Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
8b1ddf6861f6e9fdd05b7e279bf0e218c41946b5162dc12d7da5cb628c98db27_dump.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Roaming\GUIVTme\GUIVTme.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\GUIVTme\GUIVTme.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
modified
|
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\8b1ddf6861f6e9fdd05b7e279bf0e218c41946b5162dc12d7da5cb628c98db27_dump.exe
|
"C:\Users\user\Desktop\8b1ddf6861f6e9fdd05b7e279bf0e218c41946b5162dc12d7da5cb628c98db27_dump.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\GUIVTme\GUIVTme.exe
|
"C:\Users\user\AppData\Roaming\GUIVTme\GUIVTme.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\GUIVTme\GUIVTme.exe
|
"C:\Users\user\AppData\Roaming\GUIVTme\GUIVTme.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://mail.unitechautomations.com
|
unknown
|
||
|
https://account.dyn.com/
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
mail.unitechautomations.com
|
192.185.129.60
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.185.129.60
|
mail.unitechautomations.com
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
GUIVTme
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2EBA000
|
trusted library allocation
|
page read and write
|
|
|
|
2EB2000
|
trusted library allocation
|
page read and write
|
|
|
|
2E61000
|
trusted library allocation
|
page read and write
|
|
|
|
3212000
|
trusted library allocation
|
page read and write
|
|
|
|
31C1000
|
trusted library allocation
|
page read and write
|
|
|
|
EA2000
|
unkown
|
page readonly
|
|
|
|
28AA000
|
trusted library allocation
|
page read and write
|
|
|
|
28A2000
|
trusted library allocation
|
page read and write
|
|
|
|
321A000
|
trusted library allocation
|
page read and write
|
|
|
|
285C000
|
trusted library allocation
|
page read and write
|
|
|
|
5CE0000
|
trusted library allocation
|
page read and write
|
||
|
1035000
|
heap
|
page read and write
|
||
|
3196000
|
trusted library allocation
|
page read and write
|
||
|
5478000
|
trusted library allocation
|
page read and write
|
||
|
116A000
|
trusted library allocation
|
page execute and read and write
|
||
|
26CE000
|
stack
|
page read and write
|
||
|
17B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
D60000
|
trusted library allocation
|
page read and write
|
||
|
53DE000
|
stack
|
page read and write
|
||
|
53DE000
|
trusted library allocation
|
page read and write
|
||
|
A73000
|
trusted library allocation
|
page execute and read and write
|
||
|
56AB000
|
trusted library allocation
|
page read and write
|
||
|
EE0000
|
heap
|
page read and write
|
||
|
53ED000
|
trusted library allocation
|
page read and write
|
||
|
1400000
|
heap
|
page read and write
|
||
|
17B4000
|
trusted library allocation
|
page read and write
|
||
|
56BE000
|
trusted library allocation
|
page read and write
|
||
|
3180000
|
trusted library allocation
|
page read and write
|
||
|
60C0000
|
heap
|
page read and write
|
||
|
3ECA000
|
trusted library allocation
|
page read and write
|
||
|
3879000
|
trusted library allocation
|
page read and write
|
||
|
17E5000
|
trusted library allocation
|
page execute and read and write
|
||
|
13AD000
|
heap
|
page read and write
|
||
|
1436000
|
heap
|
page read and write
|
||
|
5C66000
|
trusted library allocation
|
page read and write
|
||
|
69DE000
|
stack
|
page read and write
|
||
|
2851000
|
trusted library allocation
|
page read and write
|
||
|
5DD0000
|
trusted library allocation
|
page read and write
|
||
|
F7A000
|
stack
|
page read and write
|
||
|
D7B000
|
trusted library allocation
|
page execute and read and write
|
||
|
595C000
|
stack
|
page read and write
|
||
|
6112000
|
heap
|
page read and write
|
||
|
5AFE000
|
stack
|
page read and write
|
||
|
6D10000
|
trusted library allocation
|
page execute and read and write
|
||
|
53CB000
|
trusted library allocation
|
page read and write
|
||
|
64C0000
|
heap
|
page read and write
|
||
|
56BE000
|
stack
|
page read and write
|
||
|
4D76000
|
trusted library allocation
|
page read and write
