Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
http://codepoints.net/static/js/codepoint.js!3c67217e710120291b75e8c13546e320?_=1618365050047
|
URL
|
initial url
|
 |
|
|
C:\Users\user\Desktop\cmdline.out
|
ASCII text, with CRLF line terminators
|
modified
|
|
|
|
C:\Users\user\Desktop\download\.wget-hsts
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\Desktop\download\codepoint.js!3c67217e710120291b75e8c13546e320@_=1618365050047
|
UTF-8 Unicode text, with very long lines, with no line terminators
|
dropped
|
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c wget -t 2 -v -T 60 -P 'C:\Users\user\Desktop\download' --no-check-certificate --content-disposition
--user-agent='Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; AS; rv:11.0) like Gecko' 'http://codepoints.net/static/js/codepoint.js!3c67217e710120291b75e8c13546e320?_=1618365050047'
> cmdline.out 2>&1
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
|
|
|
C:\Windows\SysWOW64\wget.exe
|
wget -t 2 -v -T 60 -P 'C:\Users\user\Desktop\download' --no-check-certificate --content-disposition --user-agent='Mozilla/5.0
(Windows NT 6.1; WOW64; Trident/7.0; AS; rv:11.0) like Gecko' 'http://codepoints.net/static/js/codepoint.js!3c67217e710120291b75e8c13546e320?_=1618365050047'
|
|
|
|
C:\Windows\System32\wscript.exe
|
'C:\Windows\System32\WScript.exe' 'C:\Users\user\Desktop\download\codepoint.js!3c67217e710120291b75e8c13546e320@_=1618365050047.js'
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://codepoints.net/static/js/codepoint.js!3c67217e710120291b75e8c13546e320?_=1618365050047
|
172.67.132.46
|
|
|
|
https://use.typekit.net
|
unknown
|
|
|
|
https://use.typekit.net:G
|
unknown
|
|
|
|
https://codepoints.net/static/js/codepoint.js
|
unknown
|
|
|
|
http://codepoints.net/static/js/codepoint.js
|
unknown
|
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
codepoints.net
|
172.67.132.46
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.1
|
unknown
|
unknown
|
|
|
|
172.67.132.46
|
codepoints.net
|
United States
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2042F64A000
|
unkown
|
page read and write
|
|
|
|
7FF4F7A98000
|
unkown
|
page readonly
|
|
|
|
7FF4F7A1A000
|
unkown
|
page readonly
|
|
|
|
1E108960000
|
heap private
|
page read and write
|
|
|
|
2042FD50000
|
unkown
|
page read and write
|
|
|
|
2CB9000
|
unkown
|
page read and write
|
|
|
|
1E108A97000
|
unkown
|
page read and write
|
|
|
|
2CBC000
|
unkown
|
page read and write
|
|
|
|
336F000
|
stack
|
page read and write
|
|
|
|
7FF4F7983000
|
unkown
|
page readonly
|
|
|
|
F08734B000
|
unkown
|
page read and write
|
|
|
|
7FF50D87A000
|
unkown
|
page readonly
|
|
|
|
1E1087B0000
|
unkown
|
page readonly
|
|
|
|
7FF50D7FC000
|
unkown
|
page readonly
|
|
|
|
1E108970000
|
unkown
|
page read and write
|
|
|
|
108000
|
heap default
|
page read and write
|
|
|
|
2042F64D000
|
unkown
|
page read and write
|
|
|
|
1E108A8E000
|
unkown
|
page read and write
|
|
|
|
1E1089E0000
|
unkown
|
page readonly
|
|
|
|
1E10A77A000
|
unkown
|
page read and write
|
|
|
|
2CFB000
|
unkown
|
page read and write
|
|
|
|
100000
|
heap default
|
page read and write
|
|
|
|
1E108A71000
|
unkown
|
page read and write
|
|
|
|
1E108A29000
|
unkown
|
page read and write
|
|
|
|
1E10A7DB000
|
unkown
|
page read and write
|
|
|
|
1350000
|
heap private
|
page read and write
|
|
|
|
1E108A47000
|
unkown
|
page read and write
|
|
|
|
