Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SecuriteInfo.com.Win32.RansomX-gen.10310.21629.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Win32.RansomX-gen.10310.21629.exe"
|
 |
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.stock5168.n9s.com//aps//
|
unknown
|
||
|
http://itax.twca.com.tw/xmlrca/TaiCARootCA_2012.crl0
|
unknown
|
||
|
http://www.twca.com.tw/0
|
unknown
|
||
|
http://itax.twca.com.tw/ecplus/ecplus_UCA_2018_sha1.crl0_
|
unknown
|
||
|
http://www.stock88168.com.tw//aps//
|
unknown
|
||
|
https://www.twca.com.tw/0L
|
unknown
|
||
|
http://www.stock88168.com.tw//program//ShowMyPC1.exe
|
unknown
|
||
|
http://stock88168.500.com.tw//aps//
|
unknown
|
||
|
http://www.stock88168.com.tw//aps//Ghttp://www.stock5168.n9s.com//aps//Ghttp://stock88168.500.com.tw
|
unknown
|
||
|
https://www.stock881688.com.tw/
|
unknown
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7FF848E1D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FF84883000
|
trusted library allocation
|
page read and write
|
||
|
7FF848ED6000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FF9EBD0000
|
heap
|
page read and write
|
||
|
1FF8470C000
|
heap
|
page read and write
|
||
|
1FF846B0000
|
heap
|
page read and write
|
||
|
1FF845D0000
|
heap
|
page read and write
|
||
|
1FF8643D000
|
trusted library allocation
|
page read and write
|
||
|
1FF84870000
|
trusted library allocation
|
page read and write
|
||
|
1FF9EBA0000
|
heap
|
page read and write
|
||
|
7FF848EA0000
|
trusted library allocation
|
page read and write
|
||
|
1FF84700000
|
heap
|
page read and write
|
||
|
7FF848E02000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E10000
|
trusted library allocation
|
page read and write
|
||
|
1FF84706000
|
heap
|
page read and write
|
||
|
1FF8478F000
|
heap
|
page read and write
|
||
|
1FF84540000
|
unkown
|
page readonly
|
||
|
7FF848E0D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FF9EBE0000
|
heap
|
page read and write
|
||
|
7FF848DF4000
|
trusted library allocation
|
page read and write
|
||
|
1FF863FF000
|
trusted library allocation
|
page read and write
|
||
|
1FF84742000
|
heap
|
page read and write
|
||
|
1FF8478D000
|
heap
|
page read and write
|
||
|
1FF86416000
|
trusted library allocation
|
page read and write
|
||
|
1FF8454A000
|
unkown
|
page readonly
|
||
|
7FF848F90000
|
trusted library allocation
|
page read and write
|
||
|
1FF84540000
|
unkown
|
page readonly
|
||
|
1FF86331000
|
trusted library allocation
|
page read and write
|
||
|
1FF861B0000
|
heap
|
page read and write
|
||
|
1FFA1850000
|
heap
|
page read and write
|
||
|
1FF86260000
|
heap
|
page read and write
|
||
|
1FF861C0000
|
trusted library section
|
page readonly
|
||
|
1FF8641B000
|
trusted library allocation
|
page read and write
|
||
|
1FF84542000
|
unkown
|
page readonly
|
||
|
1FF861F0000
|
heap
|
page read and write
|
||
|
1FF86432000
|
trusted library allocation
|
page read and write
|
||
|
D3150FD000
|
stack
|
page read and write
|
||
|
1FF9EC42000
|
heap
|
page read and write
|
||
|
7FF42E220000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FF861E5000
|
heap
|
page read and write
|
||
|
1FF846D0000
|
heap
|
page read and write
|
||
|
1FF863EF000
|
trusted library allocation
|
page read and write
|
||
|
D314FFD000
|
stack
|
page read and write
|
||
|
7FF848FA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FF9EBC3000
|
heap
|
page execute and read and write
|
||
|
1FFA03E4000
|
trusted library allocation
