Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
MicrosoftEdgeUpdate.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
||
|
C:\Users\user\AppData\Local\D3DSCache\e8010882af4f153f\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
|
ASCII text, with no line terminators
|
modified
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\Taskmgr.exe
|
"C:\Windows\system32\taskmgr.exe" /4
|
 |
|
|
C:\Windows\System32\Taskmgr.exe
|
"C:\Windows\system32\taskmgr.exe" /4
|
|
|
|
C:\Users\user\Desktop\MicrosoftEdgeUpdate.exe
|
"C:\Users\user\Desktop\MicrosoftEdgeUpdate.exe"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://go.m
|
unknown
|
||
|
http://go.microsPk
|
unknown
|
||
|
http://go.microsoft.co
|
unknown
|
||
|
http://go.microsoft.c
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\TaskManager
|
UseStatusSetting
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\TaskManager
|
Preferences
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1210000
|
heap
|
page read and write
|
||
|
1C7EFB55000
|
heap
|
page read and write
|
||
|
1C7EF940000
|
heap
|
page read and write
|
||
|
1C7EF93C000
|
heap
|
page read and write
|
||
|
1C7EFA88000
|
heap
|
page read and write
|
||
|
1C7EF86F000
|
heap
|
page read and write
|
||
|
1C7EFC12000
|
heap
|
page read and write
|
||
|
1C7EBCE3000
|
heap
|
page read and write
|
||
|
4BA000
|
unkown
|
page write copy
|
||
|
1C7F0620000
|
heap
|
page read and write
|
||
|
1C7EFB9B000
|
heap
|
page read and write
|
||
|
84CE5FE000
|
stack
|
page read and write
|
||
|
1C7EFD01000
|
heap
|
page read and write
|
||
|
1C7EF860000
|
heap
|
page read and write
|
||
|
1C7EFC23000
|
heap
|
page read and write
|
||
|
1C7EF902000
|
heap
|
page read and write
|
||
|
1C7EFEF0000
|
trusted library section
|
page read and write
|
||
|
FAD000
|
stack
|
page read and write
|
||
|
1C7EF935000
|
heap
|
page read and write
|
||
|
1C7EFC27000
|
heap
|
page read and write
|
||
|
13C0000
|
heap
|
page read and write
|
||
|
1C7EF980000
|
heap
|
page read and write
|
||
|
1C7EF953000
|
heap
|
page read and write
|
||
|
1C7EFB80000
|
heap
|
page read and write
|
||
|
1C7EFB8B000
|
heap
|
page read and write
|
||
|
13C8000
|
heap
|
page read and write
|
||
|
1C7EBAF6000
|
heap
|
page read and write
|
||
|
1C7EFBE3000
|
heap
|
page read and write
|
||
|
1C7EFBA5000
|
heap
|
page read and write
|
||
|
1C7EBD00000
|
heap
|
page read and write
|
||
|
1C7EF8E7000
|
heap
|
page read and write
|
||
|
1C7EFD3A000
|
heap
|
page read and write
|
||
|
1C7EBAEA000
|
heap
|
page read and write
|
||
|
1C7F089C000
|
heap
|
page read and write
|
||
|
1C7EFBA8000
|
heap
|
page read and write
|
||
|
1C7EFBB8000
|
heap
|
page read and write
|
||
|
1C7EFB74000
|
heap
|
page read and write
|
||
|
1C7EFB94000
|
heap
|
page read and write
|
||
|
84CE7FD000
|
stack
|
page read and write
|
||
|
1C7EFB33000
|
heap
|
page read and write
|
||
|
1C7EF938000
|
heap
|
page read and write
|
||
|
1C7EFC1E000
|
heap
|
page read and write
|
||
|
1C7EFD3C000
|
heap
|
page read and write
|
||
|
1C7EF92D000
|
heap
|
page read and write
|
||
|
1C7EBA80000
|
heap
|
page read and write
|
||
|
1C7EBD7B000
|
heap
|
page read and write
|
||
|
1C7EF5EC000
|
heap
|
page read and write
|
||
|
1C7EFC1F000
|
heap
|
page read and write
|
||
|
1C7EFBB8000
|
heap
|
page read and write
|
||
|
16FE000
|
stack
|
page read and write
|
||
|
1C7EFBD0000
|
heap
|
page read and write
|
||
|
1C7F090F000
|
heap
|
page read and write
|
||
|
1C7EFA9B000
|
heap
|
page read and write
|
||
|
1C7F0E27000
|
heap
|
page read and write
|
||
|
1C7EF912000
|
heap
|
page read and write
|
||
|
1C7EFC09000
|
heap
|
page read and write
|
||
|
1C7EFBE6000
|
heap
|
page read and write
|
||
|
1C7EF8A5000
|
heap
|
