Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Users\user\Desktop\ffmpeg.exe
|
"C:\Users\user\Desktop\ffmpeg.exe"
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
http://x265.org
|
unknown
|
||
https://kode54.net/)
|
unknown
|
||
https://twitter.com/daniel_collin
|
unknown
|
||
https://github.com/nothings/stb/
|
unknown
|
||
https://github.com/iamgreaser/it2everything/
|
unknown
|
||
https://joaobapt.com/)
|
unknown
|
||
http://schismtracker.org/
|
unknown
|
||
http://standards.iso.org/ittf/PubliclyAvailableStandards/MPEG-DASH_schema_files/DASH-MPD.xsd
|
unknown
|
||
http://lame.sf.net64bits
|
unknown
|
||
http://www.oasis-open.org/committees/entity/release/1.0/catalog.dtd
|
unknown
|
||
https://bel.fi/alankila/modguide/interpolate.txt
|
unknown
|
||
http://www.oasis-open.org/committees/entity/release/1.0/catalog.dtd-//OASIS//DTD
|
unknown
|
||
https://www.3eality.com/
|
unknown
|
||
http://dashif.org/guidelines/last-segment-number
|
unknown
|
||
http://www.smpte-ra.org/schemas/2067-3/2013#standard-markersInvalid
|
unknown
|
||
http://www.smpte-ra.org/schemas/2067-3/2013#standard-markers
|
unknown
|
||
http://WWW-Authenticate:Proxy-Authenticate:Content-Encoding:gzip1.3.1Content-Length:
|
unknown
|
||
https://revenant1.net/)
|
unknown
|
||
http://lame.sf.net
|
unknown
|
||
http://relaxng.org/ns/structure/1.0datatypeLibrary:/#?includegrammardefinenamestartInternal
|
unknown
|
||
https://github.com/viiri/st2play
|
unknown
|
||
https://streams.videolan.org/upload/
|
unknown
|
||
https://coda.s3m.us/)
|
unknown
|
||
https://github.com/ryuhei-mori/tinyfft
|
unknown
|
||
http://www.videolan.org/x264.html
|
unknown
|
||
http://xaimus.com/)
|
unknown
|
||
http://dashif.org/guidelines/trickmode
|
unknown
|
||
http://www.brynosaurus.com/cachedir/
|
unknown
|
||
https://github.com/lieff/minimp3/
|
unknown
|
||
http://modplug-xmms.sourceforge.net/
|
unknown
|
||
http://relaxng.org/ns/structure/1.0
|
unknown
|
||
https://github.com/lclevy/unmo3
|
unknown
|
||
https://github.com/richgel999/miniz
|
unknown
|
||
http://www.gnu.org/licenses/
|
unknown
|
There are 24 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
fp2e7a.wpc.phicdn.net
|
192.229.211.108
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
7FF68086F000
|
unkown
|
page readonly
|
||
7FF67ED01000
|
unkown
|
page execute read
|
||
7FF680864000
|
unkown
|
page readonly
|
||
7FF67FD3B000
|
unkown
|
page write copy
|
||
7FF67E301000
|
unkown
|
page execute read
|
||
B97D3FF000
|
stack
|
page read and write
|
||
7FF67C501000
|
unkown
|
page execute read
|
||
7FF67F701000
|
unkown
|
page execute read
|
||
236D2F31000
|
heap
|
page read and write
|
||
7FF6800CE000
|
unkown
|
page readonly
|
||
7FF680877000
|
unkown
|
page readonly
|
||
7FF67FE6B000
|
unkown
|
page readonly
|
||
7FF68087A000
|
unkown
|
page readonly
|
||
7FF680844000
|
unkown
|
page readonly
|
||
7FF680867000
|
unkown
|
page readonly
|
||
236D2F3E000
|
heap
|
page read and write
|
||
236D1715000
|
heap
|
page read and write
|
||
