Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SajWKdHxdF.exe
|
"C:\Users\user\Desktop\SajWKdHxdF.exe"
|
 |
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://ipinfo.io/https://www.maxmind.com/en/locate-my-ip-addressWs2_32.dll
|
unknown
|
||
|
http://crl.sectigo.com/SectigoRSATimeStampingCA.crl0t
|
unknown
|
||
|
http://www.winimage.com/zLibDll
|
unknown
|
||
|
https://t.me/RiseProSUPPORT
|
unknown
|
||
|
https://sectigo.com/CPS0
|
unknown
|
||
|
http://ocsp.sectigo.com0
|
unknown
|
||
|
http://crt.sectigo.com/SectigoRSATimeStampingCA.crt0#
|
unknown
|
||
|
http://www.winimage.com/zLibDllDpRTpR
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
193.233.132.226
|
unknown
|
Russian Federation
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
6BC000
|
unkown
|
page execute and read and write
|
||
|
2AD1000
|
heap
|
page read and write
|
||
|
EB6000
|
heap
|
page read and write
|
||
|
ED0000
|
heap
|
page read and write
|
||
|
6B4000
|
unkown
|
page execute and read and write
|
||
|
E80000
|
direct allocation
|
page read and write
|
||
|
12EE000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
E26000
|
unkown
|
page execute and read and write
|
||
|
E80000
|
direct allocation
|
page read and write
|
||
|
EF9000
|
heap
|
page read and write
|
||
|
EF9000
|
heap
|
page read and write
|
||
|
2AD1000
|
heap
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
12AE000
|
stack
|
page read and write
|
||
|
2AC0000
|
heap
|
page read and write
|
||
|
2AD1000
|
heap
|
page read and write
|
||
|
FE4000
|
heap
|
page read and write
|
||
|
2AD1000
|
heap
|
page read and write
|
||
|
126E000
|
stack
|
page read and write
|
||
|
2AD1000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2AD1000
|
heap
|
page read and write
|
||
|
5047000
|
heap
|
page read and write
|
||
|
2AD1000
|
heap
|
page read and write
|
||
|
E80000
|
direct allocation
|
page read and write
|
||
|
6B2000
|
unkown
|
page execute and read and write
|
||
|
6B6000
|
unkown
|
page execute and read and write
|
||
|
5C9000
|
unkown
|
page execute and read and write
|
||
|
2AD1000
|
heap
|
page read and write
|
||
|
E80000
|
direct allocation
|
page read and write
|
||
|
E80000
|
direct allocation
|
page read and write
|
||
|
E90000
|
heap
|
page read and write
|
||
|
FE4000
|
heap
|
page read and write
|
||
|
E80000
|
direct allocation
|
page read and write
|
||
|
E27000
|
unkown
|
page write copy
|
||
|
545000
|
unkown
|
page readonly
|
||
|
E80000
|
direct allocation
|
page read and write
|
||
|
2AD1000
|
heap
|
page read and write
|
||
|
ED6000
|
heap
|
page read and write
|
||
|
2AD1000
|
heap
|
page read and write
|
||
|
E80000
|
direct allocation
|
page read and write
|
||
|
EE0000
|
heap
|
page read and write
|
||
|
EC6000
|
heap
|
page read and write
|
||
|
FE4000
|
heap
|
page read and write
|
||
|
2AD1000
|
heap
|
page read and write
|
||
|
2AD1000
|
heap
|
page read and write
|
||
|
2AD1000
|
heap
|
page read and write
|
||
|
2F10000
|
direct allocation
|
page read and write
|
||
|
6BE000
|
unkown
|
page execute and read and write
|
||
|
2AD1000
|
heap
|
page read and write
|
||
|
EEF000
|
heap
|
page read and write
|
||
|
2AD1000
|
heap
|
page read and write
|
||
|
E80000
|
direct allocation
|
