Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
MicrosoftEdgeUpdate.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
||
|
C:\Users\user\AppData\Local\D3DSCache\e8010882af4f153f\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
|
ASCII text, with no line terminators
|
modified
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\Taskmgr.exe
|
"C:\Windows\system32\taskmgr.exe" /4
|
 |
|
|
C:\Windows\System32\Taskmgr.exe
|
"C:\Windows\system32\taskmgr.exe" /4
|
|
|
|
C:\Users\user\Desktop\MicrosoftEdgeUpdate.exe
|
"C:\Users\user\Desktop\MicrosoftEdgeUpdate.exe"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://go.microsoft.VMq
|
unknown
|
||
|
http://go.microsoft.fMa
|
unknown
|
||
|
http://go.microsoft.c
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\TaskManager
|
UseStatusSetting
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\TaskManager
|
Preferences
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2556399C000
|
heap
|
page read and write
|
||
|
25564053000
|
heap
|
page read and write
|
||
|
255639B4000
|
heap
|
page read and write
|
||
|
255638C8000
|
heap
|
page read and write
|
||
|
25563859000
|
heap
|
page read and write
|
||
|
25563F6F000
|
heap
|
page read and write
|
||
|
2556400F000
|
heap
|
page read and write
|
||
|
25563926000
|
heap
|
page read and write
|
||
|
D25FAFF000
|
stack
|
page read and write
|
||
|
2555F201000
|
heap
|
page read and write
|
||
|
2555F1B5000
|
heap
|
page read and write
|
||
|
2556406A000
|
heap
|
page read and write
|
||
|
2555F24C000
|
heap
|
page read and write
|
||
|
2556384B000
|
heap
|
page read and write
|
||
|
25563877000
|
heap
|
page read and write
|
||
|
2555F1D3000
|
heap
|
page read and write
|
||
|
25563864000
|
heap
|
page read and write
|
||
|
11A0000
|
heap
|
page read and write
|
||
|
25563F0B000
|
heap
|
page read and write
|
||
|
25563EE6000
|
heap
|
page read and write
|
||
|
2555F1FB000
|
heap
|
page read and write
|
||
|
25564017000
|
heap
|
page read and write
|
||
|
D25F67A000
|
stack
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
25564057000
|
heap
|
page read and write
|
||
|
25563F02000
|
heap
|
page read and write
|
||
|
25564045000
|
heap
|
page read and write
|
||
|
255633BA000
|
heap
|
page read and write
|
||
|
255638FE000
|
heap
|
page read and write
|
||
|
2555F1D6000
|
heap
|
page read and write
|
||
|
255639F5000
|
heap
|
page read and write
|
||
|
25564007000
|
heap
|
page read and write
|
||
|
2556388D000
|
heap
|
page read and write
|
||
|
2556387A000
|
heap
|
page read and write
|
||
|
D25FDFF000
|
stack
|
page read and write
|
||
|
255638E9000
|
heap
|
page read and write
|
||
|
2555F150000
|
heap
|
page read and write
|
||
|
255639E7000
|
heap
|
page read and write
|
||
|
2556386A000
|
heap
|
page read and write
|
||
|
25563A1D000
|
heap
|
page read and write
|
||
|
255639C9000
|
heap
|
page read and write
|
||
|
25563840000
|
heap
|
page read and write
|
||
|
255638DC000
|
heap
|
page read and write
|
||
|
25563369000
|
heap
|
page read and write
|
||
|
2555F495000
|
heap
|
page read and write
|
||
|
25563360000
|
heap
|
page read and write
|
||
|
2556419F000
|
heap
|
page read and write
|
||
|
25563F19000
|
heap
|
page read and write
|
||
|
BE9000
|
unkown
|
page write copy
|
||
|
255639FE000
|
heap
|
page read and write
|
||
|
2555F1F9000
|
heap
|
page read and write
|
||
|
255638F1000
|
heap
|
page read and write
|
||
|
255640C0000
|
heap
|
page read and write
|
||
|
D25FBFF000
|
stack
|
page read and write
|
||
|
