Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Q7Ct3eA5NE.exe
|
"C:\Users\user\Desktop\Q7Ct3eA5NE.exe"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.innosetup.com/
|
unknown
|
||
|
http://restools.hanzify.org/
|
unknown
|
||
|
http://www.remobjects.com/ps
|
unknown
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2410000
|
heap
|
page read and write
|
||
|
2B80000
|
trusted library allocation
|
page read and write
|
||
|
22BB000
|
direct allocation
|
page read and write
|
||
|
23B0000
|
heap
|
page read and write
|
||
|
A3F000
|
stack
|
page read and write
|
||
|
5DE000
|
stack
|
page read and write
|
||
|
2340000
|
direct allocation
|
page execute and read and write
|
||
|
565000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
227D000
|
direct allocation
|
page read and write
|
||
|
22D8000
|
direct allocation
|
page read and write
|
||
|
240E000
|
stack
|
page read and write
|
||
|
673000
|
heap
|
page read and write
|
||
|
695000
|
heap
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
2480000
|
heap
|
page read and write
|
||
|
99000
|
stack
|
page read and write
|
||
|
22C9000
|
direct allocation
|
page read and write
|
||
|
677000
|
heap
|
page read and write
|
||
|
550000
|
unkown
|
page read and write
|
||
|
22E6000
|
direct allocation
|
page read and write
|
||
|
65A000
|
heap
|
page read and write
|
||
|
569000
|
unkown
|
page readonly
|
||
|
678000
|
heap
|
page read and write
|
||
|
228B000
|
direct allocation
|
page read and write
|
||
|
2303000
|
direct allocation
|
page read and write
|
||
|
246E000
|
stack
|
page read and write
|
||
|
54A000
|
unkown
|
page execute read
|
||
|
630000
|
heap
|
page read and write
|
||
|
675000
|
heap
|
page read and write
|
||
|
2AFF000
|
stack
|
page read and write
|
||
|
677000
|
heap
|
page read and write
|
||
|
54C000
|
unkown
|
page write copy
|
||
|
33BE000
|
stack
|
page read and write
|
||
|
54C000
|
unkown
|
page read and write
|
||
|
590000
|
heap
|
page read and write
|
||
|
557000
|
unkown
|
page read and write
|
||
|
67E000
|
heap
|
page read and write
|
||
|
679000
|
heap
|
page read and write
|
||
|
557000
|
unkown
|
page write copy
|
||
|
22AC000
|
direct allocation
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
67B000
|
heap
|
page read and write
|
||
|
23B9000
|
heap
|
page read and write
|
||
|
55D000
|
unkown
|
page readonly
|
||
|
23B5000
|
heap
|
page read and write
|
||
|
66F000
|
heap
|
page read and write
|
||
|
2330000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
34BF000
|
stack
|
page read and write
|
||
|
8FE000
|
stack
|
page read and write
|
||
|
93E000
|
stack
|
page read and write
|
||
|
2318000
|
direct allocation
|
page read and write
|
||
|
22F4000
|
direct allocation
|
page read and write
|
||
|
2292000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
230A000
|
direct allocation
|
page read and write
|
||
|
22FC000
|
direct allocation
|
page read and write
|
||
|
554000
|
unkown
|
page read and write
|
||
|
22ED000
|
direct allocation
|
page read and write
|
||
|
673000
|
heap
|
page read and write
|
||
|
66F000
|
heap
|
page read and write
|
||
|
2311000
|
direct allocation
|
page read and write
|
||
|
63A000
|
heap
|
page read and write
|
||
|
35BF000
|
stack
|
page read and write
|
||
|
2284000
|
direct allocation
|
page read and write
|
||
|
675000
|
heap
|
page read and write
|
||
|
22D0000
|
direct allocation
|
page read and write
|
||
|
63E000
|
heap
|
page read and write
|
||
|
22DF000
|
direct allocation
|
page read and write
|
||
|
2483000
|
heap
|
page read and write
|
||
|
657000
|
heap
|
page read and write
|
There are 62 hidden memdumps, click here to show them.