Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.72238195.888.8814.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.72238195.888.8814.exe"
|
 |
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://51.15.67.108:20000/interface/ePad/update/ePad.exe
|
51.15.67.108
|
||
|
http://51.15.67.108:20000/interface/ePad/update/ePad.exevD
|
unknown
|
||
|
https://autohotkey.com
|
unknown
|
||
|
https://autohotkey.comCould
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
51.15.67.108
|
unknown
|
France
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7D2000
|
stack
|
page read and write
|
||
|
3130000
|
heap
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
97A000
|
heap
|
page read and write
|
||
|
14012A000
|
unkown
|
page readonly
|
||
|
140000000
|
unkown
|
page readonly
|
||
|
9B1000
|
heap
|
page read and write
|
||
|
983000
|
heap
|
page read and write
|
||
|
3540000
|
heap
|
page read and write
|
||
|
9CF000
|
heap
|
page read and write
|
||
|
97C000
|
heap
|
page read and write
|
||
|
353D000
|
stack
|
page read and write
|
||
|
163E000
|
stack
|
page read and write
|
||
|
9EC000
|
heap
|
page read and write
|
||
|
7F5000
|
stack
|
page read and write
|
||
|
140001000
|
unkown
|
page execute read
|
||
|
1400F2000
|
unkown
|
page readonly
|
||
|
7CF000
|
stack
|
page read and write
|
||
|
14011B000
|
unkown
|
page read and write
|
||
|
96F000
|
heap
|
page read and write
|
||
|
140112000
|
unkown
|
page write copy
|
||
|
170000
|
heap
|
page read and write
|
||
|
3136000
|
heap
|
page read and write
|
||
|
97A000
|
heap
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
16F0000
|
heap
|
page read and write
|
||
|
1640000
|
trusted library allocation
|
page read and write
|
||
|
14011F000
|
unkown
|
page readonly
|
||
|
16F3000
|
heap
|
page read and write
|
||
|
190000
|
heap
|
page read and write
|
||
|
50DE000
|
stack
|
page read and write
|
||
|
17B0000
|
heap
|
page read and write
|
||
|
14012A000
|
unkown
|
page readonly
|
||
|
7590000
|
trusted library allocation
|
page read and write
|
||
|
123F000
|
stack
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
7DF000
|
stack
|
page read and write
|
||
|
90000
|
heap
|
page read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
58D8000
|
stack
|
page read and write
|
||
|
947000
|
heap
|
page read and write
|
||
|
1400F2000
|
unkown
|
page readonly
|
||
|
7E3000
|
stack
|
page read and write
|
||
|
997000
|
heap
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
973000
|
heap
|
page read and write
|
||
|
997000
|
heap
|
page read and write
|
||
|
140001000
|
unkown
|
page execute read
|
||
|
54DF000
|
stack
|
page read and write
|
||
|
973000
|
heap
|
page read and write
|
||
|
140127000
|
unkown
|
page execute
|
||
|
140127000
|
unkown
|
page execute
|
||
|
E3D000
|
stack
|
page read and write
|
||
|
140000000
|
unkown
|
page readonly
|
||
|
977000
|
heap
|
page read and write
|
||
|
17B5000
|
heap
|
page read and write
|
||
|
14011F000
|
unkown
|
page readonly
|
||
|
97A000
|
heap
|
page read and write
|
||
|
140112000
|
unkown
|
page read and write
|
||
|
5CDF000
|
stack
|
page read and write
|
||
|
998000
|
heap
|
page read and write
|
||
|
1400E0000
|
unkown
|
page readonly
|
||
|
1400E0000
|
unkown
|
page readonly
|
||
|
17BD000
|
heap
|
page read and write
|
||
|
7EF000
|
stack
|
page read and write
|
||
|
9B1000
|
heap
|
page read and write
|
||
|
9CF000
|
heap
|
page read and write
|
||
|
920000
|
trusted library allocation
|
page read and write
|
There are 58 hidden memdumps, click here to show them.