7FF6803EA000
|
unkown
|
page readonly
|
||
236D2F5E000
|
heap
|
page read and write
|
||
7FF680314000
|
unkown
|
page readonly
|
||
7FF680285000
|
unkown
|
page readonly
|
||
236D1710000
|
heap
|
page read and write
|
||
7FF68244A000
|
unkown
|
page write copy
|
||
7FF680889000
|
unkown
|
page readonly
|
||
7FF68088C000
|
unkown
|
page readonly
|
||
236D2F5E000
|
heap
|
page read and write
|
||
236D2F5E000
|
heap
|
page read and write
|
||
7FF67FE65000
|
unkown
|
page write copy
|
||
7FF67BB01000
|
unkown
|
page execute read
|
||
7FF6800CA000
|
unkown
|
page readonly
|
||
7FF68081B000
|
unkown
|
page readonly
|
||
7FF6805D5000
|
unkown
|
page readonly
|
||
7FF6800C7000
|
unkown
|
page readonly
|
||
7FF682448000
|
unkown
|
page readonly
|
||
7FF6800D1000
|
unkown
|
page readonly
|
||
7FF67C501000
|
unkown
|
page execute read
|
||
236D171E000
|
heap
|
page read and write
|
||
7FF67BB00000
|
unkown
|
page readonly
|
||
7FF67CF01000
|
unkown
|
page execute read
|
||
7FF67BB00000
|
unkown
|
page readonly
|
||
7FF680326000
|
unkown
|
page readonly
|
||
236D171E000
|
heap
|
page read and write
|
||
236D14A0000
|
heap
|
page read and write
|
||
7FF68086C000
|
unkown
|
page readonly
|
||
7FF682454000
|
unkown
|
page readonly
|
||
236D2F30000
|
heap
|
page read and write
|
||
236D2F38000
|
heap
|
page read and write
|
||
236D2F5E000
|
heap
|
page read and write
|
||
7FF6803EE000
|
unkown
|
page readonly
|
||
7FF67FE63000
|
unkown
|
page write copy
|
||
236D2F39000
|
heap
|
page read and write
|
||
7FF6803E0000
|
unkown
|
page readonly
|
||
7FF680880000
|
unkown
|
page readonly
|
||
B97CFFD000
|
stack
|
page read and write
|
||
7FF67BB01000
|
unkown
|
page execute read
|
||
7FF67E301000
|
unkown
|
page execute read
|
||
7FF67D901000
|
unkown
|
page execute read
|
||
236D1506000
|
heap
|
page read and write
|
||
7FF6800C2000
|
unkown
|
page readonly
|
||
7FF68085F000
|
unkown
|
page readonly
|
||
236D14B0000
|
heap
|
page read and write
|
||
236D1500000
|
heap
|
page read and write
|
||
7FF67CF01000
|
unkown
|
page execute read
|
||
236D2F3F000
|
heap
|
page read and write
|
||
236D14D0000
|
heap
|
page read and write
|
||
7FF67D901000
|
unkown
|
page execute read
|
||
236D171A000
|
heap
|
page read and write
|
||
236D2F5E000
|
heap
|
page read and write
|
||
7FF680894000
|
unkown
|
page readonly
|
||
236D150C000
|
heap
|
page read and write
|
||
236D2F39000
|
heap
|
page read and write
|
||
236D2F20000
|
heap
|
page read and write
|
||
B97D1FE000
|
stack
|
page read and write
|
||
7FF6800DB000
|
unkown
|
page readonly
|
||
236D2F3B000
|
heap
|
page read and write
|
||
236D2F37000
|
heap
|
page read and write
|
||
7FF680817000
|
unkown
|
page readonly
|
||
236D1719000
|
heap
|
page read and write
|
||
236D2F5E000
|
heap
|
page read and write
|
||
7FF68087D000
|
unkown
|
page readonly
|
||
7FF680744000
|
unkown
|
page readonly
|
||
7FF680885000
|
unkown
|
page readonly
|
||
7FF6800D7000
|
unkown
|
page readonly
|
There are 73 hidden memdumps, click here to show them.