Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
file.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\file.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\MSBuild.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\file.exe
|
"C:\Users\user\Desktop\file.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://crl.sectigo.com/SectigoRSATimeStampingCA.crl0t
|
unknown
|
||
|
http://www.opengis.net/gml
|
unknown
|
||
|
https://api.ip.sb/ip
|
unknown
|
||
|
https://api.ip.s
|
unknown
|
||
|
https://sectigo.com/CPS0
|
unknown
|
||
|
http://www.georss.org/georss
|
unknown
|
||
|
http://ocsp.sectigo.com0
|
unknown
|
||
|
http://www.iana.org/assignments/relation/
|
unknown
|
||
|
http://crt.sectigo.com/SectigoRSATimeStampingCA.crt0#
|
unknown
|
||
|
https://discord.com/api/v9/users/
|
unknown
|
||
|
http://ConstBaseUri/ConstService.svc/
|
unknown
|
There are 1 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
bg.microsoft.map.fastly.net
|
199.232.214.172
|
||
|
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
22000
|
unkown
|
page readonly
|
|
|
|
3BE9000
|
trusted library allocation
|
page read and write
|
|
|
|
37AF000
|
trusted library allocation
|
page read and write
|
|
|
|
3D22000
|
trusted library allocation
|
page read and write
|
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
3D8A000
|
trusted library allocation
|
page read and write
|
|
|
|
3120000
|
heap
|
page read and write
|
||
|
123A000
|
stack
|
page read and write
|
||
|
27DD000
|
trusted library allocation
|
page read and write
|
||
|
572E000
|
trusted library allocation
|
page read and write
|
||
|
5770000
|
trusted library allocation
|
page read and write
|
||
|
7E94000
|
heap
|
page read and write
|
||
|
970000
|
trusted library allocation
|
page read and write
|
||
|
2791000
|
trusted library allocation
|
page read and write
|
||
|
27C1000
|
trusted library allocation
|
page read and write
|
||
|
57B0000
|
trusted library allocation
|
page read and write
|
||
|
27A8000
|
trusted library allocation
|
page read and write
|
||
|
3050000
|
heap
|
page execute and read and write
|
||
|
4BE0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3469000
|
trusted library allocation
|
page read and write
|
||
|
33BA000
|
trusted library allocation
|
page read and write
|
||
|
27D0000
|
trusted library allocation
|
page read and write
|
||
|
D50000
|
trusted library allocation
|
page execute and read and write
|
||
|
5A15000
|
heap
|
page read and write
|
||
|
1337000
|
stack
|
page read and write
|
||
|
7EC1000
|
heap
|
page read and write
|
||
|
2810000
|
trusted library allocation
|
page read and write
|
||
|
5AA0000
|
trusted library allocation
|
page read and write
|
||
|
37AD000
|
trusted library allocation
|
page read and write
|
||
|
5720000
|
trusted library allocation
|
page read and write
|
||
|
2772000
|
trusted library allocation
|
page read and write
|
||
|
4231000
|
trusted library allocation
|
page read and write
|
||
|
34A4000
|
trusted library allocation
|
page read and write
|
||
|
75EE000
|
stack
|
page read and write
|
||
|
3480000
|
trusted library allocation
|
page read and write
|
||
|
2793000
|
trusted library allocation
|
page read and write
|
||
|
27A0000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
3408000
|
trusted library allocation
|
page read and write
|
||
|
9A6000
|
trusted library allocation
|
page execute and read and write
|
||
|
33FF000
|
trusted library allocation
|
page read and write
|
||
|
278F000
|
trusted library allocation
|
page read and write
|
||
|
9B7000
|
trusted library allocation
|
page execute and read and write
|
||
|
27A6000
|
trusted library allocation
|
page read and write
|
||
|
33E6000
|
trusted library allocation
|
page read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
2755000
|
trusted library allocation
|
page read and write
|
||
|
AD2000
|
heap
|
page read and write
|
||
|
5A00000
|
trusted library allocation
|
page execute and read and write
|
||
|
92E000
|
stack
|
page read and write
|
||
|
5D50000
|
