Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
kL1iGwj1Iu.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v2.0_32\UsageLogs\kL1iGwj1Iu.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\kL1iGwj1Iu.exe
|
"C:\Users\user\Desktop\kL1iGwj1Iu.exe"
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
27EE000
|
stack
|
page read and write
|
||
|
532E000
|
stack
|
page read and write
|
||
|
3B31000
|
trusted library allocation
|
page read and write
|
||
|
949000
|
heap
|
page read and write
|
||
|
546E000
|
stack
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
928000
|
heap
|
page read and write
|
||
|
4C0000
|
unkown
|
page readonly
|
||
|
CC5000
|
trusted library allocation
|
page execute and read and write
|
||
|
CA0000
|
trusted library allocation
|
page read and write
|
||
|
B2E000
|
stack
|
page read and write
|
||
|
C70000
|
heap
|
page read and write
|
||
|
5B0000
|
heap
|
page read and write
|
||
|
4CCF000
|
stack
|
page read and write
|
||
|
CCA000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E10000
|
heap
|
page read and write
|
||
|
55AE000
|
stack
|
page read and write
|
||
|
ED5000
|
trusted library allocation
|
page read and write
|
||
|
556E000
|
stack
|
page read and write
|
||
|
CBA000
|
trusted library allocation
|
page execute and read and write
|
||
|
99D000
|
heap
|
page read and write
|
||
|
DDF000
|
stack
|
page read and write
|
||
|
8FA000
|
stack
|
page read and write
|
||
|
CB2000
|
trusted library allocation
|
page execute and read and write
|
||
|
522D000
|
stack
|
page read and write
|
||
|
542E000
|
stack
|
page read and write
|
||
|
4C4000
|
unkown
|
page readonly
|
||
|
50B0000
|
heap
|
page read and write
|
||
|
E07000
|
trusted library allocation
|
page execute and read and write
|
||
|
E9D000
|
stack
|
page read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
EB0000
|
heap
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page execute and read and write
|
||
|
E0B000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B31000
|
trusted library allocation
|
page read and write
|
||
|
920000
|
heap
|
page read and write
|
||
|
92E000
|
heap
|
page read and write
|
||
|
95F000
|
heap
|
page read and write
|
||
|
CD0000
|
heap
|
page read and write
|
||
|
CC0000
|
trusted library allocation
|
page read and write
|
||
|
56AE000
|
stack
|
page read and write
|
||
|
C2F000
|
stack
|
page read and write
|
||
|
991000
|
heap
|
page read and write
|
||
|
55B000
|
stack
|
page read and write
|
||
|
51EE000
|
stack
|
page read and write
|
||
|
ED0000
|
trusted library allocation
|
page read and write
|
||
|
8F6000
|
stack
|
page read and write
|
||
|
E4E000
|
stack
|
page read and write
|
||
|
EE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4DCE000
|
stack
|
page read and write
|
||
|
F2E000
|
stack
|
page read and write
|
||
|
5C5000
|
heap
|
page read and write
|
||
|
4F6E000
|
stack
|
page read and write
|
||
|
C6E000
|
stack
|
page read and write
|
||
|
4C2000
|
unkown
|
page readonly
|
||
|
CC2000
|
trusted library allocation
|
page execute and read and write
|
||
|
4E6D000
|
stack
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
There are 49 hidden memdumps, click here to show them.