Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
z158xIuvhauCQiddTe.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\z158xIuvhauCQiddTe.exe.log
|
ASCII text, with CRLF line terminators
|
modified
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\z158xIuvhauCQiddTe.exe
|
"C:\Users\user\Desktop\z158xIuvhauCQiddTe.exe"
|
|
|
|
C:\Users\user\Desktop\z158xIuvhauCQiddTe.exe
|
"C:\Users\user\Desktop\z158xIuvhauCQiddTe.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://discord.com
|
unknown
|
|
|
|
https://discord.com/api/webhooks/1227209886782328933/lf2FJykqNaO8-7mFVKnvSLY61VW8wLCP8wff1tbXhDTXQti
|
unknown
|
|
|
|
https://discord.com/api/webhooks/1227209886782328933/lf2FJykqNaO8-7mFVKnvSLY61VW8wLCP8wff1tbXhDTXQtiSfiF1rnTRNJ0B15pF_Nje
|
162.159.136.232
|
|
|
|
https://api.ipify.org/
|
104.26.12.205
|
||
|
https://api.ipify.org
|
unknown
|
||
|
http://discord.com
|
unknown
|
||
|
https://media.discordapp.net/attachments/1222063682037481505/1229897324684378213/user-721680_202
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
||
|
https://api.ipify.org/t
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://cdn.discordapp.com/attachments/1222063682037481505/1229897324684378213/user-721680_2024-
|
unknown
|
There are 1 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
discord.com
|
162.159.136.232
|
|
|
|
api.ipify.org
|
104.26.12.205
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
162.159.136.232
|
discord.com
|
United States
|
|
|
|
104.26.12.205
|
api.ipify.org
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z158xIuvhauCQiddTe_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z158xIuvhauCQiddTe_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z158xIuvhauCQiddTe_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z158xIuvhauCQiddTe_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z158xIuvhauCQiddTe_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z158xIuvhauCQiddTe_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z158xIuvhauCQiddTe_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z158xIuvhauCQiddTe_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z158xIuvhauCQiddTe_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z158xIuvhauCQiddTe_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z158xIuvhauCQiddTe_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z158xIuvhauCQiddTe_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z158xIuvhauCQiddTe_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\z158xIuvhauCQiddTe_RASMANCS
|
FileDirectory
|
There are 5 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3A4B000
|
trusted library allocation
|
page read and write
|
|
|
|
2E01000
|
trusted library allocation
|
page read and write
|
|
|
|
2E3A000
|
trusted library allocation
|
page read and write
|
|
|
|
2E34000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
2E2C000
|
trusted library allocation
|
page read and write
|
|
|
|
26CE000
|
stack
|
page read and write
|
||
|
6CFD000
|
stack
|
page read and write
|
||
|
A66000
|
trusted library allocation
|
page execute and read and write
|
||
|
2800000
|
heap
|
page execute and read and write
|
||
|
4B76000
|
trusted library allocation
|
page read and write
|
||
|
5376000
|
trusted library allocation
|
page read and write
|
||
|
4EA0000
|
heap
|
page read and write
|
||
|
108D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1410000
|
trusted library allocation
|
page read and write
|
||
|
6AA0000
|
trusted library allocation
|
page read and write
|
||
|
538E000
|
trusted library allocation
|
page read and write
|
||
|
5382000
|
trusted library allocation
|
page read and write
|
||
|
4FD0000
|
heap
|
page read and write
|
||
|
63A000
|
stack
|
page read and write
|
||
|
A4D000
|
trusted library allocation
|
page execute and read and write
|
||
|
9FE000
|
stack
|
page read and write
|
||
|
13B0000
|
trusted library allocation
|
page read and write
|
||
|
4F80000
|
trusted library section
|
page read and write
|
||
|
4C23000
|
heap
|
page read and write
|
||
|
1380000
|
trusted library allocation
|
page read and write
