Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
RFQ#1047.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\RFQ#1047.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\RFQ#1047.exe
|
"C:\Users\user\Desktop\RFQ#1047.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
||
|
http://r3.o
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://r3.i.lencr.org/0
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
http://x1.c.lencr.org/0
|
unknown
|
||
|
http://x1.i.lencr.org/0
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
http://r3.o.lencr.org0
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://x1.c.le
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
There are 22 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
mail.xpl.co.nz
|
203.170.87.105
|
|
|
|
fp2e7a.wpc.phicdn.net
|
192.229.211.108
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
203.170.87.105
|
mail.xpl.co.nz
|
Australia
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2D2E000
|
trusted library allocation
|
page read and write
|
|
|
|
2D58000
|
trusted library allocation
|
page read and write
|
|
|
|
2CE1000
|
trusted library allocation
|
page read and write
|
|
|
|
3BE3000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
5460000
|
heap
|
page execute and read and write
|
||
|
2DA1000
|
trusted library allocation
|
page read and write
|
||
|
2900000
|
trusted library allocation
|
page execute and read and write
|
||
|
51A0000
|
heap
|
page read and write
|
||
|
D72000
|
trusted library allocation
|
page read and write
|
||
|
B53000
|
heap
|
page read and write
|
||
|
72CE000
|
stack
|
page read and write
|
||
|
6C00000
|
heap
|
page read and write
|
||
|
7970000
|
trusted library allocation
|
page read and write
|
||
|
4EC0000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
2AE0000
|
trusted library allocation
|
page read and write
|
||
|
FFD00000
|
trusted library allocation
|
page execute and read and write
|
||
|
679E000
|
stack
|
page read and write
|
||
|
10A6000
|
heap
|
page read and write
|
||
|
675D000
|
stack
|
page read and write
|
||
|
A95000
|
heap
|
page read and write
|
||
|
EEE000
|
stack
|
page read and write
|
||
|
1074000
|
heap
|
page read and write
|
||
|
76A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
BA0E000
|
stack
|
page read and write
|
||
|
A40000
|
trusted library allocation
|
page read and write
|
||
|
8BF0000
|
heap
|
page read and write
|
||
|
6460000
|
trusted library allocation
|
page execute and read and write
|
||
|
56CE000
|
unkown
|
page read and write
|
||
|
2D54000
|
trusted library allocation
|
page read and write
|
||
|
74A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B66000
|
trusted library allocation
|
page read and write
|
||
|
3D09000
|
trusted library allocation
|
page read and write
|
||
|
4F60000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D9D000
|
trusted library allocation
|
page read and write
|
||
|
52E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
695E000
|
stack
|
page read and write
|
||
|
4E40000
|
heap
|
page read and write
|
||
|
5270000
|
trusted library allocation
|
page read and write
|
||
|
61F0000
|
heap
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
518B000
|
stack
|
page read and write
|
||
|
5300000
|
heap
|
page read and write
|
||
|
4F50000
|
trusted library allocation
|
page read and write
|
||
|
39C6000
|
trusted library allocation
|
page read and write
|
||
|
2AF0000
|
heap
|
page read and write
|
||
|
2D95000
|
trusted library allocation
|
page read and write
|
||
|
8FBD000
|
stack
|
page read and write
|
||
|
8BF2000
|
heap
|
page read and write
|
||
|
4EDA000
|
trusted library allocation
|
page read and write
|
||
|
5130000
|
trusted library allocation
|
page read and write
|
||
|
5190000
|
trusted library section
|
page readonly
|
||
|
4D0000
|
unkown
|
page readonly
|
||
|
1068000
|
heap
|
page read and write
|
||
|
EF8000
|
stack
|
page read and write
|
||
|
75D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
10D7000
|
heap
|
page read and write
|
||
|
EF0000
|
trusted library allocation
|
page read and write
|
||
|
11EE000
|
stack
|
page read and write
|
||
|
A43000
|
trusted library allocation
|
page execute and read and write
|
||
|
75CE000
|
stack
|
page read and write
|
||
|
2BBC000
|
stack
|
page read and write
|
||
|
6320000
|
trusted library allocation
|
page read and write
|
||
|
990000
|
heap
|
