Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
rPurchaseOrder300610-PDF.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
||
C:\Users\user\AppData\Local\Temp\Maianthemum
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\autCE2F.tmp
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\autCE6E.tmp
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\turbinate
|
ASCII text, with very long lines (28740), with no line terminators
|
dropped
|
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Users\user\Desktop\rPurchaseOrder300610-PDF.exe
|
"C:\Users\user\Desktop\rPurchaseOrder300610-PDF.exe"
|
||
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
|
"C:\Users\user\Desktop\rPurchaseOrder300610-PDF.exe"
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://sectigo.com/CPS0
|
unknown
|
||
https://account.dyn.com/
|
unknown
|
||
http://srv.masternic.net
|
unknown
|
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
srv.masternic.net
|
174.141.234.138
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
174.141.234.138
|
srv.masternic.net
|
United States
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
3630000
|
direct allocation
|
page read and write
|
||
319E000
|
trusted library allocation
|
page read and write
|
||
402000
|
system
|
page execute and read and write
|
||
31C9000
|
trusted library allocation
|
page read and write
|
||
3151000
|
trusted library allocation
|
page read and write
|
||
142E000
|
heap
|
page read and write
|
||
1548000
|
heap
|
page read and write
|
||
3DDD000
|
direct allocation
|
page read and write
|
||
55D0000
|
trusted library allocation
|
page read and write
|
||
FBE000
|
stack
|
page read and write
|
||
7E0000
|
unkown
|
page readonly
|
||
3E4E000
|
direct allocation
|
page read and write
|
||
3C33000
|
direct allocation
|
page read and write
|
||
9F0000
|
heap
|
page read and write
|
||
6D90000
|
heap
|
page read and write
|
||
1400000
|
trusted library allocation
|
page read and write
|
||
15E1000
|
heap
|
page read and write
|
||
14CD000
|
heap
|
page read and write
|
||
173B000
|
trusted library allocation
|
page execute and read and write
|
||
6620000
|
trusted library allocation
|
page read and write
|
||
1722000
|
trusted library allocation
|
page read and write
|
||
65DF000
|
stack
|
page read and write
|
||
641B000
|
heap
|
page read and write
|
||
31B9000
|
trusted library allocation
|
page read and write
|
||
2F78000
|
trusted library allocation
|
page read and write
|
||
1E2E000
|
stack
|
page read and write
|
||
518C000
|
stack
|
page read and write
|
||
1263000
|
heap
|
page read and write
|
||
2F4E000
|
stack
|
page read and write
|
||
5630000
|
trusted library allocation
|
page read and write
|
||
3CB0000
|
direct allocation
|
page read and write
|
||
6DA0000
|
trusted library allocation
|
page execute and read and write
|
||
3B10000
|
direct allocation
|
page read and write
|
||
653E000
|
stack
|
page read and write
|
||
1360000
|
heap
|
page read and write
|
||
1612000
|
heap
|
page read and write
|
||
62DE000
|
stack
|
page read and write
|
||
661D000
|
stack
|
page read and write
|
||
6D60000
|
trusted library allocation
|
page read and write
|
||
5C10000
|
trusted library allocation
|
page read and write
|
||
1481000
|
heap
|
page read and write
|
||
36D0000
|
heap
|
page read and write
|
||
89F000
|
unkown
|
page write copy
|
||
5670000
|
heap
|
page read and write
|
||
560D000
|
trusted library allocation
|
page read and write
|
||
14A1000
|
heap
|
page read and write
|
||
1730000
|
trusted library allocation
|
page read and write
|
||
1737000
|
trusted library allocation
|
page execute and read and write
|
||
1230000
|
heap
|
page read and write
|
||
1487000
|
heap
|
page read and write
|
||
3CB0000
|
direct allocation
|
page read and write
|
||
1726000
|
trusted library allocation
|
page execute and read and write
|
||
6404000
|
heap
|
page read and write
|
||
63F0000
|
heap
|
page read and write
|
||
1594000
|
heap
|
page read and write
|
||
1735000
|
trusted library allocation
|
page execute and read and write