|
page read and write
|
||
|
1FFA03FD000
|
trusted library allocation
|
page read and write
|
||
|
7FF848F10000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FF863F6000
|
trusted library allocation
|
page read and write
|
||
|
1FF8472C000
|
heap
|
page read and write
|
||
|
7FF848DF3000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FF9EC17000
|
heap
|
page read and write
|
||
|
1FF86438000
|
trusted library allocation
|
page read and write
|
||
|
1FFA2CB0000
|
trusted library allocation
|
page read and write
|
||
|
D314AF6000
|
stack
|
page read and write
|
||
|
1FF86210000
|
heap
|
page execute and read and write
|
||
|
D3152FF000
|
stack
|
page read and write
|
||
|
1FF9EC26000
|
heap
|
page read and write
|
||
|
1FFA185A000
|
heap
|
page read and write
|
||
|
1FF96331000
|
trusted library allocation
|
page read and write
|
||
|
1FF9FCF6000
|
heap
|
page read and write
|
||
|
1FF86190000
|
heap
|
page read and write
|
||
|
1FFA03B4000
|
trusted library allocation
|
page read and write
|
||
|
1FF8642B000
|
trusted library allocation
|
page read and write
|
||
|
1FF86406000
|
trusted library allocation
|
page read and write
|
||
|
1FFA03D2000
|
trusted library allocation
|
page read and write
|
||
|
1FF9EC48000
|
heap
|
page read and write
|
||
|
1FF84745000
|
heap
|
page read and write
|
||
|
1FF84850000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FF863FB000
|
trusted library allocation
|
page read and write
|
||
|
1FF846D5000
|
heap
|
page read and write
|
||
|
1FF86418000
|
trusted library allocation
|
page read and write
|
||
|
1FF861E0000
|
heap
|
page read and write
|
||
|
1FF9EBC0000
|
heap
|
page execute and read and write
|
||
|
1FF848D5000
|
heap
|
page read and write
|
||
|
1FF84800000
|
heap
|
page read and write
|
||
|
1FF86441000
|
trusted library allocation
|
page read and write
|
||
|
1FF8640B000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E4C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FF86427000
|
trusted library allocation
|
page read and write
|
||
|
1FF848D0000
|
heap
|
page read and write
|
||
|
7FF848EAC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FF8641D000
|
trusted library allocation
|
page read and write
|
||
|
1FF86320000
|
heap
|
page execute and read and write
|
||
|
1FF846E0000
|
heap
|
page read and write
|
||
|
D314EFF000
|
stack
|
page read and write
|
||
|
7FF848E14000
|
trusted library allocation
|
page read and write
|
||
|
1FF86425000
|
trusted library allocation
|
page read and write
|
||
|
1FF86263000
|
heap
|
page read and write
|
||
|
1FF96337000
|
trusted library allocation
|
page read and write
|
||
|
1FF9EC34000
|
heap
|
page read and write
|
||
|
7FF848DFD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FFA1879000
|
heap
|
page read and write
|
||
|
1FF9FCD0000
|
heap
|
page read and write
|
||
|
D3153FE000
|
stack
|
page read and write
|
||
|
1FF8641F000
|
trusted library allocation
|
page read and write
|
||
|
1FF84773000
|
heap
|
page read and write
|
||
|
1FF84795000
|
heap
|
page read and write
|
||
|
D314BFE000
|
stack
|
page read and write
|
||
|
1FF86413000
|
trusted library allocation
|
page read and write
|
||
|
7FF848E00000
|
trusted library allocation
|
page read and write
|
||
|
7FF848EA6000
|
trusted library allocation
|
page read and write
|
||
|
1FF9EC32000
|
heap
|
page read and write
|
||
|
1FF84880000
|
trusted library allocation
|
page read and write
|
There are 95 hidden memdumps, click here to show them.