trusted library allocation
|
page read and write
|
||
|
1398000
|
heap
|
page read and write
|
||
|
309E000
|
stack
|
page read and write
|
||
|
5A10000
|
heap
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
33E4000
|
trusted library allocation
|
page read and write
|
||
|
573E000
|
trusted library allocation
|
page read and write
|
||
|
27F3000
|
trusted library allocation
|
page read and write
|
||
|
27D2000
|
trusted library allocation
|
page read and write
|
||
|
27F8000
|
trusted library allocation
|
page read and write
|
||
|
484E000
|
stack
|
page read and write
|
||
|
2749000
|
trusted library allocation
|
page read and write
|
||
|
5BCD000
|
stack
|
page read and write
|
||
|
3418000
|
trusted library allocation
|
page read and write
|
||
|
5BE0000
|
heap
|
page read and write
|
||
|
141E000
|
heap
|
page read and write
|
||
|
2770000
|
trusted library allocation
|
page read and write
|
||
|
27DA000
|
trusted library allocation
|
page read and write
|
||
|
5A80000
|
heap
|
page read and write
|
||
|
33D1000
|
trusted library allocation
|
page read and write
|
||
|
7E90000
|
heap
|
page read and write
|
||
|
180E000
|
stack
|
page read and write
|
||
|
5D90000
|
trusted library allocation
|
page execute and read and write
|
||
|
2753000
|
trusted library allocation
|
page read and write
|
||
|
A34000
|
heap
|
page read and write
|
||
|
19D0000
|
trusted library allocation
|
page read and write
|
||
|
786F000
|
stack
|
page read and write
|
||
|
DC0000
|
trusted library allocation
|
page read and write
|
||
|
4C00000
|
trusted library allocation
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
76EF000
|
stack
|
page read and write
|
||
|
27D6000
|
trusted library allocation
|
page read and write
|
||
|
30DC000
|
stack
|
page read and write
|
||
|
4C20000
|
trusted library allocation
|
page execute and read and write
|
||
|
5010000
|
trusted library allocation
|
page execute and read and write
|
||
|
7AB2000
|
trusted library allocation
|
page read and write
|
||
|
52DE000
|
stack
|
page read and write
|
||
|
75AE000
|
stack
|
page read and write
|
||
|
5BD0000
|
heap
|
page read and write
|
||
|
33F9000
|
trusted library allocation
|
page read and write
|
||
|
7EB6000
|
heap
|
page read and write
|
||
|
983000
|
trusted library allocation
|
page execute and read and write
|
||
|
13CC000
|
heap
|
page read and write
|
||
|
20000
|
unkown
|
page readonly
|
||
|
3437000
|
trusted library allocation
|
page read and write
|
||
|
3416000
|
trusted library allocation
|
page read and write
|
||
|
4C7E000
|
stack
|
page read and write
|
||
|
D60000
|
heap
|
page execute and read and write
|
||
|
8A0000
|
heap
|
page read and write
|
||
|
33FD000
|
trusted library allocation
|
page read and write
|
||
|
342F000
|
trusted library allocation
|
page read and write
|
||
|
33EA000
|
trusted library allocation
|
page read and write
|
||
|
4BB0000
|
trusted library allocation
|
page read and write
|
||
|
4E90000
|
trusted library section
|
page read and write
|
||
|
5C00000
|
heap
|
page read and write
|
||
|
4E8F000
|
stack
|
page read and write
|
||
|
19D3000
|
trusted library allocation
|
page execute and read and write
|
||
|
344A000
|
trusted library allocation
|
page read and write
|
||
|
3431000
|
trusted library allocation
|
page read and write
|
||
|
15BE000
|
stack
|
page read and write
|
||
|
998000
|
trusted library allocation
|
page read and write
|
||
|
26B1000
|
trusted library allocation
|
page read and write
|
||
|
2806000
|
trusted library allocation
|
page read and write
|
||
|
19FA000
|
trusted library allocation
|
page execute and read and write
|
||
|
DE0000
|
trusted library allocation
|
page read and write
|
||
|
2757000
|
trusted library allocation
|
page read and write
|
||
|
27AE000
|
trusted library allocation
|
page read and write
|
||
|
1438000
|
heap
|
page read and write
|
||
|
347C000
|
trusted library allocation
|
page read and write
|
||
|
27F5000
|
trusted library allocation
|
page read and write
|
||
|
33EC000
|
trusted library allocation