|
||
1448000
|
heap
|
page read and write
|
||
1080000
|
heap
|
page read and write
|
||
3CB0000
|
direct allocation
|
page read and write
|
||
3E4E000
|
direct allocation
|
page read and write
|
||
FFC000
|
stack
|
page read and write
|
||
6C1F000
|
stack
|
page read and write
|
||
4151000
|
trusted library allocation
|
page read and write
|
||
14F4000
|
heap
|
page read and write
|
||
528D000
|
stack
|
page read and write
|
||
3620000
|
direct allocation
|
page execute and read and write
|
||
3040000
|
heap
|
page execute and read and write
|
||
55EB000
|
trusted library allocation
|
page read and write
|
||
2F60000
|
heap
|
page read and write
|
||
3B10000
|
direct allocation
|
page read and write
|
||
134F000
|
heap
|
page read and write
|
||
5606000
|
trusted library allocation
|
page read and write
|
||
3DDD000
|
direct allocation
|
page read and write
|
||
98A000
|
stack
|
page read and write
|
||
3600000
|
heap
|
page read and write
|
||
5B8E000
|
stack
|
page read and write
|
||
1225000
|
heap
|
page read and write
|
||
3CB0000
|
direct allocation
|
page read and write
|
||
57BC000
|
stack
|
page read and write
|
||
36D4000
|
heap
|
page read and write
|
||
55E0000
|
trusted library allocation
|
page read and write
|
||
6630000
|
trusted library allocation
|
page read and write
|
||
172A000
|
trusted library allocation
|
page execute and read and write
|
||
1578000
|
heap
|
page read and write
|
||
895000
|
unkown
|
page readonly
|
||
1318000
|
heap
|
page read and write
|
||
13A2000
|
heap
|
page read and write
|
||
314F000
|
stack
|
page read and write
|
||
3DDD000
|
direct allocation
|
page read and write
|
||
31C5000
|
trusted library allocation
|
page read and write
|
||
1740000
|
heap
|
page read and write
|
||
5B4F000
|
stack
|
page read and write
|
||
5C1C000
|
trusted library allocation
|
page read and write
|
||
FC8000
|
stack
|
page read and write
|
||
1240000
|
heap
|
page read and write
|
||
156E000
|
heap
|
page read and write
|
||
6B1E000
|
stack
|
page read and write
|
||
3DD9000
|
direct allocation
|
page read and write
|
||
1264000
|
heap
|
page read and write
|
||
140D000
|
trusted library allocation
|
page execute and read and write
|
||
1720000
|
trusted library allocation
|
page read and write
|
||
1330000
|
heap
|
page read and write
|
||
55FE000
|
trusted library allocation
|
page read and write
|
||
1238000
|
heap
|
page read and write
|
||
5BE0000
|
trusted library allocation
|
page read and write
|
||
3DD9000
|
direct allocation
|
page read and write
|
||
3B10000
|
direct allocation
|
page read and write
|
||
55F2000
|
trusted library allocation
|
page read and write
|
||
1622000
|
heap
|
page read and write
|
||
143A000
|
heap
|
page read and write
|
||
158E000
|
heap
|
page read and write
|
||
7E0000
|
unkown
|
page readonly
|
||
5A0E000
|
stack
|
page read and write
|
||
1710000
|
trusted library allocation
|
page read and write
|
||
3CB0000
|
direct allocation
|
page read and write
|
||
3C33000
|
direct allocation
|
page read and write
|
||
319C000
|
trusted library allocation
|
page read and write
|
||
5612000
|
trusted library allocation
|
page read and write
|
||
1A2E000
|
stack
|
page read and write
|
||
3E4E000
|
direct allocation
|
page read and write
|
||
1584000
|
heap
|
page read and write
|
||
3DD9000
|
direct allocation
|
page read and write
|
||
3C33000
|
direct allocation
|
page read and write
|
||
55E6000
|
trusted library allocation
|
page read and write
|
||
86F000
|
unkown
|
page readonly
|
||
3DDD000
|
direct allocation
|
page read and write
|
||
3C33000
|
direct allocation
|
page read and write
|
||
86F000
|
unkown
|
page readonly
|
||
1445000
|
heap
|
page read and write
|
||
1190000
|
heap
|
page read and write
|
||
1418000
|
heap
|
page read and write
|
||
3B10000
|
direct allocation
|
page read and write
|
||
10A0000
|
heap
|
page read and write
|
||
41BB000
|
trusted library allocation
|
page read and write
|
||
3DD9000
|
direct allocation
|
page read and write
|
||
3E4E000
|
direct allocation
|
page read and write
