Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
kdpYfUmykM.exe
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\kdpYfUmykM.exe.log
|
CSV text
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\kdpYfUmykM.exe
|
"C:\Users\user\Desktop\kdpYfUmykM.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
https://api.ip.sb/ip
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
https://api.ip.s
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
https://discord.com/api/v9/users/
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
There are 18 hidden URLs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
12F01000
|
trusted library allocation
|
page read and write
|
|
|
|
B82000
|
unkown
|
page readonly
|
|
|
|
31BA000
|
trusted library allocation
|
page read and write
|
||
|
324B000
|
trusted library allocation
|
page read and write
|
||
|
312C000
|
trusted library allocation
|
page read and write
|
||
|
317D000
|
trusted library allocation
|
page read and write
|
||
|
2EEE000
|
stack
|
page read and write
|
||
|
3205000
|
trusted library allocation
|
page read and write
|
||
|
318B000
|
trusted library allocation
|
page read and write
|
||
|
30E8000
|
trusted library allocation
|
page read and write
|
||
|
3187000
|
trusted library allocation
|
page read and write
|
||
|
30B9000
|
trusted library allocation
|
page read and write
|
||
|
B80000
|
unkown
|
page readonly
|
||
|
3277000
|
trusted library allocation
|
page read and write
|
||
|
133E000
|
stack
|
page read and write
|
||
|
1B857000
|
heap
|
page read and write
|
||
|
7FFD9B830000
|
trusted library allocation
|
page read and write
|
||
|
3275000
|
trusted library allocation
|
page read and write
|
||
|
319E000
|
trusted library allocation
|
page read and write
|
||
|
312E000
|
trusted library allocation
|
page read and write
|
||
|
1100000
|
trusted library allocation
|
page read and write
|
||
|
31EE000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page execute and read and write
|
||
|
3273000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
122B000
|
heap
|
page read and write
|
||
|
32B3000
|
trusted library allocation
|
page read and write
|
||
|
31DC000
|
trusted library allocation
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
1135000
|
heap
|
page read and write
|
||
|
3295000
|
trusted library allocation
|
page read and write
|
||
|
1D66E000
|
stack
|
page read and write
|
||
|
3189000
|
trusted library allocation
|
page read and write
|
||
|
1BC9B000
|
heap
|
page read and write
|
||
|
319A000
|
trusted library allocation
|
page read and write
|
||
|
32A6000
|
trusted library allocation
|
page read and write
|
||
|
3051000
|
trusted library allocation
|
page read and write
|
||
|
32CE000
|
trusted library allocation
|
page read and write
|
||
|
1B830000
|
heap
|
page read and write
|
||
|
3119000
|
trusted library allocation
|
page read and write
|
||
|
30FB000
|
trusted library allocation
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
1B7DA000
|
heap
|
page read and write
|
||
|
32C6000
|
trusted library allocation
|
page read and write
|
||
|
3243000
|
trusted library allocation
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
31CD000
|
trusted library allocation
|
page read and write
|
||
|
3225000
|
trusted library allocation
|
page read and write
|
||
|
329B000
|
trusted library allocation
|
page read and write
|
||
|
3110000
|
trusted library allocation
|
page read and write
|
||
|
1B808000
|
heap
|
page read and write
|
||
|
7FF4A9E70000
|
trusted library allocation
|
page execute and read and write
|
||
|
310A000
|
trusted library allocation
|
page read and write
|
||
|
1235000
|
heap
|
page read and write
|
||
|
3252000
|
trusted library allocation
|
page read and write
|
||
|
1D56E000
|
stack
|
page read and write
|
||
|
1B80B000
|
heap
|
page read and write
|
||
|
2C60000
|
heap
|
page read and write
|
||
|
30EA000
|
trusted library allocation
|
page read and write
|
||
|
328D000
|
trusted library allocation
|
page read and write
|
||
|
32B9000
|
trusted library allocation
|
page read and write
|
||
|
1B7E7000
|
heap
|
page read and write
|
||
|
30DB000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7A0000
|
trusted library allocation
|
page read and write
|
||
|
123B000
|
heap
|
page read and write
|
||
|
31DA000
|
trusted library allocation
|
page read and write
|
||
|
30EE000
|
trusted library allocation
|
page read and write
|
||
|
32FA000
|
trusted library allocation
|
page read and write
|
||
|
311D000
|
trusted library allocation
|
page read and write
|
||
|
3207000
|
trusted library allocation
|
page read and write
|
||
|
1218000
|
heap
|
page read and write
|
||
|
1130000
|
heap
|
page read and write
|
||
|
2CF0000
|
heap
|
page execute and read and write
|
||
|
308A000
|
trusted library allocation
|
page read and write
|
||