|
||
|
B0A000
|
heap
|
page read and write
|
||
|
567B000
|
stack
|
page read and write
|
||
|
2D30000
|
trusted library allocation
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
3194000
|
trusted library allocation
|
page read and write
|
||
|
651E000
|
heap
|
page read and write
|
||
|
5468000
|
trusted library allocation
|
page read and write
|
||
|
17D0000
|
trusted library allocation
|
page read and write
|
||
|
52DE000
|
stack
|
page read and write
|
||
|
4D36000
|
trusted library allocation
|
page read and write
|
||
|
5DE0000
|
trusted library allocation
|
page read and write
|
||
|
1287000
|
heap
|
page read and write
|
||
|
60C8000
|
heap
|
page read and write
|
||
|
117B000
|
trusted library allocation
|
page execute and read and write
|
||
|
59E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
49EE000
|
stack
|
page read and write
|
||
|
5F7E000
|
stack
|
page read and write
|
||
|
1800000
|
trusted library allocation
|
page read and write
|
||
|
505E000
|
stack
|
page read and write
|
||
|
17D6000
|
trusted library allocation
|
page execute and read and write
|
||
|
5BFE000
|
stack
|
page read and write
|
||
|
41E9000
|
trusted library allocation
|
page read and write
|
||
|
56A4000
|
trusted library allocation
|
page read and write
|
||
|
28A0000
|
trusted library allocation
|
page read and write
|
||
|
1650000
|
trusted library allocation
|
page read and write
|
||
|
B02000
|
heap
|
page read and write
|
||
|
2EC6000
|
trusted library allocation
|
page read and write
|
||
|
621E000
|
stack
|
page read and write
|
||
|
17DA000
|
trusted library allocation
|
page execute and read and write
|
||
|
D62000
|
trusted library allocation
|
page read and write
|
||
|
6300000
|
trusted library allocation
|
page read and write
|
||
|
5DC0000
|
trusted library allocation
|
page read and write
|
||
|
67FF000
|
stack
|
page read and write
|
||
|
1150000
|
trusted library allocation
|
page read and write
|
||
|
5C80000
|
trusted library allocation
|
page execute and read and write
|
||
|
56BA000
|
trusted library allocation
|
page read and write
|
||
|
2C98000
|
trusted library allocation
|
page read and write
|
||
|
EA0000
|
unkown
|
page readonly
|
||
|
4D70000
|
trusted library allocation
|
page read and write
|
||
|
1160000
|
trusted library allocation
|
page read and write
|
||
|
2710000
|
trusted library allocation
|
page read and write
|
||
|
114D000
|
trusted library allocation
|
page execute and read and write
|
||
|
A7D000
|
trusted library allocation
|
page execute and read and write
|
||
|
E5A000
|
stack
|
page read and write
|
||
|
119E000
|
heap
|
page read and write
|
||
|
5CDD000
|
stack
|
page read and write
|
||
|
593E000
|
stack
|
page read and write
|
||
|
5C5C000
|
trusted library allocation
|
page read and write
|
||
|
62FE000
|
stack
|
page read and write
|
||
|
6102000
|
heap
|
page read and write
|
||
|
41C9000
|
trusted library allocation
|
page read and write
|
||
|
68A0000
|
heap
|
page read and write
|
||
|
5D7E000
|
stack
|
page read and write
|
||
|
1172000
|
trusted library allocation
|
page read and write
|
||
|
4D4E000
|
trusted library allocation
|
page read and write
|
||
|
3E61000
|
trusted library allocation
|
page read and write
|
||
|
D75000
|
trusted library allocation
|
page execute and read and write
|
||
|
4EC3000
|
heap
|
page read and write
|
||
|
64BE000
|
stack
|
page read and write
|
||
|
154E000
|
stack
|
page read and write
|
||
|
7EE60000
|
trusted library allocation
|
page execute and read and write
|
||
|
17D2000
|
trusted library allocation
|
page read and write
|
||
|
4D30000
|
trusted library allocation
|
page read and write
|
||
|
1328000
|
heap
|
page read and write
|
||
|
59B6000
|
trusted library allocation
|
page read and write
|
||
|
31A0000
|
heap
|
page execute and read and write
|
||
|
1213000
|
heap
|
page read and write
|
||
|
17C0000
|
trusted library allocation
|
page read and write
|
||
|
D66000
|
trusted library allocation
|
page execute and read and write
|
||
|
68DE000
|
unkown
|
page read and write
|
||
|
11D2000
|
heap
|
