Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
java.exe
|
PE32+ executable (console) x86-64, for MS Windows
|
initial sample
|
||
\Device\ConDrv
|
ASCII text
|
dropped
|
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Users\user\Desktop\java.exe
|
"C:\Users\user\Desktop\java.exe"
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://www.anquanke.com/post/id/239865
|
unknown
|
||
https://mp.weixin.qq.com/s/XEnjVwb9I0GPG9RG-v7lHQname:
|
unknown
|
||
https://phishingkittracker.blogspot.com/2019/08/userphp-ecshop-sql-injection-2017.html
|
unknown
|
||
https://docs.min.io/cn/
|
unknown
|
||
http://wiki.peiqi.tech/wiki/oa/%E9%80%9A%E8%BE%BEOA/%E9%80%9A%E8%BE%BEOA%20v11.7%20auth_mobi.php%20%
|
unknown
|
||
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3019
|
unknown
|
||
https://github.com/jweny)
|
unknown
|
||
https://www.seebug.org/vuldb/ssvid-97265
|
unknown
|
||
https://www.seebug.org/vuldb/ssvid-97267
|
unknown
|
||
https://github.com/vulhub/vulhub/tree/master/couchdb/CVE-2017-12635
|
unknown
|
||
https://nvd.nist.gov/vuln/detail/CVE-2020-27986
|
unknown
|
||
https://www.seebug.org/vuldb/ssvid-97266
|
unknown
|
||
https://github.com/jas502n/CVE-2019-6340
|
unknown
|
||
https://www.oracle.com/security-alerts/alert-cve-2020-14750.html
|
unknown
|
||
https://www.seebug.org/vuldb/ssvid-97268
|
unknown
|
||
https://github.com/JrDw0/)
|
unknown
|
||
https://blog.csdn.net/fnmsd/article/details/88657083
|
unknown
|
||
https://www.cnvd.org.cn/flaw/show/CNVD-2021-34568
|
unknown
|
||
https://github.com/2357000166)
|
unknown
|
||
https://github.com/whami-root)
|
unknown
|
||
https://github.com/neverendxxxxxx)
|
unknown
|
||
https://wooyun.x10sec.org/static/bugs/wooyun-2015-0148227.html
|
unknown
|
||
https://s.tencent.com/research/bsafe/1228.html
|
unknown
|
||
https://github.com/Print1n)
|
unknown
|
||
https://www.zabbix.com/documentation/3.4/zh/manual/quickstart/login
|
unknown
|
||
https://yun.scdsjzx.cn/system/notice/detail/399d2dd0-94aa-4914-a8f6-e71f8dc8ac87
|
unknown
|
||
http://www.wujunjie.net/index.php/2015/08/02/%E6%96%B9%E7%BB%B4%E5%9B%A2%E8%B4%AD4-3%E6%9C%80%E6%96%
|
unknown
|
||
https://yq.aliyun.com/articles/616757
|
unknown
|
||
https://github.com/PR3R00T/CVE-2020-8193-Citrix-Scanner/blob/master/scanner.py
|
unknown
|
||
https://github.com/Sup3rm4nx0x)
|
unknown
|
||
https://mp.weixin.qq.com/s/g4YNI6UBqIQcKL0TRkKWlw
|
unknown
|
||
https://github.com/CouchCMS/CouchCMS/issues/46
|
unknown
|
||
https://github.com/kzaopa)
|
unknown
|
||
https://www.ohlinge.cn)
|
unknown
|
||
https://blog.csdn.net/dfdhxb995397/article/details/101385340
|
unknown
|
||
https://hub.docker.com/r/petergrace/opentsdb-docker
|
unknown
|
||
https://cert.360.cn/warning/detail?id=fba518d5fc5c4ed4ebedff1dab24caf2
|
unknown
|
||
https://blog.csdn.net/zy15667076526/article/details/111413979
|
unknown
|
||
http://wx.weaver)(
|
unknown
|
||
https://www.twilio.com/blog/2017/08/http-requests-in-node-js.htmlname:
|
unknown
|
||
https://s1xhcl.github.io/2021/03/13/%E9%80%9A%E8%BE%BEOA-v11-7-%E5%9C%A8%E7%BA%BF%E7%94%A8%E6%88%B7%
|
unknown
|
||
https://xz.aliyun.com/t/5299
|
unknown
|
||
https://github.com/goharbor/harbor/issues/8951
|
unknown
|
||
https://www.cnblogs.com/-mo-/p/11295400.html
|
unknown
|
||
https://github.com/Loneyers/vuldocker/tree/master/next.js
|
unknown
|
||
https://mp.weixin.qq.com/s/KgAaFRKarMdycYzETyKS8A
|
unknown
|
||
https://github.com/WhiteHSBG)
|
unknown
|
||
http://wiki.peiqi.tech/PeiQi_Wiki/%E7%BD%91%E7%BB%9C%E8%AE%BE%E5%A4%87%E6%BC%8F%E6%B4%9E/%E4%B8%89%E