page read and write
|
||
|
A5D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D6B000
|
trusted library allocation
|
page read and write
|
||
|
74C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
10A9000
|
heap
|
page read and write
|
||
|
52BE000
|
stack
|
page read and write
|
||
|
6BF0000
|
heap
|
page read and write
|
||
|
4F83000
|
heap
|
page read and write
|
||
|
2AD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
637D000
|
stack
|
page read and write
|
||
|
2D8F000
|
trusted library allocation
|
page read and write
|
||
|
937000
|
stack
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
2D8D000
|
trusted library allocation
|
page read and write
|
||
|
5322000
|
trusted library allocation
|
page read and write
|
||
|
513D000
|
trusted library allocation
|
page read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
53EE000
|
stack
|
page read and write
|
||
|
7960000
|
trusted library allocation
|
page execute and read and write
|
||
|
3CE1000
|
trusted library allocation
|
page read and write
|
||
|
A60000
|
heap
|
page read and write
|
||
|
F50000
|
heap
|
page read and write
|
||
|
12C0000
|
heap
|
page read and write
|
||
|
D70000
|
trusted library allocation
|
page read and write
|
||
|
1476000
|
trusted library allocation
|
page execute and read and write
|
||
|
D76000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F7D000
|
stack
|
page read and write
|
||
|
52C0000
|
trusted library allocation
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
665E000
|
stack
|
page read and write
|
||
|
3D48000
|
trusted library allocation
|
page read and write
|
||
|
7550000
|
trusted library section
|
page read and write
|
||
|
B29000
|
heap
|
page read and write
|
||
|
2DA3000
|
trusted library allocation
|
page read and write
|
||
|
2CDF000
|
stack
|
page read and write
|
||
|
55AC000
|
stack
|
page read and write
|
||
|
6262000
|
heap
|
page read and write
|
||
|
1472000
|
trusted library allocation
|
page read and write
|
||
|
8CA3000
|
heap
|
page read and write
|
||
|
532E000
|
trusted library allocation
|
page read and write
|
||
|
4ED0000
|
trusted library allocation
|
page read and write
|
||
|
F57000
|
heap
|
page read and write
|
||
|
D6D000
|
stack
|
page read and write
|
||
|
A6E000
|
heap
|
page read and write
|
||
|
7560000
|
trusted library allocation
|
page read and write
|
||
|
58BC000
|
trusted library allocation
|
page read and write
|
||
|
1014000
|
heap
|
page read and write
|
||
|
2DA5000
|
trusted library allocation
|
page read and write
|
||
|
8C41000
|
heap
|
page read and write
|
||
|
2AA5000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D2000
|
unkown
|
page readonly
|
||
|
77DF000
|
stack
|
page read and write
|
||
|
58A0000
|
trusted library allocation
|
page read and write
|
||
|
B09000
|
heap
|
page read and write
|
||
|
2D47000
|
trusted library allocation
|
page read and write
|
||
|
2910000
|
heap
|
page execute and read and write
|
||
|
2D6D000
|
trusted library allocation
|
page read and write
|
||
|
5265000
|
heap
|
page read and write
|
||
|
645D000
|
stack
|
page read and write
|
||
|
5331000
|
trusted library allocation
|
page read and write
|
||
|
58A9000
|
trusted library allocation
|
page read and write
|
||
|
6310000
|
trusted library allocation
|
page read and write
|
||
|
5530000
|
trusted library allocation
|
page read and write
|
||
|
6EF0000
|
heap
|
page read and write
|
||
|
29F4000
|
trusted library allocation
|
page read and write
|
||
|
A4D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F00000
|
trusted library allocation
|
page read and write
|
||
|
A6A000
|
heap
|
page read and write
|
||
|
4DE8000
|
trusted library allocation
|
page read and write
|
||
|
4E9D000
|
trusted library allocation
|
page read and write
|
||
|
8E40000
|
heap
|
page read and write
|
||
|
2B3E000
|
stack
|
page read and write
|
||
|
D2F000
|
stack
|
page read and write
|
||
|
6470000
|
trusted library allocation
|
page read and write
|
||
|
12BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
8CF0000
|
trusted library allocation
|
page read and write
|
||
|
5440000
|
heap
|
page read and write
|
||
|
9EE000
|
stack
|
page read and write
|
||
|
740F000
|
stack
|
page read and write
|
||
|
2D87000
|
trusted library allocation
|
page read and write
|
||
|
2D71000
|
trusted library allocation
|
page read and write
|
||
|
A50000
|
trusted library allocation
|