|
||
|
70FE000
|
stack
|
page read and write
|
||
|
10A0000
|
heap
|
page read and write
|
||
|
588F000
|
stack
|
page read and write
|
||
|
1083000
|
trusted library allocation
|
page execute and read and write
|
||
|
53A2000
|
trusted library allocation
|
page read and write
|
||
|
538A000
|
trusted library allocation
|
page read and write
|
||
|
3A0E000
|
trusted library allocation
|
page read and write
|
||
|
13A0000
|
heap
|
page read and write
|
||
|
A7E000
|
heap
|
page read and write
|
||
|
6B1E000
|
stack
|
page read and write
|
||
|
4B7D000
|
trusted library allocation
|
page read and write
|
||
|
4EE0000
|
heap
|
page execute and read and write
|
||
|
67F1000
|
heap
|
page read and write
|
||
|
6780000
|
heap
|
page read and write
|
||
|
4CC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
27F0000
|
trusted library allocation
|
page read and write
|
||
|
C77000
|
trusted library allocation
|
page execute and read and write
|
||
|
A50000
|
trusted library allocation
|
page read and write
|
||
|
5A10000
|
trusted library section
|
page read and write
|
||
|
2E2A000
|
trusted library allocation
|
page read and write
|
||
|
2620000
|
trusted library allocation
|
page read and write
|
||
|
2DE5000
|
trusted library allocation
|
page read and write
|
||
|
1075000
|
heap
|
page read and write
|
||
|
68BE000
|
stack
|
page read and write
|
||
|
5391000
|
trusted library allocation
|
page read and write
|
||
|
2E28000
|
trusted library allocation
|
page read and write
|
||
|
2D9E000
|
stack
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
4C80000
|
trusted library section
|
page read and write
|
||
|
D1C000
|
stack
|
page read and write
|
||
|
5430000
|
heap
|
page read and write
|
||
|
6D67000
|
trusted library allocation
|
page read and write
|
||
|
5890000
|
heap
|
page read and write
|
||
|
6DF0000
|
heap
|
page read and write
|
||
|
69E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6D3D000
|
stack
|
page read and write
|
||
|
6ADF000
|
stack
|
page read and write
|
||
|
9BE000
|
stack
|
page read and write
|
||
|
13FE000
|
stack
|
page read and write
|
||
|
58A4000
|
heap
|
page read and write
|
||
|
1427000
|
heap
|
page read and write
|
||
|
1090000
|
trusted library allocation
|
page read and write
|
||
|
870000
|
heap
|
page read and write
|
||
|
63BE000
|
stack
|
page read and write
|
||
|
4C6B000
|
stack
|
page read and write
|
||
|
A62000
|
trusted library allocation
|
page read and write
|
||
|
2E0000
|
unkown
|
page readonly
|
||
|
A43000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E6E000
|
stack
|
page read and write
|
||
|
101E000
|
stack
|
page read and write
|
||
|
137A000
|
trusted library allocation
|
page execute and read and write
|
||
|
3DD9000
|
trusted library allocation
|
page read and write
|
||
|
52EE000
|
stack
|
page read and write
|
||
|
71FD000
|
stack
|
page read and write
|
||
|
6B30000
|
trusted library allocation
|
page read and write
|
||
|
539D000
|
trusted library allocation
|
page read and write
|
||
|
1080000
|
trusted library allocation
|
page read and write
|
||
|
2E52000
|
trusted library allocation
|
page read and write
|
||
|
850000
|
heap
|
page read and write
|
||
|
681B000
|
heap
|
page read and write
|
||
|
1134000
|
heap
|
page read and write
|
||
|
4B71000
|
trusted library allocation
|
page read and write
|
||
|
6790000
|
heap
|
page read and write
|
||
|
1372000
|
trusted library allocation
|
page read and write
|
||
|
28FA000
|
trusted library allocation
|
page read and write
|
||
|
136E000
|
stack
|
page read and write
|
||
|
AB1000
|
heap
|
page read and write
|
||
|
6FFE000
|
stack
|
page read and write
|
||
|
B68000
|
heap
|
page read and write
|
||
|
43E000
|
remote allocation
|
page execute and read and write
|
||
|
6A00000
|
trusted library allocation
|
page read and write
|
||
|
B15000
|
heap
|
page read and write
|
||
|
581F000
|
stack
|
page read and write
|
||
|
D5F000
|
trusted library allocation
|
page read and write
|
||
|
8BE000
|
stack
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
69D8000
|
trusted library allocation
|