|
page read and write
|
||
|
1466000
|
heap
|
page read and write
|
||
|
2825000
|
trusted library allocation
|
page read and write
|
||
|
33D5000
|
trusted library allocation
|
page read and write
|
||
|
7EF2000
|
heap
|
page read and write
|
||
|
5760000
|
trusted library allocation
|
page read and write
|
||
|
DD0000
|
trusted library allocation
|
page read and write
|
||
|
19F6000
|
trusted library allocation
|
page execute and read and write
|
||
|
551E000
|
stack
|
page read and write
|
||
|
98D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7ECD000
|
heap
|
page read and write
|
||
|
275B000
|
trusted library allocation
|
page read and write
|
||
|
7EC9000
|
heap
|
page read and write
|
||
|
9D0000
|
trusted library allocation
|
page read and write
|
||
|
3110000
|
trusted library allocation
|
page read and write
|
||
|
4C30000
|
trusted library allocation
|
page read and write
|
||
|
278B000
|
trusted library allocation
|
page read and write
|
||
|
27F1000
|
trusted library allocation
|
page read and write
|
||
|
466000
|
remote allocation
|
page execute and read and write
|
||
|
73B0000
|
heap
|
page read and write
|
||
|
574D000
|
trusted library allocation
|
page read and write
|
||
|
322F000
|
stack
|
page read and write
|
||
|
2808000
|
trusted library allocation
|
page read and write
|
||
|
53DF000
|
stack
|
page read and write
|
||
|
33C3000
|
trusted library allocation
|
page read and write
|
||
|
3463000
|
trusted library allocation
|
page read and write
|
||
|
27B3000
|
trusted library allocation
|
page read and write
|
||
|
772E000
|
stack
|
page read and write
|
||
|
346C000
|
trusted library allocation
|
page read and write
|
||
|
7EBE000
|
heap
|
page read and write
|
||
|
280C000
|
trusted library allocation
|
page read and write
|
||
|
529E000
|
stack
|
page read and write
|
||
|
27AA000
|
trusted library allocation
|
page read and write
|
||
|
347A000
|
trusted library allocation
|
page read and write
|
||
|
4BC0000
|
trusted library section
|
page read and write
|
||
|
572B000
|
trusted library allocation
|
page read and write
|
||
|
3DF2000
|
trusted library allocation
|
page read and write
|
||
|
27EF000
|
trusted library allocation
|
page read and write
|
||
|
1380000
|
heap
|
page read and write
|
||
|
5810000
|
trusted library allocation
|
page execute and read and write
|
||
|
2815000
|
trusted library allocation
|
page read and write
|
||
|
5780000
|
trusted library allocation
|
page read and write
|
||
|
A3E000
|
heap
|
page read and write
|
||
|
5820000
|
trusted library allocation
|
page read and write
|
||
|
57E0000
|
heap
|
page read and write
|
||
|
3467000
|
trusted library allocation
|
page read and write
|
||
|
33F0000
|
trusted library allocation
|
page read and write
|
||
|
A00000
|
heap
|
page read and write
|
||
|
930000
|
heap
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
347E000
|
trusted library allocation
|
page read and write
|
||
|
3231000
|
trusted library allocation
|
page read and write
|
||
|
27B0000
|
trusted library allocation
|
page read and write
|
||
|
33C9000
|
trusted library allocation
|
page read and write
|
||
|
147F000
|
heap
|
page read and write
|
||
|
541E000
|
stack
|
page read and write
|
||
|
7ED9000
|
heap
|
page read and write
|
||
|
19DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
3405000
|
trusted library allocation
|
page read and write
|
||
|
53CD000
|
stack
|
page read and write
|
||
|
3020000
|
trusted library allocation
|
page read and write
|
||
|
34A0000
|
trusted library allocation
|
page read and write
|
||
|
5746000
|
trusted library allocation
|
page read and write
|
||
|
3040000
|
trusted library allocation
|
page read and write
|
||
|
5724000
|
trusted library allocation
|
page read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
5710000
|
trusted library allocation
|
page read and write
|
||
|
274B000
|
trusted library allocation
|
page read and write
|
||
|
5830000
|
trusted library allocation
|
page execute and read and write
|
||
|
3486000
|