|
1BC70000
|
heap
|
page read and write
|
||
|
329E000
|
trusted library allocation
|
page read and write
|
||
|
31FF000
|
trusted library allocation
|
page read and write
|
||
|
1EB60000
|
trusted library allocation
|
page read and write
|
||
|
114C000
|
heap
|
page read and write
|
||
|
328A000
|
trusted library allocation
|
page read and write
|
||
|
1B980000
|
heap
|
page execute and read and write
|
||
|
30FD000
|
trusted library allocation
|
page read and write
|
||
|
322B000
|
trusted library allocation
|
page read and write
|
||
|
31F6000
|
trusted library allocation
|
page read and write
|
||
|
1146000
|
heap
|
page read and write
|
||
|
317A000
|
trusted library allocation
|
page read and write
|
||
|
3178000
|
trusted library allocation
|
page read and write
|
||
|
1172000
|
heap
|
page read and write
|
||
|
31A9000
|
trusted library allocation
|
page read and write
|
||
|
30BB000
|
trusted library allocation
|
page read and write
|
||
|
30AA000
|
trusted library allocation
|
page read and write
|
||
|
1BC80000
|
heap
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3245000
|
trusted library allocation
|
page read and write
|
||
|
30BD000
|
trusted library allocation
|
page read and write
|
||
|
D42000
|
stack
|
page read and write
|
||
|
3271000
|
trusted library allocation
|
page read and write
|
||
|
2CB0000
|
heap
|
page read and write
|
||
|
1BB7D000
|
stack
|
page read and write
|
||
|
31AD000
|
trusted library allocation
|
page read and write
|
||
|
12EF6000
|
trusted library allocation
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
1BCD5000
|
heap
|
page read and write
|
||
|
2F99000
|
trusted library allocation
|
page read and write
|
||
|
3249000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B83C000
|
trusted library allocation
|
page execute and read and write
|
||
|
3256000
|
trusted library allocation
|
page read and write
|
||
|
2F58000
|
trusted library allocation
|
page read and write
|
||
|
32BB000
|
trusted library allocation
|
page read and write
|
||
|
1BCAC000
|
heap
|
page read and write
|
||
|
2C50000
|
heap
|
page read and write
|
||
|
3279000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7A4000
|
trusted library allocation
|
page read and write
|
||
|
30E6000
|
trusted library allocation
|
page read and write
|
||
|
3232000
|
trusted library allocation
|
page read and write
|
||
|
3201000
|
trusted library allocation
|
page read and write
|
||
|
1B804000
|
heap
|
page read and write
|
||
|
301D000
|
trusted library allocation
|
page read and write
|
||
|
1B836000
|
heap
|
page read and write
|
||
|
3288000
|
trusted library allocation
|
page read and write
|
||
|
3198000
|
trusted library allocation
|
page read and write
|
||
|
143E000
|
stack
|
page read and write
|
||
|
3088000
|
trusted library allocation
|
page read and write
|
||
|
3214000
|
trusted library allocation
|
page read and write
|
||
|
310C000
|
trusted library allocation
|
page read and write
|
||
|
325B000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page read and write
|
||
|
31CF000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
30F9000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
307D000
|
trusted library allocation
|
page read and write
|
||
|
1B7FC000
|
heap
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page read and write
|
||
|
3258000
|
trusted library allocation
|
page read and write
|
||
|
1D36E000
|
stack
|
page read and write
|
||
|
31A0000
|
trusted library allocation
|
page read and write
|
||
|
31D2000
|
trusted library allocation
|
page read and write
|
||
|
DC0000
|
heap
|
page read and write
|
||
|
11FC000
|
heap
|
page read and write
|
||
|
3128000
|
trusted library allocation
|
page read and write
|
||
|
31F4000
|
trusted library allocation
|
page read and write
|
||
|
2CA0000
|
heap
|
page read and write
|
||
|
1D46E000
|
stack
|
page read and write
|
||
|
1460000
|
heap
|
page read and write
|
||
|
3075000
|
trusted library allocation
|
page read and write
|
||
|
31DE000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B836000
|
trusted library allocation
|
page read and write
|
||
|
32AE000
|
trusted library allocation
|
page read and write
|
||
|
1B7C0000
|
heap
|
page read and write
|
||
|
31F0000
|
trusted library allocation
|
page read and write
|
||
|
30DD000
|
trusted library allocation
|
page read and write
|
||
|
117F000
|
heap
|
page read and write
|
||
|
B80000
|
unkown
|
page readonly
|
||
|
318D000
|
trusted library allocation
|
page read and write
|
||
|
3216000
|
trusted library allocation
|
page read and write
|
||
|
30C0000
|
trusted library allocation
|
page read and write
|
||
|
3227000
|
trusted library allocation
|
page read and write
|
||
|
11DB000
|
heap
|
page read and write
|
||
|
3079000
|
trusted library allocation
|
page read and write
|
||
|
3236000
|