page read and write
|
||
|
5BC0000
|
heap
|
page read and write
|
||
|
13A7000
|
heap
|
page read and write
|
||
|
10C9000
|
heap
|
page read and write
|
||
|
5420000
|
heap
|
page read and write
|
||
|
7200000
|
heap
|
page read and write
|
||
|
A44000
|
trusted library allocation
|
page read and write
|
||
|
AE5000
|
heap
|
page read and write
|
||
|
1382000
|
trusted library allocation
|
page read and write
|
||
|
4B50000
|
trusted library allocation
|
page read and write
|
||
|
A40000
|
trusted library allocation
|
page read and write
|
||
|
3DB1000
|
trusted library allocation
|
page read and write
|
||
|
53B0000
|
trusted library allocation
|
page read and write
|
||
|
537B000
|
trusted library allocation
|
page read and write
|
||
|
B0C000
|
heap
|
page read and write
|
||
|
5B9D000
|
stack
|
page read and write
|
||
|
1376000
|
trusted library allocation
|
page execute and read and write
|
||
|
4B5B000
|
trusted library allocation
|
page read and write
|
||
|
4B54000
|
trusted library allocation
|
page read and write
|
||
|
4C70000
|
trusted library allocation
|
page read and write
|
||
|
4F00000
|
trusted library allocation
|
page execute and read and write
|
||
|
4F4E000
|
stack
|
page read and write
|
||
|
6DB0000
|
heap
|
page read and write
|
||
|
2863000
|
trusted library allocation
|
page read and write
|
||
|
10D3000
|
heap
|
page read and write
|
||
|
D50000
|
trusted library allocation
|
page read and write
|
||
|
5423000
|
heap
|
page read and write
|
||
|
A78000
|
heap
|
page read and write
|
||
|
10A8000
|
heap
|
page read and write
|
||
|
6EFE000
|
stack
|
page read and write
|
||
|
2C90000
|
heap
|
page execute and read and write
|
||
|
2C84000
|
trusted library allocation
|
page read and write
|
||
|
109D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6DC0000
|
heap
|
page read and write
|
||
|
69FD000
|
trusted library allocation
|
page read and write
|
||
|
A5D000
|
trusted library allocation
|
page execute and read and write
|
||
|
6D70000
|
trusted library allocation
|
page read and write
|
||
|
1084000
|
trusted library allocation
|
page read and write
|
||
|
5370000
|
trusted library allocation
|
page read and write
|
||
|
51D0000
|
trusted library allocation
|
page read and write
|
||
|
A60000
|
trusted library allocation
|
page read and write
|
||
|
4DEC000
|
stack
|
page read and write
|
||
|
4EF0000
|
trusted library section
|
page read and write
|
||
|
4B6E000
|
trusted library allocation
|
page read and write
|
||
|
6829000
|
heap
|
page read and write
|
||
|
C90000
|
trusted library allocation
|
page read and write
|
||
|
26E1000
|
trusted library allocation
|
page read and write
|
||
|
5396000
|
trusted library allocation
|
page read and write
|
||
|
D20000
|
trusted library allocation
|
page execute and read and write
|
||
|
E79000
|
stack
|
page read and write
|
||
|
526E000
|
stack
|
page read and write
|
||
|
67FC000
|
heap
|
page read and write
|
||
|
4C20000
|
heap
|
page read and write
|
||
|
C7B000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DA0000
|
heap
|
page read and write
|
||
|
38B5000
|
trusted library allocation
|
page read and write
|
||
|
D40000
|
trusted library allocation
|
page read and write
|
||
|
70EE000
|
stack
|
page read and write
|
||
|
50D0000
|
heap
|
page read and write
|
||
|
AB3000
|
heap
|
page read and write
|
||
|
4FC0000
|
trusted library allocation
|
page read and write
|
||
|
2DB1000
|
trusted library allocation
|
page read and write
|
||
|
69BE000
|
stack
|
page read and write
|
||
|
A6A000
|
trusted library allocation
|
page execute and read and write
|
||
|
3867000
|
trusted library allocation
|
page read and write
|
||
|
3E16000
|
trusted library allocation
|
page read and write
|
||
|
1385000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
69D0000
|
trusted library allocation
|
page read and write
|
||
|
6CDE000
|
stack
|
page read and write
|
||
|
1060000
|
trusted library allocation
|
page read and write
|
||
|
4F50000
|
trusted library allocation
|
page read and write
|
||
|
28F8000
|
trusted library allocation
|
page read and write