trusted library allocation
|
page read and write
|
||
|
A08000
|
heap
|
page read and write
|
||
|
1A07000
|
heap
|
page read and write
|
||
|
3313000
|
trusted library allocation
|
page read and write
|
||
|
275F000
|
trusted library allocation
|
page read and write
|
||
|
3435000
|
trusted library allocation
|
page read and write
|
||
|
59F0000
|
trusted library allocation
|
page read and write
|
||
|
277A000
|
trusted library allocation
|
page read and write
|
||
|
3455000
|
trusted library allocation
|
page read and write
|
||
|
5843000
|
heap
|
page read and write
|
||
|
19C0000
|
trusted library allocation
|
page read and write
|
||
|
935000
|
heap
|
page read and write
|
||
|
3439000
|
trusted library allocation
|
page read and write
|
||
|
9AA000
|
trusted library allocation
|
page execute and read and write
|
||
|
19F0000
|
trusted library allocation
|
page read and write
|
||
|
DBA000
|
trusted library allocation
|
page read and write
|
||
|
2802000
|
trusted library allocation
|
page read and write
|
||
|
5790000
|
trusted library allocation
|
page read and write
|
||
|
27BF000
|
trusted library allocation
|
page read and write
|
||
|
7ED7000
|
heap
|
page read and write
|
||
|
5785000
|
trusted library allocation
|
page read and write
|
||
|
278D000
|
trusted library allocation
|
page read and write
|
||
|
515F000
|
stack
|
page read and write
|
||
|
1488000
|
heap
|
page read and write
|
||
|
140F000
|
heap
|
page read and write
|
||
|
5A6B000
|
stack
|
page read and write
|
||
|
DBE000
|
trusted library allocation
|
page read and write
|
||
|
782E000
|
stack
|
page read and write
|
||
|
27AC000
|
trusted library allocation
|
page read and write
|
||
|
147C000
|
heap
|
page read and write
|
||
|
33B6000
|
trusted library allocation
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
2812000
|
trusted library allocation
|
page read and write
|
||
|
33D3000
|
trusted library allocation
|
page read and write
|
||
|
36B1000
|
trusted library allocation
|
page read and write
|
||
|
280E000
|
trusted library allocation
|
page read and write
|
||
|
7EF7000
|
heap
|
page read and write
|
||
|
27D4000
|
trusted library allocation
|
page read and write
|
||
|
7ED3000
|
heap
|
page read and write
|
||
|
2827000
|
trusted library allocation
|
page read and write
|
||
|
33CD000
|
trusted library allocation
|
page read and write
|
||
|
AF5000
|
heap
|
page read and write
|
||
|
33C7000
|
trusted library allocation
|
page read and write
|
||
|
19F2000
|
trusted library allocation
|
page read and write
|
||
|
33CB000
|
trusted library allocation
|
page read and write
|
||
|
A7E000
|
heap
|
page read and write
|
||
|
33B4000
|
trusted library allocation
|
page read and write
|
||
|
5741000
|
trusted library allocation
|
page read and write
|
||
|
3484000
|
trusted library allocation
|
page read and write
|
||
|
3450000
|
trusted library allocation
|
page read and write
|
||
|
275D000
|
trusted library allocation
|
page read and write
|
||
|
302B000
|
trusted library allocation
|
page execute and read and write
|
||
|
A94000
|
heap
|
page read and write
|
||
|
27E1000
|
trusted library allocation
|
page read and write
|
||
|
3027000
|
trusted library allocation
|
page execute and read and write
|
||
|
46B8000
|
trusted library allocation
|
page read and write
|
||
|
3425000
|
trusted library allocation
|
page read and write
|
||
|
342D000
|
trusted library allocation
|
page read and write
|
||
|
3452000
|
trusted library allocation
|
page read and write
|
||
|
A41000
|
heap
|
page read and write
|
||
|
33B8000
|
trusted library allocation
|
page read and write
|
||
|
D40000
|
heap
|
page read and write
|
||
|
DB1000
|
trusted library allocation
|
page read and write
|
||
|
577F000
|
trusted library allocation
|
page read and write
|
||
|
27ED000
|
trusted library allocation
|
page read and write
|
||
|
16FE000
|
stack
|
page read and write
|
||
|
1390000
|
heap
|
page read and write
|
||
|
5AC0000
|
heap
|
page execute and read and write
|
||
|
2778000
|
trusted library allocation