page read and write
|
||
|
1C7EFB46000
|
heap
|
page read and write
|
||
|
1C7EF93A000
|
heap
|
page read and write
|
||
|
1C7EFB8B000
|
heap
|
page read and write
|
||
|
136E000
|
stack
|
page read and write
|
||
|
1C7EBB1D000
|
heap
|
page read and write
|
||
|
1C7EFB3E000
|
heap
|
page read and write
|
||
|
1C7EFBE3000
|
heap
|
page read and write
|
||
|
1C7EFB49000
|
heap
|
page read and write
|
||
|
1C7F0188000
|
heap
|
page read and write
|
||
|
1C7EFBD5000
|
heap
|
page read and write
|
||
|
1C7EFBBC000
|
heap
|
page read and write
|
||
|
1C7EFB98000
|
heap
|
page read and write
|
||
|
4BC000
|
unkown
|
page readonly
|
||
|
1C7EFB84000
|
heap
|
page read and write
|
||
|
1C7EF952000
|
heap
|
page read and write
|
||
|
1C7EBADC000
|
heap
|
page read and write
|
||
|
4A0000
|
unkown
|
page readonly
|
||
|
84CE8FF000
|
stack
|
page read and write
|
||
|
1C7EFBAC000
|
heap
|
page read and write
|
||
|
1C7EBD70000
|
heap
|
page read and write
|
||
|
84CE77E000
|
stack
|
page read and write
|
||
|
1C7EFB4E000
|
heap
|
page read and write
|
||
|
1C7F0185000
|
heap
|
page read and write
|
||
|
1C7EFBAC000
|
heap
|
page read and write
|
||
|
1C7EFB1E000
|
heap
|
page read and write
|
||
|
1C7F07BB000
|
heap
|
page read and write
|
||
|
1C7EBA50000
|
heap
|
page read and write
|
||
|
1C7EFB5B000
|
heap
|
page read and write
|
||
|
84CE3FE000
|
stack
|
page read and write
|
||
|
1C7EF8E3000
|
heap
|
page read and write
|
||
|
84CE37A000
|
stack
|
page read and write
|
||
|
1C7EFC43000
|
heap
|
page read and write
|
||
|
1C7EBB68000
|
heap
|
page read and write
|
||
|
1C7EBAA0000
|
heap
|
page read and write
|
||
|
1C7EFB5D000
|
heap
|
page read and write
|
||
|
1C7EF8DB000
|
heap
|
page read and write
|
||
|
1C7EFB84000
|
heap
|
page read and write
|
||
|
1C7EFBE3000
|
heap
|
page read and write
|
||
|
84CEA78000
|
stack
|
page read and write
|
||
|
1C7EFB9D000
|
heap
|
page read and write
|
||
|
1C7EF8FA000
|
heap
|
page read and write
|
||
|
1C7EFB8E000
|
heap
|
page read and write
|
||
|
1C7EFB97000
|
heap
|
page read and write
|
||
|
1C7EFAA0000
|
heap
|
page read and write
|
||
|
1C7EF8F6000
|
heap
|
page read and write
|
||
|
1C7EFB3B000
|
heap
|
page read and write
|
||
|
1C7EF5D0000
|
heap
|
page read and write
|
||
|
1C7EFC0A000
|
heap
|
page read and write
|
||
|
1C7EBB14000
|
heap
|
page read and write
|
||
|
1C7EBB8F000
|
heap
|
page read and write
|
||
|
1C7F0170000
|
heap
|
page read and write
|
||
|
1C7EFBA5000
|
heap
|
page read and write
|
||
|
1C7EFB49000
|
heap
|
page read and write
|
||
|
1C7EFC19000
|
heap
|
page read and write
|
||
|
1C7F0677000
|
heap
|
page read and write
|
||
|
1C7EFD3C000
|
heap
|
page read and write
|
||
|
3140000
|
heap
|
page read and write
|
||
|
1C7EFBBA000
|
heap
|
page read and write
|
||
|
13AE000
|
stack
|
page read and write
|
||
|
1C7EFBAB000
|
heap
|
page read and write
|
||
|
1C7EBD75000
|
heap
|
page read and write
|
||
|
1C7EF95D000
|
heap
|
page read and write
|
||
|
15BD000
|
stack
|
page read and write
|
||
|
4A1000
|
unkown
|
page execute read
|
||
|
1C7EFBA9000
|
heap
|
page read and write
|
||
|
16BE000
|
stack
|
page read and write
|
||
|
17FF000
|
stack
|
page read and write
|
||
|
84CE27F000
|
stack
|
page read and write
|
||
|
1C7EFF30000
|
trusted library allocation
|
page read and write
|
||
|
1C7EFC43000
|
heap
|
page read and write
|
||
|
1C7F01C8000
|
heap
|
page read and write
|
||
|
1C7EFB2B000
|
heap
|
page read and write
|
||
|
1C7EBB21000
|
heap
|
page read and write
|
||
|
1C7EEDD0000
|
trusted library allocation
|
page read and write
|
||
|
1C7EBB16000
|
heap
|
page read and write
|
||
|
1C7EF8EF000
|
heap
|
page read and write
|
||
|
1C7EBB8D000
|
heap
|
page read and write
|
||