|
||
|
860000
|
heap
|
page read and write
|
||
|
268E000
|
stack
|
page read and write
|
||
|
2811000
|
trusted library allocation
|
page read and write
|
||
|
2DFD000
|
trusted library allocation
|
page read and write
|
||
|
5610000
|
heap
|
page execute and read and write
|
||
|
6A07000
|
trusted library allocation
|
page read and write
|
||
|
2C80000
|
trusted library allocation
|
page read and write
|
||
|
260F000
|
stack
|
page read and write
|
||
|
1400000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C70000
|
trusted library allocation
|
page read and write
|
||
|
6FEE000
|
stack
|
page read and write
|
||
|
743D000
|
stack
|
page read and write
|
||
|
10D6000
|
heap
|
page read and write
|
||
|
5A0E000
|
stack
|
page read and write
|
||
|
4FA0000
|
trusted library allocation
|
page read and write
|
||
|
6D80000
|
trusted library allocation
|
page read and write
|
||
|
3819000
|
trusted library allocation
|
page read and write
|
||
|
753E000
|
stack
|
page read and write
|
||
|
73FF000
|
stack
|
page read and write
|
||
|
6FA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
571C000
|
stack
|
page read and write
|
||
|
2E2000
|
unkown
|
page readonly
|
||
|
1070000
|
heap
|
page read and write
|
||
|
67C2000
|
heap
|
page read and write
|
||
|
1387000
|
trusted library allocation
|
page execute and read and write
|
||
|
1370000
|
trusted library allocation
|
page read and write
|
||
|
59CE000
|
stack
|
page read and write
|
||
|
2640000
|
heap
|
page read and write
|
||
|
6D60000
|
trusted library allocation
|
page read and write
|
||
|
537E000
|
trusted library allocation
|
page read and write
|
||
|
6B20000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BD8000
|
trusted library allocation
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
1020000
|
heap
|
page read and write
|
||
|
2615000
|
trusted library allocation
|
page read and write
|
||
|
51D7000
|
trusted library allocation
|
page read and write
|
||
|
7F8B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4EEE000
|
stack
|
page read and write
|
||
|
4F90000
|
trusted library allocation
|
page execute and read and write
|
||
|
1420000
|
heap
|
page read and write
|
||
|
2DEF000
|
trusted library allocation
|
page read and write
|
||
|
C6E000
|
stack
|
page read and write
|
||
|
540C000
|
stack
|
page read and write
|
||
|
D30000
|
trusted library allocation
|
page read and write
|
||
|
F78000
|
stack
|
page read and write
|
||
|
58B3000
|
heap
|
page read and write
|
||
|
4B82000
|
trusted library allocation
|
page read and write
|
||
|
4EB0000
|
trusted library allocation
|
page read and write
|
||
|
7FC00000
|
trusted library allocation
|
page execute and read and write
|
||
|
3903000
|
trusted library allocation
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
6CBE000
|
stack
|
page read and write
|
||
|
C72000
|
trusted library allocation
|
page read and write
|
||
|
69F0000
|
trusted library allocation
|
page read and write
|
||
|
52AE000
|
stack
|
page read and write
|
||
|
A30000
|
trusted library allocation
|
page read and write
|
||
|
4F70000
|
trusted library section
|
page read and write
|
||
|
AA6000
|
heap
|
page read and write
|
||
|
AF3000
|
heap
|
page read and write
|
||
|
2610000
|
trusted library allocation
|
page read and write
|
||
|
A97000
|
heap
|
page read and write
|
||
|
4E90000
|
trusted library allocation
|
page read and write
|
||
|
737000
|
stack
|
page read and write
|
||
|
10BD000
|
heap
|
page read and write
|
||
|
2E30000
|
trusted library allocation
|
page read and write
|
||
|
4E80000
|
heap
|
page read and write
|
||
|
6A4E000
|
stack
|
page read and write
|
||
|
388000
|
unkown
|
page readonly
|
||
|
138B000
|
trusted library allocation
|
page execute and read and write
|
||
|
CDE000
|
stack
|
page read and write
|
||
|
3811000
|
trusted library allocation
|
page read and write
|
||
|
27EC000
|
stack
|
page read and write
|
||
|
58A7000
|
heap
|
page read and write
|
||
|
67F3000
|
heap
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
There are 240 hidden memdumps, click here to show them.