||
|
https://www.avira.com/pt-br/end-user-license-agreement-terms-of-use
|
unknown
|
There are 70 hidden URLs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
167D000
|
unkown
|
page readonly
|
||
|
1671000
|
unkown
|
page readonly
|
||
|
191D000
|
unkown
|
page readonly
|
||
|
1977000
|
unkown
|
page readonly
|
||
|
38E000
|
stack
|
page read and write
|
||
|
19CC000
|
unkown
|
page readonly
|
||
|
15FE000
|
unkown
|
page readonly
|
||
|
1416000
|
unkown
|
page readonly
|
||
|
1741000
|
unkown
|
page readonly
|
||
|
15A2000
|
unkown
|
page readonly
|
||
|
15FE000
|
unkown
|
page readonly
|
||
|
1986000
|
unkown
|
page readonly
|
||
|
19A1000
|
unkown
|
page readonly
|
||
|
1943000
|
unkown
|
page readonly
|
||
|
1614000
|
unkown
|
page readonly
|
||
|
19FB000
|
unkown
|
page readonly
|
||
|
160A000
|
unkown
|
page readonly
|
||
|
1737000
|
unkown
|
page readonly
|
||
|
1982000
|
unkown
|
page readonly
|
||
|
172B000
|
unkown
|
page readonly
|
||
|
13A1000
|
unkown
|
page execute read
|
||
|
13F3000
|
unkown
|
page readonly
|
||
|
15D2000
|
unkown
|
page readonly
|
||
|
1422000
|
unkown
|
page readonly
|
||
|
15B7000
|
unkown
|
page readonly
|
||
|
194C000
|
unkown
|
page readonly
|
||
|
1D0000
|
heap
|
page read and write
|
||
|
16CE000
|
unkown
|
page readonly
|
||
|
1986000
|
unkown
|
page readonly
|
||
|
16E3000
|
unkown
|
page readonly
|
||
|
1687000
|
unkown
|
page readonly
|
||
|
1701000
|
unkown
|
page readonly
|
||
|
1977000
|
unkown
|
page readonly
|
||
|
1741000
|
unkown
|
page readonly
|
||
|
1416000
|
unkown
|
page readonly
|
||
|
1A04000
|
unkown
|
page readonly
|
||
|
16CE000
|
unkown
|
page readonly
|
||
|
1737000
|
unkown
|
page readonly
|
||
|
15D2000
|
unkown
|
page readonly
|
||
|
1A04000
|
unkown
|
page readonly
|
||
|
170D000
|
unkown
|
page readonly
|
||
|
19BA000
|
unkown
|
page readonly
|
||
|
17D000
|
stack
|
page read and write
|
||
|
1717000
|
unkown
|
page readonly
|
||
|
1671000
|
unkown
|
page readonly
|
||
|
1717000
|
unkown
|
page readonly
|
||
|
13A1000
|
unkown
|
page execute read
|
||
|
1946000
|
unkown
|
page readonly
|
||
|
167D000
|
unkown
|
page readonly
|
||
|
19CC000
|
unkown
|
page readonly
|
||
|
15DD000
|
unkown
|
page readonly
|
||
|
1911000
|
unkown
|
page readonly
|
||
|
1614000
|
unkown
|
page readonly
|
||
|
15E7000
|
unkown
|
page readonly
|
||
|
15A2000
|
unkown
|
page readonly
|
||
|
15E7000
|
unkown
|
page readonly
|
||
|
19BA000
|
unkown
|
page readonly
|
||
|
1911000
|
unkown
|
page readonly
|
||
|
15AD000
|
unkown
|
page readonly
|
||
|
142C000
|
unkown
|
page readonly
|
||
|
191D000
|
unkown
|
page readonly
|
||
|
142C000
|
unkown
|
page readonly
|
||
|
140B000
|
unkown
|
page write copy
|
||
|
16D9000
|
unkown
|
page readonly
|
||
|
3E0000
|
heap
|
page read and write
|
||
|
15B1000
|
unkown
|
page readonly
|
||
|
1422000
|
unkown
|
page readonly
|
||
|
1410000
|
unkown
|
page readonly
|
||
|
1982000
|
unkown
|
page readonly
|
||
|
1937000
|
unkown
|
page readonly
|
||
|
198C000
|
unkown
|
page readonly
|
||
|
1701000
|
unkown
|
page readonly
|
||
|
19F1000
|
unkown
|
page readonly
|
||
|
16DD000
|
unkown
|
page readonly
|
||
|
19E6000
|
unkown
|
page readonly
|
||
|
198C000
|
unkown
|
page readonly
|
||
|
15DD000
|
unkown
|
page readonly
|
||
|
19E6000
|
unkown
|
page readonly
|
||
|
1410000
|
unkown
|
page readonly
|
||
|
16E3000
|
unkown
|
page readonly
|
||
|
1687000
|
unkown
|
page readonly
|
||
|
15B1000
|
unkown
|
page readonly
|
||
|
16DD000
|
unkown
|
page readonly
|
||
|
140B000
|
unkown
|
page write copy
|
||
|
194C000
|
unkown
|
page readonly
|
||
|
160A000
|
unkown
|
page readonly
|
||
|
170D000
|
unkown
|
page readonly
|
||
|
1946000
|
unkown
|
page readonly
|
||
|
172B000
|
unkown
|
page readonly
|
||
|
16D9000
|
unkown
|
page readonly
|
||
|
15B7000
|
unkown
|
page readonly
|
||
|
1937000
|
unkown
|
page readonly
|
||
|
1943000
|
unkown
|
page readonly
|
||
|
160D000
|
unkown
|
page readonly
|
||
|
19A1000
|
unkown
|
page readonly
|
||
|
13A0000
|
unkown
|
page readonly
|
||
|
160D000
|
unkown
|
page readonly
|
||
|
13F3000
|
unkown
|
page readonly
|
||
|
19FB000
|
unkown
|
page readonly
|
||
|
13A0000
|
unkown
|
page readonly
|
||
|
19F1000
|
unkown
|
page readonly
|
||
|
15AD000
|
unkown
|
page readonly
|
There are 92 hidden memdumps, click here to show them.