page read and write
|
||
|
8C00000
|
heap
|
page read and write
|
||
|
A25000
|
heap
|
page read and write
|
||
|
54AC000
|
stack
|
page read and write
|
||
|
A88000
|
heap
|
page read and write
|
||
|
D87000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B37000
|
trusted library allocation
|
page read and write
|
||
|
8F7D000
|
stack
|
page read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
2AC0000
|
trusted library allocation
|
page read and write
|
||
|
2DA9000
|
trusted library allocation
|
page read and write
|
||
|
8FF0000
|
trusted library section
|
page read and write
|
||
|
2D66000
|
trusted library allocation
|
page read and write
|
||
|
D7A000
|
trusted library allocation
|
page execute and read and write
|
||
|
2921000
|
trusted library allocation
|
page read and write
|
||
|
5360000
|
heap
|
page read and write
|
||
|
6326000
|
trusted library allocation
|
page read and write
|
||
|
7980000
|
trusted library allocation
|
page read and write
|
||
|
D82000
|
trusted library allocation
|
page read and write
|
||
|
74B0000
|
trusted library allocation
|
page read and write
|
||
|
8C95000
|
heap
|
page read and write
|
||
|
52E0000
|
trusted library allocation
|
page read and write
|
||
|
49AD000
|
stack
|
page read and write
|
||
|
FE8000
|
heap
|
page read and write
|
||
|
2BD0000
|
heap
|
page execute and read and write
|
||
|
495E000
|
stack
|
page read and write
|
||
|
49FC000
|
stack
|
page read and write
|
||
|
F70000
|
heap
|
page read and write
|
||
|
4DDE000
|
stack
|
page read and write
|
||
|
4F80000
|
heap
|
page read and write
|
||
|
8E3D000
|
stack
|
page read and write
|
||
|
4EB0000
|
trusted library allocation
|
page read and write
|
||
|
641E000
|
stack
|
page read and write
|
||
|
6A5E000
|
stack
|
page read and write
|
||
|
A30000
|
trusted library allocation
|
page read and write
|
||
|
2D9F000
|
trusted library allocation
|
page read and write
|
||
|
52C0000
|
heap
|
page read and write
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
4960000
|
trusted library allocation
|
page read and write
|
||
|
2D93000
|
trusted library allocation
|
page read and write
|
||
|
A38F000
|
stack
|
page read and write
|
||
|
2AA2000
|
trusted library allocation
|
page read and write
|
||
|
7680000
|
trusted library section
|
page read and write
|
||
|
552E000
|
stack
|
page read and write
|
||
|
12B0000
|
trusted library allocation
|
page read and write
|
||
|
8CF5000
|
trusted library allocation
|
page read and write
|
||
|
4E96000
|
trusted library allocation
|
page read and write
|
||
|
6BC0000
|
heap
|
page read and write
|
||
|
6B9E000
|
stack
|
page read and write
|
||
|
542F000
|
heap
|
page read and write
|
||
|
5342000
|
trusted library allocation
|
page read and write
|
||
|
730E000
|
stack
|
page read and write
|
||
|
2BC0000
|
trusted library allocation
|
page read and write
|
||
|
5250000
|
heap
|
page read and write
|
||
|
147A000
|
trusted library allocation
|
page execute and read and write
|
||
|
A08D000
|
trusted library allocation
|
page read and write
|
||
|
3A14000
|
trusted library allocation
|
page read and write
|
||
|
8C4B000
|
heap
|
page read and write
|
||
|
28FE000
|
stack
|
page read and write
|
||
|
5310000
|
trusted library allocation
|
page read and write
|
||
|
52D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
51B0000
|
heap
|
page read and write
|
||
|
2D91000
|
trusted library allocation
|
page read and write
|
||
|
2D85000
|
trusted library allocation
|
page read and write
|
||
|
7570000
|
trusted library allocation
|
page read and write
|
||
|
53F0000
|
heap
|
page read and write
|
||
|
2D99000
|
trusted library allocation
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
5260000
|
heap
|
page read and write
|
||
|
1460000
|
trusted library allocation
|
page read and write
|
||
|
2B7B000
|
trusted library allocation
|
page read and write
|
||
|
12B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
10C1000
|
heap
|
page read and write
|
||
|
3BA5000
|
trusted library allocation
|
page read and write
|
||
|
2D8B000
|
trusted library allocation
|
page read and write
|
||
|
2D2C000
|
trusted library allocation
|
page read and write
|
||
|
3921000
|
trusted library allocation
|
page read and write
|
||
|
647B000
|
trusted library allocation
|
page read and write
|
||
|
5409000
|
heap
|
page read and write
|
||
|
58B0000
|
trusted library allocation
|
page read and write