page read and write
|
||
|
2AD1000
|
heap
|
page read and write
|
||
|
E80000
|
direct allocation
|
page read and write
|
||
|
2AD0000
|
heap
|
page read and write
|
||
|
E50000
|
heap
|
page read and write
|
||
|
FE4000
|
heap
|
page read and write
|
||
|
2AD1000
|
heap
|
page read and write
|
||
|
FE4000
|
heap
|
page read and write
|
||
|
ED4000
|
heap
|
page read and write
|
||
|
533F000
|
stack
|
page read and write
|
||
|
6B8000
|
unkown
|
page execute and read and write
|
||
|
2AD1000
|
heap
|
page read and write
|
||
|
FE4000
|
heap
|
page read and write
|
||
|
2AD1000
|
heap
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
E11000
|
unkown
|
page readonly
|
||
|
2AA0000
|
heap
|
page read and write
|
||
|
2AD1000
|
heap
|
page read and write
|
||
|
2AD1000
|
heap
|
page read and write
|
||
|
2AD1000
|
heap
|
page read and write
|
||
|
E98000
|
heap
|
page read and write
|
||
|
2AD1000
|
heap
|
page read and write
|
||
|
E27000
|
unkown
|
page write copy
|
||
|
E80000
|
direct allocation
|
page read and write
|
||
|
DD9000
|
unkown
|
page readonly
|
||
|
5CB000
|
unkown
|
page execute and read and write
|
||
|
302E000
|
stack
|
page read and write
|
||
|
E80000
|
direct allocation
|
page read and write
|
||
|
E26000
|
unkown
|
page execute and write copy
|
||
|
6AC000
|
unkown
|
page execute and read and write
|
||
|
E80000
|
direct allocation
|
page read and write
|
||
|
E80000
|
direct allocation
|
page read and write
|
||
|
540000
|
unkown
|
page execute and read and write
|
||
|
2AD1000
|
heap
|
page read and write
|
||
|
EE5000
|
heap
|
page read and write
|
||
|
EED000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute and write copy
|
||
|
2AD1000
|
heap
|
page read and write
|
||
|
6FF000
|
unkown
|
page execute and read and write
|
||
|
2AD1000
|
heap
|
page read and write
|
||
|
6B0000
|
unkown
|
page execute and read and write
|
||
|
515000
|
unkown
|
page readonly
|
||
|
6FB000
|
unkown
|
page execute and read and write
|
||
|
6AE000
|
unkown
|
page execute and read and write
|
||
|
2F10000
|
trusted library allocation
|
page read and write
|
||
|
2AD1000
|
heap
|
page read and write
|
||
|
E80000
|
direct allocation
|
page read and write
|
||
|
2AD1000
|
heap
|
page read and write
|
||
|
FE4000
|
heap
|
page read and write
|
||
|
EDB000
|
heap
|
page read and write
|
||
|
FE4000
|
heap
|
page read and write
|
||
|
9D1000
|
unkown
|
page execute and read and write
|
||
|
E60000
|
heap
|
page read and write
|
||
|
FE4000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2AD1000
|
heap
|
page read and write
|
||
|
E80000
|
direct allocation
|
page read and write
|
||
|
E1C000
|
unkown
|
page readonly
|
||
|
94F000
|
unkown
|
page execute read
|
||
|
6BA000
|
unkown
|
page execute and read and write
|
||
|
724000
|
unkown
|
page execute and read and write
|
||
|
3030000
|
heap
|
page read and write
|
||
|
E08000
|
unkown
|
page readonly
|
||
|
DCE000
|
unkown
|
page readonly
|
||
|
193000
|
stack
|
page read and write
|
||
|
E80000
|
direct allocation
|
page read and write
|
||
|
543F000
|
stack
|
page read and write
|
||
|
2AD1000
|
heap
|
page read and write
|
||
|
EC2000
|
heap
|
page read and write
|
There are 112 hidden memdumps, click here to show them.