trusted library allocation
|
page read and write
|
||
|
1120000
|
trusted library allocation
|
page read and write
|
||
|
312A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page read and write
|
||
|
1BC65000
|
heap
|
page read and write
|
||
|
30EC000
|
trusted library allocation
|
page read and write
|
||
|
1B868000
|
heap
|
page read and write
|
||
|
308F000
|
trusted library allocation
|
page read and write
|
||
|
319C000
|
trusted library allocation
|
page read and write
|
||
|
1465000
|
heap
|
page read and write
|
||
|
13060000
|
trusted library allocation
|
page read and write
|
||
|
310E000
|
trusted library allocation
|
page read and write
|
||
|
1BC60000
|
heap
|
page read and write
|
||
|
7FFD9B840000
|
trusted library allocation
|
page execute and read and write
|
||
|
123E000
|
heap
|
page read and write
|
||
|
31F2000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
3212000
|
trusted library allocation
|
page read and write
|
||
|
12EF1000
|
trusted library allocation
|
page read and write
|
||
|
30A0000
|
trusted library allocation
|
page read and write
|
||
|
32A8000
|
trusted library allocation
|
page read and write
|
||
|
1CD70000
|
trusted library allocation
|
page read and write
|
||
|
30D5000
|
trusted library allocation
|
page read and write
|
||
|
32BD000
|
trusted library allocation
|
page read and write
|
||
|
3241000
|
trusted library allocation
|
page read and write
|
||
|
3247000
|
trusted library allocation
|
page read and write
|
||
|
2C53000
|
heap
|
page read and write
|
||
|
30D7000
|
trusted library allocation
|
page read and write
|
||
|
307B000
|
trusted library allocation
|
page read and write
|
||
|
30AC000
|
trusted library allocation
|
page read and write
|
||
|
116B000
|
heap
|
page read and write
|
||
|
309D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B793000
|
trusted library allocation
|
page read and write
|
||
|
2F91000
|
trusted library allocation
|
page read and write
|
||
|
1D170000
|
heap
|
page read and write
|
||
|
3003000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B80F000
|
heap
|
page read and write
|
||
|
2EF1000
|
trusted library allocation
|
page read and write
|
||
|
1BCB3000
|
heap
|
page read and write
|
||
|
3286000
|
trusted library allocation
|
page read and write
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B866000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B7F1000
|
heap
|
page read and write
|
||
|
31AF000
|
trusted library allocation
|
page read and write
|
||
|
2C80000
|
trusted library section
|
page readonly
|
||
|
31E0000
|
trusted library allocation
|
page read and write
|
||
|
3223000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B783000
|
trusted library allocation
|
page execute and read and write
|
||
|
32AA000
|
trusted library allocation
|
page read and write
|
||
|
3062000
|
trusted library allocation
|
page read and write
|
||
|
3229000
|
trusted library allocation
|
page read and write
|
||
|
11AF000
|
heap
|
page read and write
|
||
|
32D7000
|
trusted library allocation
|
page read and write
|
||
|
3077000
|
trusted library allocation
|
page read and write
|
||
|
3100000
|
trusted library allocation
|
page read and write
|
||
|
115D000
|
heap
|
page read and write
|
||
|
1CD92000
|
trusted library allocation
|
page read and write
|
||
|
308C000
|
trusted library allocation
|
page read and write
|
||
|
1B47C000
|
stack
|
page read and write
|
||
|
31C9000
|
trusted library allocation
|
page read and write
|
||
|
12EF8000
|
trusted library allocation
|
page read and write
|
||
|
3219000
|
trusted library allocation
|
page read and write
|
||
|
3097000
|
trusted library allocation
|
page read and write
|
||
|
3238000
|
trusted library allocation
|
page read and write
|
||
|
30D9000
|
trusted library allocation
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
32B7000
|
trusted library allocation
|
page read and write
|
||
|
311F000
|
trusted library allocation
|
page read and write
|
||
|
31CB000
|
trusted library allocation
|
page read and write
|
||
|
1B7DF000
|
heap
|
page read and write
|
||
|
2DE0000
|
heap
|
page read and write
|
||
|
31B2000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
3203000
|
trusted library allocation
|
page read and write
|
||
|
12EF3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B784000
|
trusted library allocation
|
page read and write
|
||
|
11B4000
|
heap
|
page read and write
|
||
|
1B7EC000
|
heap
|
page read and write
|
||
|
32D9000
|
trusted library allocation
|
page read and write
|
||
|
32CC000
|
trusted library allocation
|
page read and write
|
||
|
3112000
|
trusted library allocation
|
page read and write
|
||
|
3254000
|
trusted library allocation
|
page read and write
|
||
|
1182000
|
heap
|
page read and write
|
There are 234 hidden memdumps, click here to show them.