Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
o8HZDSERz2.exe
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\o8HZDSERz2.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\o8HZDSERz2.exe
|
"C:\Users\user\Desktop\o8HZDSERz2.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
|
http://www.fontbureau.com
|
unknown
|
||
|
http://www.fontbureau.com/designersG
|
unknown
|
||
|
https://api.ip.sb/ip
|
unknown
|
||
|
http://www.fontbureau.com/designers/?
|
unknown
|
||
|
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
|
http://www.fontbureau.com/designers?
|
unknown
|
||
|
http://www.tiro.com
|
unknown
|
||
|
https://api.ip.s
|
unknown
|
||
|
http://www.fontbureau.com/designers
|
unknown
|
||
|
http://www.goodfont.co.kr
|
unknown
|
||
|
http://www.carterandcone.coml
|
unknown
|
||
|
http://www.sajatypeworks.com
|
unknown
|
||
|
http://www.typography.netD
|
unknown
|
||
|
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
|
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
|
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
|
http://www.founder.com.cn/cn
|
unknown
|
||
|
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
|
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
|
https://discord.com/api/v9/users/
|
unknown
|
||
|
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
|
http://www.fontbureau.com/designers8
|
unknown
|
||
|
http://www.fonts.com
|
unknown
|
||
|
http://www.sandoll.co.kr
|
unknown
|
||
|
http://www.urwpp.deDPlease
|
unknown
|
||
|
http://www.zhongyicts.com.cn
|
unknown
|
||
|
http://www.sakkal.com
|
unknown
|
There are 18 hidden URLs, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3391000
|
trusted library allocation
|
page read and write
|
|
|
|
57D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B40000
|
heap
|
page read and write
|
||
|
37D4000
|
trusted library allocation
|
page read and write
|
||
|
1650000
|
heap
|
page read and write
|
||
|
3566000
|
trusted library allocation
|
page read and write
|
||
|
3858000
|
trusted library allocation
|
page read and write
|
||
|
7D5E000
|
stack
|
page read and write
|
||
|
155E000
|
stack
|
page read and write
|
||
|
7602000
|
trusted library allocation
|
page read and write
|
||
|
5B62000
|
heap
|
page read and write
|
||
|
3877000
|
trusted library allocation
|
page read and write
|
||
|
EB0000
|
unkown
|
page readonly
|
||
|
5A7E000
|
stack
|
page read and write
|
||
|
379E000
|
trusted library allocation
|
page read and write
|
||
|
143E000
|
stack
|
page read and write
|
||
|
57B1000
|
trusted library allocation
|
page read and write
|
||
|
15F0000
|
trusted library allocation
|
page read and write
|
||
|
165E000
|
heap
|
page read and write
|
||
|
5B9D000
|
heap
|
page read and write
|
||
|
37E5000
|
trusted library allocation
|
page read and write
|
||
|
37B3000
|
trusted library allocation
|
page read and write
|
||
|
5760000
|
trusted library section
|
page read and write
|
||
|
4474000
|
trusted library allocation
|
page read and write
|
||
|
1677000
|
heap
|
page read and write
|
||
|
15E4000
|
trusted library allocation
|
page read and write
|
||
|
7C1E000
|
stack
|
page read and write
|
||
|
333D000
|
stack
|
page read and write
|
||
|
37D2000
|
trusted library allocation
|
page read and write
|
||
|
388A000
|
trusted library allocation
|
page read and write
|
||
|
5B2C000
|
heap
|
page read and write
|
||
|
5794000
|
trusted library allocation
|
page read and write
|
||
|
5B30000
|
heap
|
page read and write
|
||
|
7E5E000
|
stack
|
page read and write
|
||
|
5B38000
|
heap
|
page read and write
|
||
|
3842000
|
trusted library allocation
|
page read and write
|
||
|
5CB0000
|
heap
|
page read and write
|
||
|
57AE000
|
trusted library allocation
|
page read and write
|
||
|
365F000
|
trusted library allocation
|
page read and write
|
||
|
383F000
|
trusted library allocation
|
page read and write
|
||
|
15D0000
|
trusted library allocation
|
page read and write
|
||
|
36F5000
|
trusted library allocation
|
page read and write
|
||
|
388E000
|
trusted library allocation
|
page read and write
|
||
|
7F9F000
|
stack
|
page read and write
|
||
|
385A000
|
trusted library allocation
|
page read and write
|
||
|
3642000
|
trusted library allocation
|
page read and write
|
||
|
5B28000
|
heap
|
page read and write
|
||
|
302E000
|
stack
|
page read and write
|
||
|
3820000
|
trusted library allocation
|
page read and write
|
||
|
340B000
|
trusted library allocation
|
page read and write
|
||
|
381E000
|
trusted library allocation
