Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SecuriteInfo.com.Trojan.DownLoader17.1385.19058.5725.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Trojan.DownLoader17.1385.19058.5725.exe"
|
 |
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.startssl.com/policy.pdf0
|
unknown
|
||
|
http://www.startssl.com/sfsca.crt0
|
unknown
|
||
|
http://ocsp.startssl.com/sub/class2/code/ca0
|
unknown
|
||
|
http://www.startssl.com/intermediate.pdf0
|
unknown
|
||
|
http://aia.startssl.com/certs/sub.class2.code.ca.crt0#
|
unknown
|
||
|
http://www.startssl.com/0
|
unknown
|
||
|
http://crl.thawte.com/ThawteTimestampingCA.crl0
|
unknown
|
||
|
http://www.startssl.com/sfsca.crl0
|
unknown
|
||
|
http://crl.startssl.com/crtc2-crl.crl0
|
unknown
|
||
|
http://www.startssl.com/policy.pdf04
|
unknown
|
||
|
http://ocsp.thawte.com0
|
unknown
|
||
|
http://crl.startssl.com/sfsca.crl0
|
unknown
|
There are 2 hidden URLs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
800000
|
heap
|
page read and write
|
||
|
1B524000
|
heap
|
page read and write
|
||
|
ACF000
|
stack
|
page read and write
|
||
|
82C000
|
heap
|
page read and write
|
||
|
7FFE186E0000
|
trusted library allocation
|
page read and write
|
||
|
7C5000
|
heap
|
page read and write
|
||
|
785000
|
heap
|
page read and write
|
||
|
1CD8E000
|
trusted library allocation
|
page read and write
|
||
|
80C000
|
heap
|
page read and write
|
||
|
1B370000
|
heap
|
page read and write
|
||
|
896000
|
heap
|
page read and write
|
||
|
3A8000
|
unkown
|
page readonly
|
||
|
1C98E000
|
stack
|
page read and write
|
||
|
D5A000
|
trusted library allocation
|
page read and write
|
||
|
7FFE186EA000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF4BB100000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B540000
|
heap
|
page read and write
|
||
|
7FF4BB110000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFE186DA000
|
trusted library allocation
|
page execute and read and write
|
||
|
D80000
|
trusted library allocation
|
page read and write
|
||
|
7FFE186F0000
|
trusted library allocation
|
page read and write
|
||
|
3A0000
|
unkown
|
page readonly
|
||
|
3A0000
|
unkown
|
page readonly
|
||
|
8AF000
|
heap
|
page read and write
|
||
|
1B47D000
|
stack
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
129E1000
|
trusted library allocation
|
page read and write
|
||
|
7FFE1879A000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFE187A0000
|
trusted library allocation
|
page read and write
|
||
|
83A000
|
heap
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
7FFE18870000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFE186E2000
|
trusted library allocation
|
page execute and read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
1CD80000
|
trusted library allocation
|
page read and write
|
||
|
760000
|
heap
|
page read and write
|
||
|
1CE10000
|
heap
|
page read and write
|
||
|
7FFE187A5000
|
trusted library allocation
|
page read and write
|
||
|
1CD82000
|
trusted library allocation
|
page read and write
|
||
|
1CE1E000
|
heap
|
page read and write
|
||
|
1B530000
|
heap
|
page read and write
|
||
|
1CD8A000
|
trusted library allocation
|
page read and write
|
||
|
129E7000
|
trusted library allocation
|
page read and write
|
||
|
DF3000
|
heap
|
page read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
1CA8E000
|
stack
|
page read and write
|
||
|
D54000
|
trusted library allocation
|
page read and write
|
||
|
269E000
|
stack
|
page read and write
|
||
|
1B330000
|
heap
|
page read and write
|
||
|
6F4000
|
stack
|
page read and write
|
||
|
1B520000
|
heap
|
page read and write
|
||
|
1B350000
|
trusted library section
|
page readonly
|
||
|
7FFE186D2000
|
trusted library allocation
|
page execute and read and write
|
||
|
1CD70000
|
trusted library allocation
|
page read and write
|
||
|
D8A000
|
trusted library allocation
|
page read and write
|
||
|
D60000
|
trusted library allocation
|
page read and write
|
||
|
831000
|
heap
|
page read and write
|
||
|
7FFE187D2000
|
trusted library allocation
|
page execute and read and write
|
||
|
BCE000
|
stack
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
1C630000
|
heap
|
page read and write
|
||
|
7FFE18792000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B2BD000
|
stack
|
page read and write
|
||
|
29E1000
|
trusted library allocation
|
page read and write
|
||
|
1CD20000
|
heap
|
page execute and read and write
|
||
|
7FFE18812000
|
trusted library allocation
|
page read and write
|
||
|
129E3000
|
trusted library allocation
|
page read and write
|
||
|
8A3000
|
heap
|
page read and write
|
||
|
7FFE186FF000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFE18820000
|
trusted library allocation
|
page execute and read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
7FFE187AA000
|
trusted library allocation
|
page execute and read and write
|
||
|
20000
|
trusted library allocation
|
page read and write
|
||
|
1CD84000
|
trusted library allocation
|
page read and write
|
||
|
D50000
|
trusted library allocation
|
page read and write
|
||
|
806000
|
heap
|
page read and write
|
||
|
2A42000
|
trusted library allocation
|
page read and write
|
||
|
7FFE18703000
|
trusted library allocation
|
page execute and read and write
|
||
|
CCF000
|
stack
|
page read and write
|
||
|
8A5000
|
heap
|
page read and write
|
||
|
D33000
|
heap
|
page execute and read and write
|
||
|
3A2000
|
unkown
|
page readonly
|
||
|
7FFE187AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFE18734000
|
trusted library allocation
|
page execute and read and write
|
||
|
82F000
|
heap
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
7FFE18860000
|
trusted library allocation
|
page execute and read and write
|
||
|
1CD40000
|
heap
|
page read and write
|
||
|
129E5000
|
trusted library allocation
|
page read and write
|
||
|
1C88E000
|
stack
|
page read and write
|
||
|
1B373000
|
heap
|
page read and write
|
||
|
DF6000
|
heap
|
page read and write
|
||
|
826000
|
heap
|
page read and write
|
||
|
D30000
|
heap
|
page execute and read and write
|
There are 84 hidden memdumps, click here to show them.