|
unknown
|
||
https://github.com/shadown1ng)
|
unknown
|
||
https://hackfun.org/)
|
unknown
|
||
https://cloud.tencent.com/developer/article/1472550
|
unknown
|
||
https://mp.weixin.qq.com/s/KRGKXAJQawXl88RBPTaAeg
|
unknown
|
||
https://github.com/Sndav)
|
unknown
|
||
https://cwiki.apache.org/confluence/display/AMBARI/Quick
|
unknown
|
||
https://kb.cert.org/vuls/id/843464name:
|
unknown
|
||
http://118.190.97.19:88/qingy/Web%E5%AE%89%E5%85%A8
|
unknown
|
||
https://github.com/vulhub/vulhub/tree/master/coldfusion/CVE-2010-2861name:
|
unknown
|
||
https://www.seebug.org/vuldb/ssvid-98364
|
unknown
|
||
http://wiki.peiqi.tech/PeiQi_Wiki/%E7%BD%91%E7%BB%9C%E8%AE%BE%E5%A4%87%E6%BC%8F%E6%B4%9E/%E8%BF%88%E
|
unknown
|
||
https://github.com/masahiro331/CVE-2019-10758
|
unknown
|
||
https://medium.com/
|
unknown
|
||
https://packetstormsecurity.com/files/144097/Hikvision-IP-Camera-Access-Bypass.html
|
unknown
|
||
https://github.com/vulhub/vulhub/tree/master/thinkphp/5-rcename:
|
unknown
|
||
https://github.com/rconfig/rconfig/commit/6ea92aa307e20f0918ebd18be9811e93048d5071
|
unknown
|
||
https://blog.csdn.net/ge00111/article/details/72765210name:
|
unknown
|
||
https://github.com/tangxiaofeng7)
|
unknown
|
||
https://t.co/LfvbyBUhF5
|
unknown
|
||
http://localhost/ueditor/net/controller.ashx?action=catchimage&encode=utf-8
|
unknown
|
||
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-202012-1548
|
unknown
|
||
https://www.cnblogs.com/milantgh/p/3615986.html
|
unknown
|
||
https://s.tencent.com/research/bsafe/474.htmlname:
|
unknown
|
||
https://github.com/vulhub/vulhub/tree/master/solr/CVE-2019-0193
|
unknown
|
||
https://xz.aliyun.com/t/7219
|
unknown
|
||
https://mp.weixin.qq.com/s?__biz=Mzg3NDU2MTg0Ng==&mid=2247486018&idx=1&sn=d744907475a4ea9ebeb26338c7
|
unknown
|
||
https://github.com/YMFE/yapi/issues/2229
|
unknown
|
||
https://github.com/vulhub/vulhub/tree/master/spark/unaccAn
|
unknown
|
||
https://www.tenable.com/cve/CVE-2020-14181
|
unknown
|
||
https://github.com/ThestaRY7/)
|
unknown
|
||
https://github.com/notwhy)
|
unknown
|
||
https://nifi.apache.org/docs/nifi-docs/rest-api/index.html
|
unknown
|
||
http://www.polaris-lab.com/index.php/archives/253/
|
unknown
|
||
https://github.com/PickledFish)
|
unknown
|
||
http://api.ceye.io/v1/records?token=%s&type=dns&filter=%sssh:
|
unknown
|
||
https://www.t00ls.net/articles-54436.html
|
unknown
|
||
https://github.com/whami-rootname:
|
unknown
|
||
http://www.baidu.com/search/error.html
|
unknown
|
||
https://github.com/vulhub/vulhub/tree/master/discuz/wooyun-2010-080723
|
unknown
|
||
https://www.secpulse.com/archives/496.htmlname:
|
unknown
|
||
https://github.com/Mr-xn/spring-core-rce
|
unknown
|
||
https://github.com/FiveAourThe)
|
unknown
|
||
https://y4er.com/post/metinfo7-sql-tips/#sql-injection-2name:
|
unknown
|
||
https://nvd.nist.gov/vuln/detail/CVE-2018-17246
|
unknown
|
||
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10738
|
unknown
|
||
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10736
|
unknown
|
||
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10737
|
unknown
|
||
https://github.com/vulhub/vulhub/blob/master/ecshop/xianzhi-2017-02-82239600/README.zh-cn.md
|
unknown
|
||
https://www.cnblogs.com/xiexiandong/p/12888582.html
|
unknown
|
||
https://github.com/vulhub/vulhub/tree/master/drupal/CVE-2014-3704name:
|
unknown
|
||
https://github.com/B1anda0)
|
unknown
|
||
https://github.com/hackgov)
|
unknown
|
There are 90 hidden URLs, click here to show them.