2D10000
|
heap
|
page read and write
|
||
|
25563F00000
|
heap
|
page read and write
|
||
|
D25FA7F000
|
stack
|
page read and write
|
||
|
D25F57E000
|
stack
|
page read and write
|
||
|
25564057000
|
heap
|
page read and write
|
||
|
D25F7F9000
|
stack
|
page read and write
|
||
|
25563EF2000
|
heap
|
page read and write
|
||
|
25563F15000
|
heap
|
page read and write
|
||
|
255639C6000
|
heap
|
page read and write
|
||
|
25564037000
|
heap
|
page read and write
|
||
|
255638ED000
|
heap
|
page read and write
|
||
|
255639FC000
|
heap
|
page read and write
|
||
|
25564067000
|
heap
|
page read and write
|
||
|
2556438A000
|
heap
|
page read and write
|
||
|
2556389B000
|
heap
|
page read and write
|
||
|
BD1000
|
unkown
|
page execute read
|
||
|
25564296000
|
heap
|
page read and write
|
||
|
25563EFC000
|
heap
|
page read and write
|
||
|
2555F1F4000
|
heap
|
page read and write
|
||
|
25563375000
|
heap
|
page read and write
|
||
|
25563A20000
|
heap
|
page read and write
|
||
|
D25FC7F000
|
stack
|
page read and write
|
||
|
255640F0000
|
heap
|
page read and write
|
||
|
BD0000
|
unkown
|
page readonly
|
||
|
2556402D000
|
heap
|
page read and write
|
||
|
255638A0000
|
heap
|
page read and write
|
||
|
25563909000
|
heap
|
page read and write
|
||
|
25563F0A000
|
heap
|
page read and write
|
||
|
2555F490000
|
heap
|
page read and write
|
||
|
255643BB000
|
heap
|
page read and write
|
||
|
25563884000
|
heap
|
page read and write
|
||
|
25563EF0000
|
heap
|
page read and write
|
||
|
25563F21000
|
heap
|
page read and write
|
||
|
2555F110000
|
heap
|
page read and write
|
||
|
25563E5E000
|
heap
|
page read and write
|
||
|
2556386F000
|
heap
|
page read and write
|
||
|
25564076000
|
heap
|
page read and write
|
||
|
D25F8FE000
|
stack
|
page read and write
|
||
|
25563EF8000
|
heap
|
page read and write
|
||
|
2555F23E000
|
heap
|
page read and write
|
||
|
BE9000
|
unkown
|
page read and write
|
||
|
1120000
|
heap
|
page read and write
|
||
|
25563ED1000
|
heap
|
page read and write
|
||
|
14DF000
|
stack
|
page read and write
|
||
|
255638B7000
|
heap
|
page read and write
|
||
|
2556406D000
|
heap
|
page read and write
|
||
|
2556408B000
|
heap
|
page read and write
|
||
|
255641A2000
|
heap
|
page read and write
|
||
|
2555F1B9000
|
heap
|
page read and write
|
||
|
25563F18000
|
heap
|
page read and write
|
||
|
25563EE0000
|
heap
|
page read and write
|
||
|
13DE000
|
stack
|
page read and write
|
||
|
25563F06000
|
heap
|
page read and write
|
||
|
255643D8000
|
heap
|
page read and write
|
||
|
25564015000
|
heap
|
page read and write
|
||
|
255643AE000
|
heap
|
page read and write
|
||
|
2555F180000
|
heap
|
page read and write
|
||
|
2556396B000
|
heap
|
page read and write
|
||
|
255638E2000
|
heap
|
page read and write
|
||
|
2555F255000
|
heap
|
page read and write
|
||
|
B0C000
|
stack
|
page read and write
|
||
|
2555F3F0000
|
heap
|
page read and write
|
||
|
D25F878000
|
stack
|
page read and write
|
||
|
25563892000
|
heap
|
page read and write
|
||
|
2555F49B000
|
heap
|
page read and write
|
||
|
2556398D000
|
heap
|
page read and write
|
||
|
139F000
|
stack
|
page read and write
|
||
|
255639A8000
|
heap
|
page read and write
|
||
|
25563875000
|
heap
|
page read and write
|
||
|
255633B2000
|
heap
|
page read and write
|
||
|
D25F9FC000
|
stack
|
page read and write
|
||
|
255638F7000
|
heap
|
page read and write
|
||
|
BBE000
|
stack
|
page read and write
|
||
|
25563848000
|
heap
|
page read and write
|
||
|