page read and write
|
||
|
1300000
|
heap
|
page read and write
|
||
|
B17000
|
heap
|
page read and write
|
||
|
1660000
|
trusted library allocation
|
page read and write
|
||
|
5DC7000
|
trusted library allocation
|
page read and write
|
||
|
D72000
|
trusted library allocation
|
page read and write
|
||
|
4D5D000
|
trusted library allocation
|
page read and write
|
||
|
66DE000
|
stack
|
page read and write
|
||
|
6600000
|
trusted library allocation
|
page read and write
|
||
|
A80000
|
trusted library allocation
|
page read and write
|
||
|
3851000
|
trusted library allocation
|
page read and write
|
||
|
1030000
|
heap
|
page read and write
|
||
|
2BB0000
|
trusted library allocation
|
page read and write
|
||
|
1264000
|
heap
|
page read and write
|
||
|
3210000
|
trusted library allocation
|
page read and write
|
||
|
17E7000
|
trusted library allocation
|
page execute and read and write
|
||
|
66F0000
|
trusted library allocation
|
page read and write
|
||
|
53C4000
|
trusted library allocation
|
page read and write
|
||
|
41C1000
|
trusted library allocation
|
page read and write
|
||
|
5D3E000
|
stack
|
page read and write
|
||
|
18C0000
|
heap
|
page read and write
|
||
|
7FCB0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5DD4000
|
trusted library allocation
|
page read and write
|
||
|
63A0000
|
heap
|
page read and write
|
||
|
56CD000
|
trusted library allocation
|
page read and write
|
||
|
53C6000
|
trusted library allocation
|
page read and write
|
||
|
1360000
|
trusted library allocation
|
page read and write
|
||
|
4F5E000
|
stack
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
1175000
|
trusted library allocation
|
page execute and read and write
|
||
|
1130000
|
trusted library allocation
|
page read and write
|
||
|
B62000
|
heap
|
page read and write
|
||
|
2730000
|
trusted library allocation
|
page read and write
|
||
|
6642000
|
heap
|
page read and write
|
||
|
6D00000
|
heap
|
page read and write
|
||
|
653C000
|
heap
|
page read and write
|
||
|
939000
|
stack
|
page read and write
|
||
|
316E000
|
stack
|
page read and write
|
||
|
DA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
A8D000
|
trusted library allocation
|
page execute and read and write
|
||
|
59C0000
|
trusted library allocation
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
D77000
|
trusted library allocation
|
page execute and read and write
|
||
|
D6A000
|
trusted library allocation
|
page execute and read and write
|
||
|
1343000
|
heap
|
page read and write
|
||
|
6600000
|
heap
|
page read and write
|
||
|
9CE000
|
stack
|
page read and write
|
||
|
AC8000
|
heap
|
page read and write
|
||
|
125A000
|
heap
|
page read and write
|
||
|
1235000
|
heap
|
page read and write
|
||
|
5DD0000
|
trusted library allocation
|
page read and write
|
||
|
4D74000
|
trusted library allocation
|
page read and write
|
||
|
56A0000
|
trusted library allocation
|
page read and write
|
||
|
164E000
|
stack
|
page read and write
|
||
|
5460000
|
trusted library allocation
|
page read and write
|
||
|
5D90000
|
trusted library allocation
|
page read and write
|
||
|
4D90000
|
trusted library allocation
|
page read and write
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
53E6000
|
trusted library allocation
|
page read and write
|
||
|
1198000
|
heap
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
6AB0000
|
heap
|
page read and write
|
||
|
66B0000
|
heap
|
page read and write
|
||
|
5E00000
|
trusted library allocation
|
page execute and read and write
|
||
|
131C000
|
stack
|
page read and write
|
||
|
63B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5470000
|
trusted library allocation
|
page read and write
|
||
|
4858000
|
trusted library allocation
|
page read and write
|
||
|
13C3000
|
heap
|
page read and write
|
||
|
3E69000
|
trusted library allocation
|
page read and write
|
||
|
4D42000
|
trusted library allocation
|
page read and write
|
||
|
130B000
|
heap
|
page read and write
|
||
|
56C1000
|
trusted library allocation
|
page read and write
|
||
|
5D98000
|
trusted library allocation
|
