Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SecuriteInfo.com.Win32.Malware-gen.15404.5900.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_rp12w0ia.lfd.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_vj2n3ywu.bsj.ps1
|
ASCII text, with no line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SecuriteInfo.com.Win32.Malware-gen.15404.5900.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Win32.Malware-gen.15404.5900.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
https://jeanoliveiragomes.github.io
|
unknown
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
There are 17 hidden URLs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7FFD9BAC0000
|
trusted library allocation
|
page read and write
|
||
|
1B6CD000
|
heap
|
page read and write
|
||
|
7FFD9B793000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B8B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B977000
|
trusted library allocation
|
page read and write
|
||
|
1CED4000
|
heap
|
page read and write
|
||
|
2C8D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B949000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B792000
|
trusted library allocation
|
page read and write
|
||
|
1B676000
|
heap
|
page read and write
|
||
|
7FFD9B942000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7B4000
|
trusted library allocation
|
page read and write
|
||
|
C18000
|
heap
|
page read and write
|
||
|
1B433000
|
heap
|
page read and write
|
||
|
1E2E0000
|
heap
|
page read and write
|
||
|
1AA80000
|
trusted library allocation
|
page read and write
|
||
|
3254000
|
trusted library allocation
|
page read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
7FFD9BA59000
|
trusted library allocation
|
page read and write
|
||
|
1B6A8000
|
heap
|
page read and write
|
||
|
1B93E000
|
stack
|
page read and write
|
||
|
BDE000
|
heap
|
page read and write
|
||
|
7FFD9BAA0000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
unkown
|
page readonly
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
||
|
1B560000
|
heap
|
page read and write
|
||
|
7FFD9BAF0000
|
trusted library allocation
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
||
|
2AC6000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7A0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB00000
|
trusted library allocation
|
page read and write
|
||
|
610000
|
unkown
|
page readonly
|
||
|
7FFD9B9F0000
|
trusted library allocation
|
page read and write
|
||
|
B40000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB10000
|
trusted library allocation
|
page execute and read and write
|
||
|
3240000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page read and write
|
||
|
1CED0000
|
heap
|
page read and write
|
||
|
7FFD9B9D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA10000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA20000
|
trusted library allocation
|
page read and write
|
||
|
1ADD0000
|
heap
|
page read and write
|
||
|
1B572000
|
heap
|
page read and write
|
||
|
2910000
|
heap
|
page read and write
|
||
|
319A000
|
trusted library allocation
|
page read and write
|
||
|
12A66000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA70000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B876000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9BA00000
|
trusted library allocation
|
page read and write
|
||
|
B60000
|
trusted library allocation
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
7FFD9BA80000
|
trusted library allocation
|
page read and write
|
||
|
BCA000
|
heap
|
page read and write
|
||
|
7FF446040000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B7BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B7B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B850000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B7A8000
|
trusted library allocation
|
page read and write
|
||
|
763000
|
stack
|
page read and write
|
||
|
7FFD9B7AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
3177000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
||
|
E15000
|
heap
|
page read and write
|
||
|
BAC000
|
heap
|
page read and write
|
||
|
3212000
|
trusted library allocation
|
page read and write
|
||
|
BE3000
|
heap
|
page read and write
|
||
|
7FFD9B84C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B66A000
|
heap
|
page read and write
|
||
|
7FFD9BAD0000
|
trusted library allocation
|
page read and write
|
||
|
B63000
|
trusted library allocation
|
page read and write
|
||
|
1B5B5000
|
heap
|
page read and write
|
||
|
7FFD9BAB0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA30000
|
trusted library allocation
|
page read and write
|
||
|
2940000
|
heap
|
page execute and read and write
|
||
|
1AFDD000
|
stack
|
page read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page execute and read and write
|
||
|
3242000
|
trusted library allocation
|
page read and write
|
||
|
325B000
|
trusted library allocation
|
page read and write
|
||
|
12A69000
|
trusted library allocation
|
page read and write
|
||
|
1B6EF000
|
heap
|
page read and write
|
||
|
1B593000
|
heap
|
page read and write
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
7FFD9BA40000
|
trusted library allocation
|
page read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
1B68C000
|
heap
|
page read and write
|
||
|
1BA3F000
|
stack
|
page read and write
|
||
|
2900000
|
heap
|
page execute and read and write
|
||
|
7FFD9BA90000
|
trusted library allocation
|
page read and write
|
||
|
325D000
|
trusted library allocation
|
page read and write
|
||
|
B20000
|
trusted library allocation
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
612000
|
unkown
|
page readonly
|
||
|
2903000
|
heap
|
page execute and read and write
|
||
|
1B6CF000
|
heap
|
page read and write
|
||
|
2A4E000
|
stack
|
page read and write
|
||
|
7FFD9BAE0000
|
trusted library allocation
|
page read and write
|
||
|
61C000
|
unkown
|
page readonly
|
||
|
1DEE0000
|
trusted library allocation
|
page read and write
|
||
|
1DF02000
|
trusted library allocation
|
page read and write
|
||
|
12A51000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B794000
|
trusted library allocation
|
page read and write
|
||
|
1CDDD000
|
stack
|
page read and write
|
||
|
10B5000
|
heap
|
page read and write
|
||
|
7FFD9BA50000
|
trusted library allocation
|
page read and write
|
||
|
D9E000
|
stack
|
page read and write
|
||
|
7FFD9B7A2000
|
trusted library allocation
|
page read and write
|
||
|
10B0000
|
heap
|
page read and write
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B640000
|
heap
|
page read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B9E0000
|
trusted library allocation
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
1060000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B846000
|
trusted library allocation
|
page read and write
|
||
|
28B0000
|
heap
|
page execute and read and write
|
||
|
1B6F1000
|
heap
|
page read and write
|
||
|
7FFD9B840000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B938000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7EC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B41E000
|
stack
|
page read and write
|
||
|
7FFD9BA60000
|
trusted library allocation
|
page read and write
|
||
|
1C5C3000
|
stack
|
page read and write
|
||
|
BE1000
|
heap
|
page read and write
|
||
|
BC3000
|
heap
|
page read and write
|
||
|
1BB3E000
|
stack
|
page read and write
|
||
|
2A51000
|
trusted library allocation
|
page read and write
|
||
|
1BC3B000
|
stack
|
page read and write
|
||
|
7FFD9B946000
|
trusted library allocation
|
page read and write
|
||
|
1B430000
|
heap
|
page read and write
|
||
|
12AD0000
|
trusted library allocation
|
page read and write
|
||
|
C0E000
|
heap
|
page read and write
|
||
|
7FFD9B9C0000
|
trusted library allocation
|
page read and write
|
||
|
1CC00000
|
heap
|
page read and write
|
||
|
7FFD9B970000
|
trusted library allocation
|
page read and write
|
||
|
2930000
|
trusted library section
|
page readonly
|
||
|
1CCD0000
|
heap
|
page read and write
|
There are 130 hidden memdumps, click here to show them.