116E000
|
stack
|
page read and write
|
||
|
25563898000
|
heap
|
page read and write
|
||
|
2555F20C000
|
heap
|
page read and write
|
||
|
2555F1D0000
|
heap
|
page read and write
|
||
|
25563888000
|
heap
|
page read and write
|
||
|
D25FB7F000
|
stack
|
page read and write
|
||
|
BEB000
|
unkown
|
page readonly
|
||
|
2556389E000
|
heap
|
page read and write
|
||
|
2555F1F7000
|
heap
|
page read and write
|
||
|
2555F187000
|
heap
|
page read and write
|
||
|
25563FE4000
|
heap
|
page read and write
|
||
|
25563F14000
|
heap
|
page read and write
|
||
|
25563F04000
|
heap
|
page read and write
|
||
|
255630D0000
|
heap
|
page read and write
|
||
|
255638B0000
|
heap
|
page read and write
|
||
|
2555F20A000
|
heap
|
page read and write
|
||
|
25563FC1000
|
heap
|
page read and write
|
||
|
25563ED7000
|
heap
|
page read and write
|
||
|
25564199000
|
heap
|
page read and write
|
||
|
2555F24A000
|
heap
|
page read and write
|
||
|
2556387E000
|
heap
|
page read and write
|
||
|
25560D3B000
|
heap
|
page read and write
|
||
|
25563510000
|
trusted library allocation
|
page read and write
|
||
|
2555F3C0000
|
heap
|
page read and write
|
||
|
2555F1FF000
|
heap
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
255628D0000
|
trusted library allocation
|
page read and write
|
||
|
25563867000
|
heap
|
page read and write
|
||
|
D25F10A000
|
stack
|
page read and write
|
||
|
D25FD78000
|
stack
|
page read and write
|
||
|
255639F2000
|
heap
|
page read and write
|
||
|
10FD000
|
stack
|
page read and write
|
||
|
BEB000
|
unkown
|
page readonly
|
||
|
25563F0D000
|
heap
|
page read and write
|
||
|
25564282000
|
heap
|
page read and write
|
||
|
255638F9000
|
heap
|
page read and write
|
||
|
2555F1CA000
|
heap
|
page read and write
|
||
|
25563CF0000
|
heap
|
page read and write
|
||
|
25564086000
|
heap
|
page read and write
|
||
|
25563851000
|
heap
|
page read and write
|
||
|
25563948000
|
heap
|
page read and write
|
||
|
2556426A000
|
heap
|
page read and write
|
||
|
255641B9000
|
heap
|
page read and write
|
||
|
25563A04000
|
heap
|
page read and write
|
||
|
2556434D000
|
heap
|
page read and write
|
||
|
D25F97E000
|
stack
|
page read and write
|
||
|
255638D8000
|
heap
|
page read and write
|
||
|
2556384F000
|
heap
|
page read and write
|
||
|
D25F77D000
|
stack
|
page read and write
|
||
|
2555F1BD000
|
heap
|
page read and write
|
||
|
25563845000
|
heap
|
page read and write
|
||
|
2556401B000
|
heap
|
page read and write
|
||
|
255638F7000
|
heap
|
page read and write
|
||
|
2556395E000
|
heap
|
page read and write
|
||
|
D0D000
|
stack
|
page read and write
|
||
|
2556403E000
|
heap
|
page read and write
|
||
|
2555F3F3000
|
heap
|
page read and write
|
||
|
25563991000
|
heap
|
page read and write
|
||
|
25563851000
|
heap
|
page read and write
|
||
|
11A8000
|
heap
|
page read and write
|
||
|
2556404A000
|
heap
|
page read and write
|
||
|
25564017000
|
heap
|
page read and write
|
||
|
D25F5FB000
|
stack
|
page read and write
|
||
|
25563830000
|
heap
|
page read and write
|
||
|
2556395D000
|
heap
|
page read and write
|
||
|
2556385F000
|
heap
|
page read and write
|
||
|
2555F120000
|
heap
|
page read and write
|
||
|
255635B0000
|
trusted library section
|
page read and write
|
||
|
255641FB000
|
heap
|
page read and write
|
||
|
25563A02000
|
heap
|
page read and write
|
||
|
25564197000
|
heap
|
page read and write
|
||
|
2555F1D3000
|
heap
|
page read and write
|
There are 190 hidden memdumps, click here to show them.