page read and write
|
||
|
5480000
|
heap
|
page read and write
|
||
|
669E000
|
stack
|
page read and write
|
||
|
5C70000
|
trusted library allocation
|
page read and write
|
||
|
535E000
|
stack
|
page read and write
|
||
|
A05000
|
heap
|
page read and write
|
||
|
5DEC000
|
trusted library allocation
|
page read and write
|
||
|
1140000
|
trusted library allocation
|
page read and write
|
||
|
5ABE000
|
stack
|
page read and write
|
||
|
3170000
|
trusted library allocation
|
page read and write
|
||
|
56AE000
|
trusted library allocation
|
page read and write
|
||
|
5A2D000
|
stack
|
page read and write
|
||
|
5C90000
|
trusted library allocation
|
page execute and read and write
|
||
|
529E000
|
stack
|
page read and write
|
||
|
5C3E000
|
stack
|
page read and write
|
||
|
57FD000
|
stack
|
page read and write
|
||
|
11C6000
|
heap
|
page read and write
|
||
|
4D80000
|
heap
|
page execute and read and write
|
||
|
ABB000
|
heap
|
page read and write
|
||
|
A90000
|
heap
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
5C54000
|
trusted library allocation
|
page read and write
|
||
|
500B000
|
stack
|
page read and write
|
||
|
6310000
|
trusted library allocation
|
page read and write
|
||
|
661C000
|
heap
|
page read and write
|
||
|
56C6000
|
trusted library allocation
|
page read and write
|
||
|
1430000
|
heap
|
page read and write
|
||
|
164E000
|
stack
|
page read and write
|
||
|
A70000
|
trusted library allocation
|
page read and write
|
||
|
B1B000
|
heap
|
page read and write
|
||
|
56E0000
|
trusted library allocation
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
5C60000
|
trusted library allocation
|
page read and write
|
||
|
270C000
|
stack
|
page read and write
|
||
|
59AC000
|
trusted library allocation
|
page read and write
|
||
|
184E000
|
stack
|
page read and write
|
||
|
1670000
|
heap
|
page read and write
|
||
|
4EC0000
|
heap
|
page read and write
|
||
|
A98000
|
heap
|
page read and write
|
||
|
62BE000
|
stack
|
page read and write
|
||
|
4229000
|
trusted library allocation
|
page read and write
|
||
|
6FD0000
|
heap
|
page read and write
|
||
|
17EB000
|
trusted library allocation
|
page execute and read and write
|
||
|
1143000
|
trusted library allocation
|
page execute and read and write
|
||
|
5850000
|
heap
|
page execute and read and write
|
||
|
2720000
|
heap
|
page execute and read and write
|
||
|
5DF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
56B2000
|
trusted library allocation
|
page read and write
|
||
|
51C8000
|
trusted library allocation
|
page read and write
|
||
|
5DBE000
|
stack
|
page read and write
|
||
|
56F3000
|
heap
|
page read and write
|
||
|
28B7000
|
trusted library allocation
|
page read and write
|
||
|
EDE000
|
unkown
|
page readonly
|
||
|
58FE000
|
stack
|
page read and write
|
||
|
2E5E000
|
stack
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
17CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
5710000
|
heap
|
page read and write
|
||
|
147E000
|
stack
|
page read and write
|
||
|
ACA000
|
heap
|
page read and write
|
||
|
610E000
|
heap
|
page read and write
|
||
|
53F2000
|
trusted library allocation
|
page read and write
|
||
|
AAF000
|
heap
|
page read and write
|
||
|
284E000
|
stack
|
page read and write
|
||
|
584C000
|
stack
|
page read and write
|
||
|
4D3B000
|
trusted library allocation
|
page read and write
|
||
|
17E0000
|
trusted library allocation
|
page read and write
|
||
|
515E000
|
stack
|
page read and write
|
||
|
1177000
|
trusted library allocation
|
page execute and read and write
|
||
|
3E89000
|
trusted library allocation
|
page read and write
|
||
|
5DC0000
|
trusted library allocation
|
page read and write
|
||
|
2D50000
|
heap
|
page execute and read and write
|
||
|
59B0000
|
trusted library allocation
|
page read and write
|
||
|
2EB0000
|
trusted library allocation
|
page read and write
|
||
|
56A6000
|
trusted library allocation
|
page read and write
|
||
|
1162000
|
trusted library allocation
|
page read and write
|
||
|
59A0000
|
trusted library allocation
|
page read and write
|
||
|