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
C000076000
|
direct allocation
|
page read and write
|
||
C000321000
|
direct allocation
|
page read and write
|
||
1C98000
|
unkown
|
page readonly
|
||
20E6000
|
unkown
|
page readonly
|
||
1495000
|
unkown
|
page readonly
|
||
C000474000
|
direct allocation
|
page read and write
|
||
C000078000
|
direct allocation
|
page read and write
|
||
C000072000
|
direct allocation
|
page read and write
|
||
C0003A8000
|
direct allocation
|
page read and write
|
||
C000376000
|
direct allocation
|
page read and write
|
||
1A7A000
|
unkown
|
page read and write
|
||
1A7E000
|
unkown
|
page read and write
|
||
192837F4000
|
direct allocation
|
page read and write
|
||
C0002A4000
|
direct allocation
|
page read and write
|
||
C00047A000
|
direct allocation
|
page read and write
|
||
C000300000
|
direct allocation
|
page read and write
|
||
C000476000
|
direct allocation
|
page read and write
|
||
C00013C000
|
direct allocation
|
page read and write
|
||
C000100000
|
direct allocation
|
page read and write
|
||
C00036F000
|
direct allocation
|
page read and write
|
||
C000470000
|
direct allocation
|
page read and write
|
||
192836CC000
|
heap
|
page read and write
|
||
C000030000
|
direct allocation
|
page read and write
|
||
C000310000
|
direct allocation
|
page read and write
|
||
192837F0000
|
direct allocation
|
page read and write
|
||
C000478000
|
direct allocation
|
page read and write
|
||
C0003B6000
|
direct allocation
|
page read and write
|
||
C0002E4000
|
direct allocation
|
page read and write
|
||
C000006000
|
direct allocation
|
page read and write
|
||
C000032000
|
direct allocation
|
page read and write
|
||
311000
|
unkown
|
page execute read
|
||
20E5000
|
unkown
|
page write copy
|
||
C00030E000
|
direct allocation
|
page read and write
|
||
C0002BC000
|
direct allocation
|
page read and write
|
||
C0002F8000
|
direct allocation
|
page read and write
|
||
20E6000
|
unkown
|
page readonly
|
||
AE0000
|
unkown
|
page readonly
|
||
C00037A000
|
direct allocation
|
page read and write
|
||
C00005C000
|
direct allocation
|
page read and write
|
||
19283970000
|
heap
|
page read and write
|
||
C0003BE000
|
direct allocation
|
page read and write
|
||
C000008000
|
direct allocation
|
page read and write
|
||
192C8AE8000
|
direct allocation
|
page read and write
|
||
1A78000
|
unkown
|
page write copy
|
||
1A77000
|
unkown
|
page read and write
|
||
19283975000
|
heap
|
page read and write
|
||
C000484000
|
direct allocation
|
page read and write
|
||
C00002C000
|
direct allocation
|
page read and write
|
||
C0002E6000
|
direct allocation
|
page read and write
|
||
192835C0000
|
heap
|
page read and write
|
||
C00003A000
|
direct allocation
|
page read and write
|
||
5C9ABFE000
|
stack
|
page read and write
|
||
1C98000
|
unkown
|
page readonly
|
||
C0002E2000
|
direct allocation
|
page read and write
|
||
C0002C2000
|
direct allocation
|
page read and write
|
||
192C8B30000
|
direct allocation
|
page read and write
|
||
192837F9000
|
direct allocation
|
page read and write
|
||
C0003BA000
|
direct allocation
|
page read and write
|
||
C000038000
|
direct allocation
|
page read and write
|
||
C000034000
|
direct allocation
|
page read and write
|
||
C000000000
|
direct allocation
|
page read and write
|
||
1AD6000
|
unkown
|
page read and write
|
||
C000332000
|
direct allocation
|
page read and write
|
||
C000356000
|
direct allocation
|
page read and write
|
||
19283960000
|
direct allocation
|
page read and write
|
||
1495000
|
unkown
|
page readonly
|
||
C000070000
|
direct allocation
|
page read and write
|
||
20E5000
|
unkown
|
page write copy
|
||
1A6F000
|
unkown
|
page read and write
|
||
C0002C6000
|
direct allocation
|
page read and write
|
||
C000312000
|
direct allocation
|
page read and write
|
||
C0003A6000
|
direct allocation
|
page read and write
|
||
C000396000
|
direct allocation
|
page read and write
|
||
C000372000
|
direct allocation
|
page read and write
|
||
AE0000
|
unkown
|
page readonly
|
||
C000398000
|
direct allocation
|
page read and write
|
||
1A6B000
|
unkown
|
page write copy
|
||
192C8AEB000
|
