Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SecuriteInfo.com.Trojan.Msil.22568.30131.exe
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1talphwc.cwk.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_hfik5dhw.yrr.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
\Device\ConDrv
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SecuriteInfo.com.Trojan.Msil.22568.30131.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Trojan.Msil.22568.30131.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://support.auditionsante.app/download/script/SHOP/Scripts.zip
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://support.auditionsante.ap
|
unknown
|
||
|
https://support.auditionsante.app/download/script/SHOP/Scr
|
unknown
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1B2E0000
|
heap
|
page execute and read and write
|
||
|
CB0000
|
trusted library allocation
|
page read and write
|
||
|
2881000
|
trusted library allocation
|
page read and write
|
||
|
2870000
|
heap
|
page execute and read and write
|
||
|
7FFD9B7AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
A8E000
|
heap
|
page read and write
|
||
|
7FFD9BA40000
|
trusted library allocation
|
page read and write
|
||
|
1AE0D000
|
stack
|
page read and write
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
12881000
|
trusted library allocation
|
page read and write
|
||
|
1288F000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B850000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B794000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B793000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BA90000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7A0000
|
trusted library allocation
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
7C4000
|
stack
|
page read and write
|
||
|
1BA3F000
|
stack
|
page read and write
|
||
|
A10000
|
heap
|
page read and write
|
||
|
2D71000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page read and write
|
||
|
128F3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BAB0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA20000
|
trusted library allocation
|
page read and write
|
||
|
DCE000
|
stack
|
page read and write
|
||
|
7FFD9B840000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA60000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7B0000
|
trusted library allocation
|
page read and write
|
||
|
A2C000
|
heap
|
page read and write
|
||
|
1B330000
|
heap
|
page read and write
|
||
|
7FFD9BAA0000
|
trusted library allocation
|
page read and write
|
||
|
7FF4C1C10000
|
trusted library allocation
|
page execute and read and write
|
||
|
28F6000
|
trusted library allocation
|
page read and write
|
||
|
1BB3B000
|
stack
|
page read and write
|
||
|
7FFD9B7B4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA70000
|
trusted library allocation
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
7FFD9B876000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C4C7000
|
stack
|
page read and write
|
||
|
2ABF000
|
trusted library allocation
|
page read and write
|
||
|
680000
|
unkown
|
page readonly
|
||
|
7FFD9B977000
|
trusted library allocation
|
page read and write
|
||
|
286F000
|
stack
|
page read and write
|
||
|
7FFD9BA80000
|
trusted library allocation
|
page read and write
|
||
|
1B540000
|
heap
|
page read and write
|
||
|
2BB9000
|
trusted library allocation
|
page read and write
|
||
|
1B56E000
|
heap
|
page read and write
|
||
|
7FFD9B9C0000
|
trusted library allocation
|
page read and write
|
||
|
1B5C1000
|
heap
|
page read and write
|
||
|
1B324000
|
heap
|
page execute and read and write
|
||
|
1B24F000
|
stack
|
page read and write
|
||
|
7FFD9B9F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7EC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B320000
|
heap
|
page execute and read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B970000
|
trusted library allocation
|
page read and write
|
||
|
2C7D000
|
trusted library allocation
|
page read and write
|
||
|
C80000
|
trusted library allocation
|
page read and write
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
CB3000
|
trusted library allocation
|
page read and write
|
||
|
FC5000
|
heap
|
page read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
7FFD9B84C000
|
trusted library allocation
|
page execute and read and write
|
||
|
A4A000
|
heap
|
page read and write
|
||
|
680000
|
unkown
|
page readonly
|
||
|
AF9000
|
heap
|
page read and write
|
||
|
7FFD9BA30000
|
trusted library allocation
|
page read and write
|
||
|
CA0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA00000
|
trusted library allocation
|
page read and write
|
||
|
2E09000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA10000
|
trusted library allocation
|
page read and write
|
||
|
A8C000
|
heap
|
page read and write
|
||
|
7FFD9B7A2000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B846000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B792000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B949000
|
trusted library allocation
|
page read and write
|
||
|
CC5000
|
heap
|
page read and write
|
||
|
1AC0C000
|
heap
|
page read and write
|
||
|
1B460000
|
heap
|
page read and write
|
||
|
7FFD9B9E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
||
|
C30000
|
heap
|
page read and write
|
||
|
7FFD9B946000
|
trusted library allocation
|
page read and write
|
||
|
2DB2000
|
trusted library allocation
|
page read and write
|
||
|
1B5E7000
|
heap
|
page read and write
|
||
|
1B59B000
|
heap
|
page read and write
|
||
|
7FFD9B9D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7A8000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B938000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B93E000
|
stack
|
page read and write
|
||
|
1A8B0000
|
trusted library allocation
|
page read and write
|
||
|
FB0000
|
trusted library allocation
|
page read and write
|
||
|
1B83E000
|
stack
|
page read and write
|
||
|
7FFD9BA50000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
||
|
C10000
|
heap
|
page read and write
|
||
|
A62000
|
heap
|
page read and write
|
||
|
A60000
|
heap
|
page read and write
|
||
|
682000
|
unkown
|
page readonly
|
||
|
FC0000
|
heap
|
page read and write
|
There are 97 hidden memdumps, click here to show them.