7FF50D8FE000
|
unkown
|
page readonly
|
|
|
|
1E108AB4000
|
unkown
|
page read and write
|
|
|
|
F087775000
|
unkown
|
page read and write
|
|
|
|
1E108A9D000
|
unkown
|
page read and write
|
|
|
|
1E10A7DB000
|
unkown
|
page read and write
|
|
|
|
1E108A89000
|
unkown
|
page read and write
|
|
|
|
1E10A290000
|
unkown
|
page readonly
|
|
|
|
CA79DFE000
|
unkown
|
page read and write
|
|
|
|
2CFB000
|
unkown
|
page read and write
|
|
|
|
F8E000
|
unkown
|
page read and write
|
|
|
|
7FF50D974000
|
unkown
|
page readonly
|
|
|
|
7FF50D0FC000
|
unkown
|
page readonly
|
|
|
|
7FF50D8BC000
|
unkown
|
page readonly
|
|
|
|
7FF4F7B21000
|
unkown
|
page readonly
|
|
|
|
7FF4F7A5C000
|
unkown
|
page readonly
|
|
|
|
1E10A766000
|
unkown
|
page read and write
|
|
|
|
7FF50D981000
|
unkown
|
page readonly
|
|
|
|
1E108A97000
|
unkown
|
page read and write
|
|
|
|
2CF6000
|
unkown
|
page read and write
|
|
|
|
7FF50D890000
|
unkown
|
page readonly
|
|
|
|
7FF50D0F1000
|
unkown
|
page readonly
|
|
|
|
7FF50D853000
|
unkown
|
page readonly
|
|
|
|
7FF50D8BF000
|
unkown
|
page readonly
|
|
|
|
1E10A7DB000
|
unkown
|
page read and write
|
|
|
|
1E108A70000
|
unkown
|
page read and write
|
|
|
|
1E108810000
|
unkown
|
page readonly
|
|
|
|
7FF4F797D000
|
unkown
|
page readonly
|
|
|
|
1E10896B000
|
heap private
|
page read and write
|
|
|
|
1E10A792000
|
unkown
|
page read and write
|
|
|
|
7FF4F7A8F000
|
unkown
|
page readonly
|
|
|
|
373000
|
unkown
|
page read and write
|
|
|
|
2CF6000
|
unkown
|
page read and write
|
|
|
|
1E108AB4000
|
unkown
|
page read and write
|
|
|
|
7FF50D100000
|
unkown
|
page readonly
|
|
|
|
1356000
|
heap private
|
page read and write
|
|
|
|
7FF50D87C000
|
unkown
|
page readonly
|
|
|
|
7FF4F7A67000
|
unkown
|
page readonly
|
|
|
|
7FF50D97A000
|
unkown
|
page readonly
|
|
|
|
1E108A9F000
|
unkown
|
page read and write
|
|
|
|
7FF4FDC3E000
|
unkown
|
page readonly
|
|
|
|
2042F708000
|
unkown
|
page read and write
|
|
|
|
2042F674000
|
unkown
|
page read and write
|
|
|
|
ADE000
|
unkown
|
page read and write
|
|
|
|
118F000
|
stack
|
page read and write
|
|
|
|
1E108A2E000
|
unkown
|
page read and write
|
|
|
|
1E1089F0000
|
heap default
|
page read and write
|
|
|
|
7FF4F7AA9000
|
unkown
|
page readonly
|
|
|
|
1E108965000
|
heap private
|
page read and write
|
|
|
|
2042FD40000
|
unkown
|
page readonly
|
|
|
|
7FF4FDC3E000
|
unkown
|
page readonly
|
|
|
|
1E10A75E000
|
unkown
|
page read and write
|
|
|
|
1E10A768000
|
unkown
|
page read and write
|
|
|
|
1E10A750000
|
unkown
|
page read and write
|
|
|
|
1E10A795000
|
unkown
|
page read and write
|
|
|
|
2CB6000
|
unkown
|
page read and write
|
|
|
|
7FF4F7A1C000
|
unkown
|
page readonly
|
|
|
|
1E10A7DB000
|
unkown
|
page read and write
|
|
|
|
1E108A97000
|
unkown
|
page read and write
|
|
|
|
1E108AB4000
|
unkown
|
page read and write
|
|
|
|
7FF4F7A74000
|
unkown
|
page readonly
|
|
|
|
122000
|
heap default
|
page read and write
|
|
|
|
1E10A7C1000
|
unkown
|
page read and write
|
|
|
|
2CBF000
|
unkown
|
page read and write
|
|
|
|
312F000
|
stack
|
page read and write
|
|
|
|
1E108A8E000
|
unkown
|
page read and write
|
|
|
|
7FF50D89B000
|
unkown
|
page readonly
|
|
|
|
2042F5F0000
|
heap default
|
page read and write
|
|
|
|
7FF50D8EE000
|
unkown
|
page readonly
|
|
|
|
F08787B000
|
unkown
|
page read and write
|
|
|
|
1E108900000
|
unkown
|
page read and write
|
|
|
|
1E108A97000
|
