Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Users\user\Desktop\file.exe
|
"C:\Users\user\Desktop\file.exe"
|
||
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
|
||
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 4080 -s 1148
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://github.com/mgravell/protobuf-net
|
unknown
|
||
https://github.com/mgravell/protobuf-neti
|
unknown
|
||
https://stackoverflow.com/q/14436606/23354
|
unknown
|
||
https://github.com/mgravell/protobuf-netJ
|
unknown
|
||
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
https://stackoverflow.com/q/11564914/23354;
|
unknown
|
||
https://stackoverflow.com/q/2152978/23354
|
unknown
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
2619000
|
trusted library allocation
|
page read and write
|
||
58A0000
|
trusted library section
|
page read and write
|
||
4AC0000
|
trusted library allocation
|
page read and write
|
||
275E000
|
trusted library allocation
|
page read and write
|
||
28D3000
|
trusted library allocation
|
page read and write
|
||
C22000
|
trusted library allocation
|
page read and write
|
||
246E000
|
stack
|
page read and write
|
||
29BD000
|
trusted library allocation
|
page read and write
|
||
4C5E000
|
stack
|
page read and write
|
||
2B1B000
|
trusted library allocation
|
page read and write
|
||
2BA4000
|
trusted library allocation
|
page read and write
|
||
4D87000
|
heap
|
page read and write
|
||
27E2000
|
trusted library allocation
|
page read and write
|
||
28C6000
|
trusted library allocation
|
page read and write
|
||
86D000
|
heap
|
page read and write
|
||
50AA000
|
trusted library allocation
|
page read and write
|
||
4B0D000
|
trusted library allocation
|
page read and write
|
||
A35000
|
heap
|
page read and write
|
||
2A9D000
|
trusted library allocation
|
page read and write
|
||
90BE000
|
stack
|
page read and write
|
||
26A8000
|
trusted library allocation
|
page read and write
|
||
27FD000
|
trusted library allocation
|
page read and write
|
||
C00000
|
trusted library allocation
|
page read and write
|
||
2A50000
|
trusted library allocation
|
page read and write
|
||
27C7000
|
trusted library allocation
|
page read and write
|
||
2AC6000
|
trusted library allocation
|
page read and write
|
||
29E3000
|
trusted library allocation
|
page read and write
|
||
2897000
|
trusted library allocation
|
page read and write
|
||
2867000
|
trusted library allocation
|
page read and write
|
||
2915000
|
trusted library allocation
|
page read and write
|
||
35A1000
|
trusted library allocation
|
page read and write
|
||
2B13000
|
trusted library allocation
|
page read and write
|
||
2957000
|
trusted library allocation
|
page read and write
|
||
2B70000
|
trusted library allocation
|
page read and write
|
||
4EEB000
|
heap
|
page read and write
|
||
297C000
|
trusted library allocation
|
page read and write
|
||
27B7000
|
trusted library allocation
|
page read and write
|
||
2865000
|
trusted library allocation
|
page read and write
|
||
9AE000
|
stack
|
page read and write
|
||
2731000
|
trusted library allocation
|
page read and write
|
||
28B5000
|
trusted library allocation
|
page read and write
|
||
780000
|
heap
|
page read and write
|
||
2974000
|
trusted library allocation
|
page read and write
|
||
880000
|
trusted library allocation
|
page read and write
|
||
2AD0000
|
trusted library allocation
|
page read and write
|
||
6ACA000
|
trusted library allocation
|
page read and write
|
||
29B5000
|
trusted library allocation
|
page read and write
|
||
4B37000
|
trusted library allocation
|
page execute and read and write
|
||
2988000
|
trusted library allocation
|
page read and write
|
||
C2A000
|
trusted library allocation
|
page execute and read and write
|
||
4BC0000
|
heap
|
page execute and read and write
|
||
2986000
|
trusted library allocation
|
page read and write
|
||
26E2000
|
trusted library allocation
|
page read and write
|
||
2B30000
|
trusted library allocation
|
page read and write
|
||
2905000
|
trusted library allocation
|
page read and write
|
||
5A20000
|
trusted library allocation
|
page execute and read and write
|
||
2A58000
|
trusted library allocation
|
page read and write
|
||
7C4000
|
heap
|
page read and write
|
||
28EB000
|
trusted library allocation
|
page read and write
|
||
28D0000
|
trusted library allocation
|
page read and write
|
||
820000
|
remote allocation
|
page execute and read and write
|
||
26AC000
|
trusted library allocation
|
page read and write
|
||
287A000
|
trusted library allocation
|
page read and write
|
||
2A37000
|
trusted library allocation
|
page read and write
|
||
2980000
|
trusted library allocation
|
page read and write
|
||
2B91000
|
trusted library allocation
|
page read and write
|
||
966E000
|
stack
|
page read and write
|
||
29EF000
|
trusted library allocation
|
page read and write
|
||
29B7000
|
trusted library allocation
|
page read and write
|
||
2AEE000
|
trusted library allocation
|
page read and write
|
||
4C8F000
|
trusted library allocation
|
page read and write
|
||
28A9000
|
trusted library allocation
|
page read and write
|
||
2771000
|
trusted library allocation
|
page read and write
|
||
5A00000
|
trusted library allocation
|
page read and write
|
||
285D000
|
trusted library allocation
|
page read and write
|
||
BFF000
|
stack
|
page read and write
|
||
2A9F000
|
trusted library allocation
|
page read and write
|
||
C26000
|
trusted library allocation
|
page execute and read and write
|
||
28B3000
|
trusted library allocation
|
page read and write
|
||
5CB0000
|
heap
|
page read and write
|
||
4B17000
|
trusted library allocation
|
page read and write
|
||
2AC2000
|
trusted library allocation
|
page read and write
|
||
2B20000
|
trusted library allocation
|
page read and write
|
||
26AA000
|
trusted library allocation
|
page read and write
|
||
692E000
|
stack
|
page read and write
|
||
2834000
|
trusted library allocation
|
page read and write
|
||
2827000
|
trusted library allocation
|
page read and write
|
||
287E000
|
trusted library allocation
|
page read and write
|
||
4CDA000
|
heap
|
page read and write
|
||
2982000
|
trusted library allocation
|
page read and write
|
||
4D6A000
|
heap
|
page read and write
|
||
2ACC000
|
trusted library allocation
|
page read and write
|
||
4AE0000
|
trusted library allocation
|
page read and write
|
||
3CA000
|
stack
|
page read and write
|
||
27C9000
|
trusted library allocation
|
page read and write
|
||
9A0000
|
heap
|
page readonly
|