68B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
6107000
|
heap
|
page read and write
|
||
|
A60000
|
trusted library allocation
|
page read and write
|
||
|
D90000
|
trusted library allocation
|
page read and write
|
||
|
3859000
|
trusted library allocation
|
page read and write
|
||
|
38BA000
|
trusted library allocation
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
6607000
|
trusted library allocation
|
page read and write
|
||
|
1320000
|
heap
|
page read and write
|
||
|
53B3000
|
heap
|
page read and write
|
||
|
4D34000
|
trusted library allocation
|
page read and write
|
||
|
53E1000
|
trusted library allocation
|
page read and write
|
||
|
3227000
|
trusted library allocation
|
page read and write
|
||
|
17A0000
|
trusted library allocation
|
page read and write
|
||
|
2740000
|
heap
|
page read and write
|
||
|
12F8000
|
stack
|
page read and write
|
||
|
60DE000
|
stack
|
page read and write
|
||
|
5CE7000
|
trusted library allocation
|
page read and write
|
||
|
1166000
|
trusted library allocation
|
page execute and read and write
|
||
|
597E000
|
stack
|
page read and write
|
||
|
1340000
|
heap
|
page read and write
|
||
|
1350000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D51000
|
trusted library allocation
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
839000
|
stack
|
page read and write
|
||
|
17B0000
|
trusted library allocation
|
page read and write
|
||
|
53B0000
|
heap
|
page read and write
|
||
|
B8E000
|
heap
|
page read and write
|
||
|
519E000
|
stack
|
page read and write
|
||
|
101E000
|
stack
|
page read and write
|
||
|
130E000
|
heap
|
page read and write
|
||
|
4D4A000
|
trusted library allocation
|
page read and write
|
||
|
1290000
|
trusted library allocation
|
page read and write
|
||
|
5C50000
|
trusted library allocation
|
page read and write
|
||
|
5470000
|
heap
|
page execute and read and write
|
||
|
56D2000
|
trusted library allocation
|
page read and write
|
||
|
4D62000
|
trusted library allocation
|
page read and write
|
||
|
59D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D56000
|
trusted library allocation
|
page read and write
|
||
|
188C000
|
stack
|
page read and write
|
||
|
128A000
|
heap
|
page read and write
|
||
|
61DB000
|
stack
|
page read and write
|
||
|
1144000
|
trusted library allocation
|
page read and write
|
||
|
59BE000
|
stack
|
page read and write
|
||
|
53CE000
|
trusted library allocation
|
page read and write
|
||
|
53D2000
|
trusted library allocation
|
page read and write
|
||
|
664E000
|
heap
|
page read and write
|
||
|
1170000
|
trusted library allocation
|
page read and write
|
||
|
17BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
3190000
|
trusted library allocation
|
page read and write
|
||
|
64E0000
|
heap
|
page read and write
|
||
|
1890000
|
heap
|
page read and write
|
||
|
53C0000
|
trusted library allocation
|
page read and write
|
||
|
1336000
|
heap
|
page read and write
|
||
|
56F0000
|
heap
|
page read and write
|
||
|
4DB0000
|
heap
|
page read and write
|
||
|
6220000
|
trusted library allocation
|
page read and write
|
||
|
6227000
|
trusted library allocation
|
page read and write
|
||
|
12DE000
|
stack
|
page read and write
|
||
|
31B0000
|
heap
|
page read and write
|
||
|
57BE000
|
stack
|
page read and write
|
||
|
5C74000
|
trusted library allocation
|
page read and write
|
||
|
4F0C000
|
stack
|
page read and write
|
||
|
17E2000
|
trusted library allocation
|
page read and write
|
||
|
18B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
115D000
|
trusted library allocation
|
page execute and read and write
|
||
|
4D3E000
|
trusted library allocation
|
page read and write
|
||
|
1340000
|
heap
|
page read and write
|
||
|
539E000
|
stack
|
page read and write
|
||
|
66E0000
|
trusted library allocation
|
page read and write
|
||
|
543C000
|
stack
|
page read and write
|
||
|
A74000
|
trusted library allocation
|
page read and write
|
||
|
D5F000
|
stack
|
page read and write
|
||
|
F58000
|
stack
|
page read and write
|
There are 334 hidden memdumps, click here to show them.