direct allocation
|
page read and write
|
||
C00032C000
|
direct allocation
|
page read and write
|
||
C00001A000
|
direct allocation
|
page read and write
|
||
C000050000
|
direct allocation
|
page read and write
|
||
310000
|
unkown
|
page readonly
|
||
5C9A1FF000
|
stack
|
page read and write
|
||
C000326000
|
direct allocation
|
page read and write
|
||
1C4A000
|
unkown
|
page readonly
|
||
C0003A2000
|
direct allocation
|
page read and write
|
||
C0002C8000
|
direct allocation
|
page read and write
|
||
1AA8000
|
unkown
|
page read and write
|
||
1A0B000
|
unkown
|
page read and write
|
||
1A0C000
|
unkown
|
page write copy
|
||
1A4E000
|
unkown
|
page write copy
|
||
C00047E000
|
direct allocation
|
page read and write
|
||
5C9A3FF000
|
stack
|
page read and write
|
||
C000360000
|
direct allocation
|
page read and write
|
||
C00033A000
|
direct allocation
|
page read and write
|
||
1A00000
|
unkown
|
page read and write
|
||
C000472000
|
direct allocation
|
page read and write
|
||
C000336000
|
direct allocation
|
page read and write
|
||
C000480000
|
direct allocation
|
page read and write
|
||
192836D8000
|
heap
|
page read and write
|
||
5C9A5FE000
|
stack
|
page read and write
|
||
C00022C000
|
direct allocation
|
page read and write
|
||
1C4A000
|
unkown
|
page readonly
|
||
192C8AA3000
|
direct allocation
|
page read and write
|
||
C000047000
|
direct allocation
|
page read and write
|
||
C000065000
|
direct allocation
|
page read and write
|
||
1053000
|
unkown
|
page readonly
|
||
311000
|
unkown
|
page execute read
|
||
C000392000
|
direct allocation
|
page read and write
|
||
192836C0000
|
heap
|
page read and write
|
||
5C9A7FE000
|
stack
|
page read and write
|
||
1A00000
|
unkown
|
page write copy
|
||
C0002D6000
|
direct allocation
|
page read and write
|
||
C00047C000
|
direct allocation
|
page read and write
|
||
311000
|
unkown
|
page execute read
|
||
1A4E000
|
unkown
|
page write copy
|
||
C000045000
|
direct allocation
|
page read and write
|
||
1A58000
|
unkown
|
page read and write
|
||
1A7C000
|
unkown
|
page write copy
|
||
1A07000
|
unkown
|
page write copy
|
||
C0003A0000
|
direct allocation
|
page read and write
|
||
C00004B000
|
direct allocation
|
page read and write
|
||
C000482000
|
direct allocation
|
page read and write
|
||
C000067000
|
direct allocation
|
page read and write
|
||
1AE5000
|
unkown
|
page readonly
|
||
5C9A9FF000
|
stack
|
page read and write
|
||
19283950000
|
direct allocation
|
page read and write
|
||
C000374000
|
direct allocation
|
page read and write
|
||
C000354000
|
direct allocation
|
page read and write
|
||
C000055000
|
direct allocation
|
page read and write
|
||
C000002000
|
direct allocation
|
page read and write
|
||
310000
|
unkown
|
page readonly
|
||
AE0000
|
unkown
|
page readonly
|
||
1AE5000
|
unkown
|
page readonly
|
||
C0003B8000
|
direct allocation
|
page read and write
|
||
5C99FFD000
|
stack
|
page read and write
|
||
192C8A80000
|
direct allocation
|
page read and write
|
||
1AAE000
|
unkown
|
page read and write
|
||
C00035A000
|
direct allocation
|
page read and write
|
||
1A73000
|
unkown
|
page write copy
|
||
C000036000
|
direct allocation
|
page read and write
|
||
C000057000
|
direct allocation
|
page read and write
|
||
C00039C000
|
direct allocation
|
page read and write
|
||
C00005A000
|
direct allocation
|
page read and write
|
||
1053000
|
unkown
|
page readonly
|
||
C000343000
|
direct allocation
|
page read and write
|
||
192837C0000
|
heap
|
page read and write
|
||
C00037C000
|
direct allocation
|
page read and write
|
||
C000074000
|
direct allocation
|
page read and write
|
||
C0003BC000
|
direct allocation
|
page read and write
|
||
1A06000
|
unkown
|
page read and write
|
||
1928395A000
|
direct allocation
|
page read and write
|
||
1A05000
|
unkown
|
page write copy
|
||
C0002F6000
|
direct allocation
|
page read and write
|
||
C00000A000
|
direct allocation
|
page read and write
|
||
C0003C2000
|
direct allocation
|
page read and write
|
||
192836A0000
|
heap
|
page read and write
|
||
C0002FA000
|
direct allocation
|
page read and write
|
There are 148 hidden memdumps, click here to show them.