|
page read and write
|
||
|
1711000
|
heap
|
page read and write
|
||
|
43DD000
|
trusted library allocation
|
page read and write
|
||
|
1617000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B76000
|
heap
|
page read and write
|
||
|
1630000
|
trusted library allocation
|
page read and write
|
||
|
600E000
|
stack
|
page read and write
|
||
|
1741000
|
heap
|
page read and write
|
||
|
3852000
|
trusted library allocation
|
page read and write
|
||
|
4470000
|
trusted library allocation
|
page read and write
|
||
|
3824000
|
trusted library allocation
|
page read and write
|
||
|
1450000
|
heap
|
page read and write
|
||
|
5F70000
|
trusted library allocation
|
page read and write
|
||
|
57E0000
|
trusted library allocation
|
page read and write
|
||
|
159E000
|
stack
|
page read and write
|
||
|
5780000
|
heap
|
page execute and read and write
|
||
|
7BDE000
|
stack
|
page read and write
|
||
|
3850000
|
trusted library allocation
|
page read and write
|
||
|
5E00000
|
heap
|
page read and write
|
||
|
1602000
|
trusted library allocation
|
page read and write
|
||
|
3350000
|
trusted library allocation
|
page read and write
|
||
|
37B9000
|
trusted library allocation
|
page read and write
|
||
|
1612000
|
trusted library allocation
|
page read and write
|
||
|
15E0000
|
trusted library allocation
|
page read and write
|
||
|
579E000
|
trusted library allocation
|
page read and write
|
||
|
36E4000
|
trusted library allocation
|
page read and write
|
||
|
3752000
|
trusted library allocation
|
page read and write
|
||
|
170C000
|
heap
|
page read and write
|
||
|
56F0000
|
trusted library allocation
|
page read and write
|
||
|
5BA2000
|
heap
|
page read and write
|
||
|
F02000
|
unkown
|
page readonly
|
||
|
7E9E000
|
stack
|
page read and write
|
||
|
5873000
|
heap
|
page read and write
|
||
|
37CA000
|
trusted library allocation
|
page read and write
|
||
|
5C8C000
|
stack
|
page read and write
|
||
|
3340000
|
trusted library allocation
|
page execute and read and write
|
||
|
3800000
|
trusted library allocation
|
page read and write
|
||
|
383B000
|
trusted library allocation
|
page read and write
|
||
|
385C000
|
trusted library allocation
|
page read and write
|
||
|
37CE000
|
trusted library allocation
|
page read and write
|
||
|
575E000
|
stack
|
page read and write
|
||
|
3774000
|
trusted library allocation
|
page read and write
|
||
|
342C000
|
trusted library allocation
|
page read and write
|
||
|
EB2000
|
unkown
|
page readonly
|
||
|
3826000
|
trusted library allocation
|
page read and write
|
||
|
579B000
|
trusted library allocation
|
page read and write
|
||
|
3856000
|
trusted library allocation
|
page read and write
|
||
|
3716000
|
trusted library allocation
|
page read and write
|
||
|
1685000
|
heap
|
page read and write
|
||
|
3794000
|
trusted library allocation
|
page read and write
|
||
|
379C000
|
trusted library allocation
|
page read and write
|
||
|
37F0000
|
trusted library allocation
|
page read and write
|
||
|
3733000
|
trusted library allocation
|
page read and write
|
||
|
570F000
|
trusted library allocation
|
page read and write
|
||
|
3804000
|
trusted library allocation
|
page read and write
|
||
|
5C40000
|
heap
|
page read and write
|
||
|
37ED000
|
trusted library allocation
|
page read and write
|
||
|
386F000
|
trusted library allocation
|
page read and write
|
||
|
15FD000
|
trusted library allocation
|
page execute and read and write
|
||
|
37FC000
|
trusted library allocation
|
page read and write
|
||
|
184E000
|
stack
|
page read and write
|
||
|
3871000
|
trusted library allocation
|
page read and write
|
||
|
3822000
|
trusted library allocation
|
page read and write
|
||
|
3380000
|
heap
|
page execute and read and write
|
||
|
381C000
|
trusted library allocation
|
page read and write
|
||
|
3875000
|
trusted library allocation
|
page read and write
|
||
|
5DF0000
|
heap
|
page read and write
|
||
|
4391000
|
trusted library allocation
|
page read and write
|
||
|
75E0000
|
trusted library allocation
|
page read and write
|
||
|
37AF000
|
trusted library allocation
|
page read and write
|
||
|
37BC000
|
trusted library allocation
|
page read and write
|
||
|
5C90000
|
trusted library section
|
page readonly
|
||
|
36D3000
|
trusted library allocation
|
page read and write
|
||
|
15ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B6F000
|
heap
|
page read and write
|
||
|
56E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
43B5000
|
trusted library allocation
|