|
84CE87F000
|
stack
|
page read and write
|
||
|
1C7EF8FC000
|
heap
|
page read and write
|
||
|
1C7F021F000
|
heap
|
page read and write
|
||
|
1C7F0621000
|
heap
|
page read and write
|
||
|
1C7F08C6000
|
heap
|
page read and write
|
||
|
84CE578000
|
stack
|
page read and write
|
||
|
1320000
|
heap
|
page read and write
|
||
|
1C7F01E1000
|
heap
|
page read and write
|
||
|
1C7EFB28000
|
heap
|
page read and write
|
||
|
1C7F07B4000
|
heap
|
page read and write
|
||
|
1C7EFBD9000
|
heap
|
page read and write
|
||
|
1C7F07A2000
|
heap
|
page read and write
|
||
|
1C7EFCA6000
|
heap
|
page read and write
|
||
|
84CE4F9000
|
stack
|
page read and write
|
||
|
4BA000
|
unkown
|
page read and write
|
||
|
4BC000
|
unkown
|
page readonly
|
||
|
1C7EFB0A000
|
heap
|
page read and write
|
||
|
1C7EFBA5000
|
heap
|
page read and write
|
||
|
1C7EBB8A000
|
heap
|
page read and write
|
||
|
1C7EFBD9000
|
heap
|
page read and write
|
||
|
84CE67B000
|
stack
|
page read and write
|
||
|
1C7EF92D000
|
heap
|
page read and write
|
||
|
1C7EBCE0000
|
heap
|
page read and write
|
||
|
1C7EFBD0000
|
heap
|
page read and write
|
||
|
84CE47E000
|
stack
|
page read and write
|
||
|
1C7EFB84000
|
heap
|
page read and write
|
||
|
1C7F0910000
|
heap
|
page read and write
|
||
|
1C7EFBA3000
|
heap
|
page read and write
|
||
|
1C7EBB2B000
|
heap
|
page read and write
|
||
|
1C7EFCA9000
|
heap
|
page read and write
|
||
|
1C7EFBA8000
|
heap
|
page read and write
|
||
|
1C7EF956000
|
heap
|
page read and write
|
||
|
1C7EFB80000
|
heap
|
page read and write
|
||
|
1C7EFBBC000
|
heap
|
page read and write
|
||
|
1C7EFC5D000
|
heap
|
page read and write
|
||
|
1C7EF905000
|
heap
|
page read and write
|
||
|
12F0000
|
heap
|
page read and write
|
||
|
1C7EBAA7000
|
heap
|
page read and write
|
||
|
1C7EFBAF000
|
heap
|
page read and write
|
||
|
1C7EFCAA000
|
heap
|
page read and write
|
||
|
1C7F0183000
|
heap
|
page read and write
|
||
|
1C7EFC59000
|
heap
|
page read and write
|
||
|
84CE07A000
|
stack
|
page read and write
|
||
|
1C7EBB2E000
|
heap
|
page read and write
|
||
|
1C7EFBD0000
|
heap
|
page read and write
|
||
|
1C7EFB0D000
|
heap
|
page read and write
|
||
|
1C7EFB22000
|
heap
|
page read and write
|
||
|
1C7EFB6C000
|
heap
|
page read and write
|
||
|
1C7F01F5000
|
heap
|
page read and write
|
||
|
1C7EFD3E000
|
heap
|
page read and write
|
||
|
1C7EFB94000
|
heap
|
page read and write
|
||
|
1C7EFC61000
|
heap
|
page read and write
|
||
|
1C7F01F8000
|
heap
|
page read and write
|
||
|
1C7EBA40000
|
heap
|
page read and write
|
||
|
1C7EFB1E000
|
heap
|
page read and write
|
||
|
1C7EFBE6000
|
heap
|
page read and write
|
||
|
1C7EFC62000
|
heap
|
page read and write
|
||
|
1C7EFAA7000
|
heap
|
page read and write
|
||
|
1C7EF8AB000
|
heap
|
page read and write
|
||
|
1C7EFBBE000
|
heap
|
page read and write
|
||
|
84CE97F000
|
stack
|
page read and write
|
||
|
1C7EBAD8000
|
heap
|
page read and write
|
||
|
EAC000
|
stack
|
page read and write
|
||
|
1C7EFB97000
|
heap
|
page read and write
|
||
|
1C7EFB74000
|
heap
|
page read and write
|
||
|
1C7EF8F4000
|
heap
|
page read and write
|
||
|
1C7F0852000
|
heap
|
page read and write
|
||
|
1C7EBB1F000
|
heap
|
page read and write
|
||
|
1C7F090A000
|
heap
|
page read and write
|
||
|
1C7F017E000
|
heap
|
page read and write
|
||
|
1C7EFC23000
|
heap
|
page read and write
|
||
|
1C7F06A4000
|
heap
|
page read and write
|
||
|
1C7EBB19000
|
heap
|
page read and write
|
||
|
84CE2FB000
|
stack
|
page read and write
|
||
|
1C7EFC21000
|
heap
|
page read and write
|
||
|
1C7EFB6E000
|
heap
|
page read and write
|
||
|
1C7EBAF3000
|
heap
|
page read and write
|
There are 202 hidden memdumps, click here to show them.