|
||
15E2000
|
heap
|
page read and write
|
||
3E4E000
|
direct allocation
|
page read and write
|
||
5673000
|
heap
|
page read and write
|
||
2F50000
|
trusted library allocation
|
page execute and read and write
|
||
13F0000
|
trusted library allocation
|
page read and write
|
||
1594000
|
heap
|
page read and write
|
||
1536000
|
heap
|
page read and write
|
||
103E000
|
stack
|
page read and write
|
||
6540000
|
trusted library allocation
|
page execute and read and write
|
||
55FA000
|
trusted library allocation
|
page read and write
|
||
171D000
|
trusted library allocation
|
page execute and read and write
|
||
15A3000
|
heap
|
page read and write
|
||
8A3000
|
unkown
|
page write copy
|
||
1602000
|
heap
|
page read and write
|
||
1317000
|
heap
|
page read and write
|
||
3E4E000
|
direct allocation
|
page read and write
|
||
5680000
|
heap
|
page read and write
|
||
63E0000
|
heap
|
page read and write
|
||
13D0000
|
heap
|
page read and write
|
||
3020000
|
heap
|
page read and write
|
||
FDB000
|
stack
|
page read and write
|
||
31B7000
|
trusted library allocation
|
page read and write
|
||
3CB0000
|
direct allocation
|
page read and write
|
||
3B10000
|
direct allocation
|
page read and write
|
||
107E000
|
stack
|
page read and write
|
||
15E3000
|
heap
|
page read and write
|
||
1410000
|
heap
|
page read and write
|
||
FCE000
|
stack
|
page read and write
|
||
4179000
|
trusted library allocation
|
page read and write
|
||
1404000
|
trusted library allocation
|
page read and write
|
||
64E6000
|
trusted library allocation
|
page read and write
|
||
5C20000
|
trusted library allocation
|
page read and write
|
||
14EA000
|
heap
|
page read and write
|
||
15E3000
|
heap
|
page read and write
|
||
400000
|
system
|
page execute and read and write
|
||
149F000
|
heap
|
page read and write
|
||
67DD000
|
stack
|
page read and write
|
||
64E0000
|
trusted library allocation
|
page read and write
|
||
895000
|
unkown
|
page readonly
|
||
145D000
|
heap
|
page read and write
|
||
3DD9000
|
direct allocation
|
page read and write
|
||
3010000
|
trusted library allocation
|
page read and write
|
||
8A8000
|
unkown
|
page readonly
|
||
6F80000
|
heap
|
page read and write
|
||
7E1000
|
unkown
|
page execute read
|
||
5601000
|
trusted library allocation
|
page read and write
|
||
5A4E000
|
stack
|
page read and write
|
||
5660000
|
heap
|
page execute and read and write
|
||
3DDD000
|
direct allocation
|
page read and write
|
||
1403000
|
trusted library allocation
|
page execute and read and write
|
||
3DDD000
|
direct allocation
|
page read and write
|
||
15E1000
|
heap
|
page read and write
|
||
3C33000
|
direct allocation
|
page read and write
|
||
15A3000
|
heap
|
page read and write
|
||
3C33000
|
direct allocation
|
page read and write
|
||
64F0000
|
trusted library allocation
|
page execute and read and write
|
||
55E4000
|
trusted library allocation
|
page read and write
|
||
2F00000
|
trusted library allocation
|
page read and write
|
||
7F900000
|
trusted library allocation
|
page execute and read and write
|
||
5620000
|
trusted library allocation
|
page read and write
|
||
63E6000
|
heap
|
page read and write
|
||
89F000
|
unkown
|
page read and write
|
||
ECA000
|
stack
|
page read and write
|
||
1622000
|
heap
|
page read and write
|
||
6627000
|
trusted library allocation
|
page read and write
|
||
3B10000
|
direct allocation
|
page read and write
|
||
590E000
|
stack
|
page read and write
|
||
15E2000
|
heap
|
page read and write
|
||
1220000
|
heap
|
page read and write
|
||
1732000
|
trusted library allocation
|
page read and write
|
||
55EE000
|
trusted library allocation
|
page read and write
|
||
8A8000
|
unkown
|
page readonly
|
||
5BE8000
|
trusted library allocation
|
page read and write
|
||
31D1000
|
trusted library allocation
|
page read and write
|
||
7E1000
|
unkown
|
page execute read
|
||
3DD9000
|
direct allocation
|
page read and write
|
||
58BC000
|
stack
|
page read and write
|
There are 203 hidden memdumps, click here to show them.