page read and write
|
||
|
37FE000
|
trusted library allocation
|
page read and write
|
||
|
37CC000
|
trusted library allocation
|
page read and write
|
||
|
FA9000
|
stack
|
page read and write
|
||
|
15C7000
|
heap
|
page read and write
|
||
|
5790000
|
trusted library allocation
|
page read and write
|
||
|
3884000
|
trusted library allocation
|
page read and write
|
||
|
1600000
|
trusted library allocation
|
page read and write
|
||
|
1747000
|
heap
|
page read and write
|
||
|
3873000
|
trusted library allocation
|
page read and write
|
||
|
3360000
|
trusted library allocation
|
page read and write
|
||
|
15E3000
|
trusted library allocation
|
page execute and read and write
|
||
|
5870000
|
heap
|
page read and write
|
||
|
13F0000
|
heap
|
page read and write
|
||
|
5700000
|
trusted library allocation
|
page read and write
|
||
|
386D000
|
trusted library allocation
|
page read and write
|
||
|
5CC0000
|
trusted library allocation
|
page read and write
|
||
|
3839000
|
trusted library allocation
|
page read and write
|
||
|
79E0000
|
heap
|
page read and write
|
||
|
5710000
|
trusted library allocation
|
page read and write
|
||
|
388C000
|
trusted library allocation
|
page read and write
|
||
|
3796000
|
trusted library allocation
|
page read and write
|
||
|
3806000
|
trusted library allocation
|
page read and write
|
||
|
161B000
|
trusted library allocation
|
page execute and read and write
|
||
|
170F000
|
heap
|
page read and write
|
||
|
57B6000
|
trusted library allocation
|
page read and write
|
||
|
5CA0000
|
heap
|
page read and write
|
||
|
5860000
|
trusted library allocation
|
page read and write
|
||
|
5CE0000
|
heap
|
page read and write
|
||
|
12F7000
|
stack
|
page read and write
|
||
|
1455000
|
heap
|
page read and write
|
||
|
37E3000
|
trusted library allocation
|
page read and write
|
||
|
3731000
|
trusted library allocation
|
page read and write
|
||
|
3792000
|
trusted library allocation
|
page read and write
|
||
|
5B20000
|
heap
|
page read and write
|
||
|
1606000
|
trusted library allocation
|
page execute and read and write
|
||
|
1691000
|
heap
|
page read and write
|
||
|
37A1000
|
trusted library allocation
|
page read and write
|
||
|
5C20000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B24000
|
heap
|
page read and write
|
||
|
3802000
|
trusted library allocation
|
page read and write
|
||
|
3190000
|
heap
|
page read and write
|
||
|
37D6000
|
trusted library allocation
|
page read and write
|
||
|
3170000
|
heap
|
page read and write
|
||
|
312F000
|
stack
|
page read and write
|
||
|
383D000
|
trusted library allocation
|
page read and write
|
||
|
5C45000
|
heap
|
page read and write
|
||
|
1310000
|
heap
|
page read and write
|
||
|
3763000
|
trusted library allocation
|
page read and write
|
||
|
5DEE000
|
stack
|
page read and write
|
||
|
37B1000
|
trusted library allocation
|
page read and write
|
||
|
3798000
|
trusted library allocation
|
page read and write
|
||
|
5B73000
|
heap
|
page read and write
|
||
|
15C0000
|
heap
|
page read and write
|
||
|
3837000
|
trusted library allocation
|
page read and write
|
||
|
1610000
|
trusted library allocation
|
page read and write
|
||
|
56F9000
|
trusted library allocation
|
page read and write
|
||
|
5850000
|
trusted library allocation
|
page read and write
|
||
|
37E7000
|
trusted library allocation
|
page read and write
|
||
|
7D1F000
|
stack
|
page read and write
|
||
|
5FC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
57BD000
|
trusted library allocation
|
page read and write
|
||
|
356F000
|
trusted library allocation
|
page read and write
|
||
|
5800000
|
trusted library allocation
|
page read and write
|
||
|
57C2000
|
trusted library allocation
|
page read and write
|
||
|
1658000
|
heap
|
page read and write
|
||
|
37EB000
|
trusted library allocation
|
page read and write
|
||
|
57E5000
|
trusted library allocation
|
page read and write
|
||
|
5830000
|
heap
|
page read and write
|
||
|
160A000
|
trusted library allocation
|
page execute and read and write
|
||
|
316B000
|
stack
|
page read and write
|
||
|
3808000
|
trusted library allocation
|
page read and write
|
||
|
31A8000
|
trusted library allocation
|
page read and write
|
||
|
1640000
|
heap
|
page read and write
|
||
|
5840000
|
trusted library allocation
|
page execute and read and write
|
||
|
5B3C000
|
heap
|
page read and write
|
||
|
379A000
|
trusted library allocation
|
page read and write
|
There are 193 hidden memdumps, click here to show them.