Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
4iDSIZ8MhI.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
||
C:\Users\user\AppData\Local\Temp\autE651.tmp
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\autE681.tmp
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\leucoryx
|
ASCII text, with very long lines (65536), with no line terminators
|
modified
|
||
C:\Users\user\AppData\Local\Temp\scroll
|
data
|
dropped
|
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Users\user\Desktop\4iDSIZ8MhI.exe
|
"C:\Users\user\Desktop\4iDSIZ8MhI.exe"
|
||
C:\Windows\SysWOW64\svchost.exe
|
"C:\Users\user\Desktop\4iDSIZ8MhI.exe"
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
400000
|
system
|
page execute and read and write
|
||
3750000
|
direct allocation
|
page read and write
|
||
3013000
|
heap
|
page read and write
|
||
3013000
|
heap
|
page read and write
|
||
3F10000
|
direct allocation
|
page read and write
|
||
3013000
|
heap
|
page read and write
|
||
3AC000
|
unkown
|
page read and write
|
||
4039000
|
direct allocation
|
page read and write
|
||
138F000
|
heap
|
page read and write
|
||
3D70000
|
direct allocation
|
page read and write
|
||
14CC000
|
heap
|
page read and write
|
||
37C000
|
unkown
|
page readonly
|
||
3790000
|
direct allocation
|
page read and write
|
||
408D000
|
direct allocation
|
page read and write
|
||
4089000
|
direct allocation
|
page read and write
|
||
3217000
|
heap
|
page read and write
|
||
3A29000
|
direct allocation
|
page execute and read and write
|
||
3990000
|
direct allocation
|
page execute and read and write
|
||
382D000
|
heap
|
page read and write
|
||
3013000
|
heap
|
page read and write
|
||
4039000
|
direct allocation
|
page read and write
|
||
3013000
|
heap
|
page read and write
|
||
E39000
|
stack
|
page read and write
|
||
3013000
|
heap
|
page read and write
|
||
1458000
|
heap
|
page read and write
|
||
2D4C000
|
stack
|
page read and write
|
||
3013000
|
heap
|
page read and write
|
||
3013000
|
heap
|
page read and write
|
||
374F000
|
stack
|
page read and write
|
||
3BD1000
|
direct allocation
|
page execute and read and write
|
||
14C6000
|
heap
|
page read and write
|
||
3013000
|
heap
|
page read and write
|
||
3EE3000
|
direct allocation
|
page read and write
|
||
13F5000
|
heap
|
page read and write
|
||
4089000
|
direct allocation
|
page read and write
|
||
148F000
|
heap
|
page read and write
|
||
3301000
|
heap
|
page read and write
|
||
201F000
|
stack
|
page read and write
|
||
3013000
|
heap
|
page read and write
|
||
3013000
|
heap
|
page read and write
|
||
39D0000
|
heap
|
page read and write
|
||
34D0000
|
direct allocation
|
page read and write
|
||
13F2000
|
heap
|
page read and write
|
||
1270000
|
heap
|
page read and write
|
||
408D000
|
direct allocation
|
page read and write
|
||
3013000
|
heap
|
page read and write
|
||
2D0D000
|
stack
|
page read and write
|
||
2D80000
|
heap
|
page read and write
|
||
403D000
|
direct allocation
|
page read and write
|
||
40AE000
|
direct allocation
|
page read and write
|
||
3790000
|
direct allocation
|
page read and write
|
||
3790000
|
direct allocation
|
page read and write
|
||
3A2D000
|
direct allocation
|
page execute and read and write
|
||
13F6000
|
heap
|
page read and write
|
||
12BE000
|
stack
|
page read and write
|
||
40AE000
|
direct allocation
|
page read and write
|
||
2E0000
|
unkown
|
page readonly
|
||
3013000
|
heap
|
page read and write
|
||
1C1E000
|
stack
|
page read and write
|
||
13F6000
|
heap
|
page read and write
|
||
2DA0000
|
heap
|
page read and write
|
||
3013000
|
heap
|
page read and write
|
||
3D70000
|
direct allocation
|
page read and write
|
||
3700000
|
heap
|
page read and write
|
||
3E93000
|
direct allocation
|
page read and write
|
||
3500000
|
heap
|
page read and write
|
||
3D20000
|
direct allocation
|
page read and write
|
||
13F2000
|
heap
|
page read and write
|
||
3013000
|
heap
|
page read and write
|
||
40AE000
|
direct allocation
|
page read and write
|
||
3790000
|
direct allocation
|
page read and write
|
||
130E000
|
stack
|
page read and write
|
||
123F000
|
stack
|
page read and write
|
||
389E000
|
heap
|
page read and write
|
||
149C000
|
heap
|
page read and write
|
||
2E0000
|
unkown
|
page readonly
|
||
138F000
|
heap
|
page read and write
|
||
3013000
|
heap
|
page read and write
|
||
403D000
|
direct allocation
|
page read and write
|
||
3013000
|
heap
|
page read and write
|
||
1358000
|
heap
|
page read and write
|
||
13F2000
|
heap
|
page read and write
|
||
3B0000
|
unkown
|
page write copy
|
||
3623000
|
heap
|
page read and write
|
||
3013000
|
heap
|
page read and write
|
||
3217000
|
heap
|
page read and write
|