|
page read and write
|
||
|
9BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
2796000
|
trusted library allocation
|
page read and write
|
||
|
5C04000
|
heap
|
page read and write
|
||
|
2759000
|
trusted library allocation
|
page read and write
|
||
|
984000
|
trusted library allocation
|
page read and write
|
||
|
33CF000
|
trusted library allocation
|
page read and write
|
||
|
16BE000
|
stack
|
page read and write
|
||
|
757000
|
stack
|
page read and write
|
||
|
3489000
|
trusted library allocation
|
page read and write
|
||
|
142C000
|
heap
|
page read and write
|
||
|
A0E000
|
heap
|
page read and write
|
||
|
5A90000
|
heap
|
page read and write
|
||
|
19ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
19D4000
|
trusted library allocation
|
page read and write
|
||
|
65B000
|
stack
|
page read and write
|
||
|
280A000
|
trusted library allocation
|
page read and write
|
||
|
3414000
|
trusted library allocation
|
page read and write
|
||
|
5800000
|
heap
|
page read and write
|
||
|
7EEC000
|
heap
|
page read and write
|
||
|
277D000
|
trusted library allocation
|
page read and write
|
||
|
33EE000
|
trusted library allocation
|
page read and write
|
||
|
33B2000
|
trusted library allocation
|
page read and write
|
||
|
CFE000
|
stack
|
page read and write
|
||
|
5840000
|
heap
|
page read and write
|
||
|
3307000
|
trusted library allocation
|
page read and write
|
||
|
505E000
|
stack
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
1700000
|
heap
|
page read and write
|
||
|
3448000
|
trusted library allocation
|
page read and write
|
||
|
33FB000
|
trusted library allocation
|
page read and write
|
||
|
993000
|
trusted library allocation
|
page read and write
|
||
|
BFF000
|
stack
|
page read and write
|
||
|
19E3000
|
trusted library allocation
|
page read and write
|
||
|
3401000
|
trusted library allocation
|
page read and write
|
||
|
281F000
|
trusted library allocation
|
page read and write
|
||
|
14A5000
|
heap
|
page read and write
|
||
|
7EB0000
|
heap
|
page read and write
|
||
|
36B4000
|
trusted library allocation
|
page read and write
|
||
|
3022000
|
trusted library allocation
|
page read and write
|
||
|
4BF0000
|
heap
|
page execute and read and write
|
||
|
519E000
|
stack
|
page read and write
|
||
|
1418000
|
heap
|
page read and write
|
||
|
DC2000
|
trusted library allocation
|
page read and write
|
||
|
3100000
|
trusted library allocation
|
page execute and read and write
|
||
|
99D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2821000
|
trusted library allocation
|
page read and write
|
||
|
3403000
|
trusted library allocation
|
page read and write
|
||
|
14A0000
|
heap
|
page read and write
|
||
|
2762000
|
trusted library allocation
|
page read and write
|
||
|
3482000
|
trusted library allocation
|
page read and write
|
||
|
2823000
|
trusted library allocation
|
page read and write
|
||
|
A27000
|
heap
|
page read and write
|
||
|
26AE000
|
stack
|
page read and write
|
||
|
27D8000
|
trusted library allocation
|
page read and write
|
||
|
8EE000
|
stack
|
page read and write
|
||
|
3363000
|
trusted library allocation
|
page read and write
|
||
|
1A00000
|
heap
|
page read and write
|
||
|
27BD000
|
trusted library allocation
|
page read and write
|
||
|
346E000
|
trusted library allocation
|
page read and write
|
||
|
456000
|
remote allocation
|
page execute and read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
5752000
|
trusted library allocation
|
page read and write
|
||
|
3433000
|
trusted library allocation
|
page read and write
|
||
|
5DEE000
|
stack
|
page read and write
|
||
|
1408000
|
heap
|
page read and write
|
||
|
D3E000
|
stack
|
page read and write
|
||
|
5A70000
|
trusted library section
|
page readonly
|
||
|
796E000
|
stack
|
page read and write
|
||
|
980000
|
trusted library allocation
|
page read and write
|
||
|
DAE000
|
stack
|
page read and write
|
||
|
27EB000
|
trusted library allocation
|
page read and write
|
There are 319 hidden memdumps, click here to show them.