|
||
|
661D000
|
stack
|
page read and write
|
||
|
4E91000
|
trusted library allocation
|
page read and write
|
||
|
2DA7000
|
trusted library allocation
|
page read and write
|
||
|
6BD0000
|
trusted library allocation
|
page read and write
|
||
|
83A000
|
stack
|
page read and write
|
||
|
B4F000
|
heap
|
page read and write
|
||
|
4F70000
|
trusted library allocation
|
page read and write
|
||
|
6AF0000
|
trusted library allocation
|
page read and write
|
||
|
122E000
|
stack
|
page read and write
|
||
|
6380000
|
trusted library allocation
|
page read and write
|
||
|
531E000
|
trusted library allocation
|
page read and write
|
||
|
4E70000
|
trusted library allocation
|
page read and write
|
||
|
2AAB000
|
trusted library allocation
|
page execute and read and write
|
||
|
2AA7000
|
trusted library allocation
|
page execute and read and write
|
||
|
67DE000
|
stack
|
page read and write
|
||
|
146D000
|
trusted library allocation
|
page execute and read and write
|
||
|
B21000
|
heap
|
page read and write
|
||
|
52F0000
|
trusted library allocation
|
page read and write
|
||
|
8D00000
|
trusted library allocation
|
page execute and read and write
|
||
|
8D30000
|
trusted library allocation
|
page execute and read and write
|
||
|
2AA0000
|
trusted library allocation
|
page read and write
|
||
|
7F190000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E20000
|
trusted library allocation
|
page read and write
|
||
|
6B12000
|
trusted library allocation
|
page read and write
|
||
|
BB0E000
|
stack
|
page read and write
|
||
|
B15000
|
heap
|
page read and write
|
||
|
6A9E000
|
stack
|
page read and write
|
||
|
4EE0000
|
trusted library allocation
|
page read and write
|
||
|
AA2000
|
heap
|
page read and write
|
||
|
2DAB000
|
trusted library allocation
|
page read and write
|
||
|
71CE000
|
stack
|
page read and write
|
||
|
2D6F000
|
trusted library allocation
|
page read and write
|
||
|
4AFC000
|
stack
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
3978000
|
trusted library allocation
|
page read and write
|
||
|
100A000
|
heap
|
page read and write
|
||
|
2D9B000
|
trusted library allocation
|
page read and write
|
||
|
2D60000
|
trusted library allocation
|
page read and write
|
||
|
4F40000
|
heap
|
page read and write
|
||
|
75E0000
|
trusted library section
|
page read and write
|
||
|
8D10000
|
trusted library allocation
|
page read and write
|
||
|
7490000
|
trusted library allocation
|
page read and write
|
||
|
12B4000
|
trusted library allocation
|
page read and write
|
||
|
531B000
|
trusted library allocation
|
page read and write
|
||
|
2D89000
|
trusted library allocation
|
page read and write
|
||
|
F75000
|
heap
|
page read and write
|
||
|
BC9000
|
stack
|
page read and write
|
||
|
FD0000
|
trusted library allocation
|
page read and write
|
||
|
EAF000
|
stack
|
page read and write
|
||
|
3AFE000
|
trusted library allocation
|
page read and write
|
||
|
1016000
|
heap
|
page read and write
|
||
|
105E000
|
stack
|
page read and write
|
||
|
4E8E000
|
trusted library allocation
|
page read and write
|
||
|
6317000
|
trusted library allocation
|
page read and write
|
||
|
F4E000
|
stack
|
page read and write
|
||
|
2A8D000
|
trusted library allocation
|
page read and write
|
||
|
52E4000
|
trusted library allocation
|
page read and write
|
||
|
533D000
|
trusted library allocation
|
page read and write
|
||
|
6BE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2A43000
|
trusted library allocation
|
page read and write
|
||
|
106C000
|
heap
|
page read and write
|
||
|
4E60000
|
trusted library allocation
|
page read and write
|
||
|
5304000
|
heap
|
page read and write
|
||
|
1470000
|
trusted library allocation
|
page read and write
|
||
|
D8B000
|
trusted library allocation
|
page execute and read and write
|
||
|
5336000
|
trusted library allocation
|
page read and write
|
||
|
51C0000
|
heap
|
page execute and read and write
|
||
|
7690000
|
trusted library section
|
page read and write
|
||
|
A44000
|
trusted library allocation
|
page read and write
|
||
|
5400000
|
heap
|
page read and write
|
||
|
6330000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D97000
|
trusted library allocation
|
page read and write
|
||
|
FFE000
|
heap
|
page read and write
|
||
|
2B49000
|
trusted library allocation
|
page read and write
|
There are 290 hidden memdumps, click here to show them.