unkown
|
page read and write
|
|
|
|
2042F655000
|
unkown
|
page read and write
|
|
|
|
1E108A16000
|
unkown
|
page read and write
|
|
|
|
1E10A404000
|
heap private
|
page read and write
|
|
|
|
7FF4F7A47000
|
unkown
|
page readonly
|
|
|
|
7FF50D8C7000
|
unkown
|
page readonly
|
|
|
|
356F000
|
stack
|
page read and write
|
|
|
|
7FF4F7605000
|
unkown
|
page readonly
|
|
|
|
1E10A7DB000
|
unkown
|
page read and write
|
|
|
|
7FF4F72A0000
|
unkown
|
page readonly
|
|
|
|
B30000
|
unkown
|
page readonly
|
|
|
|
7FF4F7A30000
|
unkown
|
page readonly
|
|
|
|
1E10A7DB000
|
unkown
|
page read and write
|
|
|
|
2042F702000
|
unkown
|
page read and write
|
|
|
|
F4F000
|
stack
|
page read and write
|
|
|
|
1E10A752000
|
unkown
|
page read and write
|
|
|
|
2CB5000
|
unkown
|
page read and write
|
|
|
|
CA7A3FF000
|
unkown
|
page read and write
|
|
|
|
7FF4F792E000
|
unkown
|
page readonly
|
|
|
|
1360000
|
unkown
|
page readonly
|
|
|
|
CA7A2FF000
|
unkown
|
page read and write
|
|
|
|
2042F800000
|
unkown
|
page readonly
|
|
|
|
2042F68D000
|
unkown
|
page read and write
|
|
|
|
7FF4F75F0000
|
unkown
|
page readonly
|
|
|
|
2CF2000
|
unkown
|
page read and write
|
|
|
|
7FF50D8F8000
|
unkown
|
page readonly
|
|
|
|
1E10A7DB000
|
unkown
|
page read and write
|
|
|
|
1E108A47000
|
unkown
|
page read and write
|
|
|
|
1E10A7B2000
|
unkown
|
page read and write
|
|
|
|
CA79CF9000
|
unkown
|
page read and write
|
|
|
|
1E108A8E000
|
unkown
|
page read and write
|
|
|
|
377000
|
unkown
|
page read and write
|
|
|
|
1E10A7DB000
|
unkown
|
page read and write
|
|
|
|
1E10A410000
|
unkown
|
page readonly
|
|
|
|
2CF2000
|
unkown
|
page read and write
|
|
|
|
1E10A7D0000
|
unkown
|
page read and write
|
|
|
|
1E108A70000
|
unkown
|
page read and write
|
|
|
|
9CC000
|
stack
|
page read and write
|
|
|
|
7FF4F7A84000
|
unkown
|
page readonly
|
|
|
|
9D0000
|
unkown
|
page readonly
|
|
|
|
9D000
|
unkown
|
page read and write
|
|
|
|
7FF50D88E000
|
unkown
|
page readonly
|
|
|
|
7FF50D909000
|
unkown
|
page readonly
|
|
|
|
7FF50D906000
|
unkown
|
page readonly
|
|
|
|
1E108A7B000
|
unkown
|
page read and write
|
|
|
|
1E108A8B000
|
unkown
|
page read and write
|
|
|
|
7FF50D8A7000
|
unkown
|
page readonly
|
|
|
|
2970000
|
unkown
|
page readonly
|
|
|
|
1E108A8E000
|
unkown
|
page read and write
|
|
|
|
1E108969000
|
unkown
|
page read and write
|
|
|
|
1E10A7A6000
|
unkown
|
page read and write
|
|
|
|
7FF4F7A3B000
|
unkown
|
page readonly
|
|
|
|
1E108920000
|
unkown
|
page readonly
|
|
|
|
B46000
|
heap default
|
page read and write
|
|
|
|
7FF50D798000
|
unkown
|
page readonly
|
|
|
|
1E10A757000
|
unkown
|
page read and write
|
|
|
|
1E10A772000
|
unkown
|
page read and write
|
|
|
|
2CFD000
|
unkown
|
page read and write
|
|
|
|
1E10A7CF000
|
unkown
|
page read and write
|
|
|
|
CA7A0FE000
|
unkown
|
page read and write
|
|
|
|
7FF50D8D4000
|
unkown
|
page readonly
|
|
|
|
1E108A15000
|
unkown
|
page read and write
|
|
|
|
CA79EFE000
|
unkown
|
page read and write
|
|
|
|
7FF4F77A7000
|
unkown
|
page readonly
|
|
|
|
1E108A09000
|
unkown
|
page read and write
|
|
|
|
1E108A70000
|
unkown
|
page read and write
|
|
|
|
2CB3000
|
unkown
|
page read and write
|
|
|
|
7FF4F792B000
|
unkown
|
page readonly
|
|
|
|
1E10A7DB000
|
unkown
|
page read and write
|
|
|
|
1E10A7DB000
|
unkown
|
page read and write
|
|
|
|
F087BFE000
|
unkown
|
page read and write
|
|
|
|
7FF50D88A000
|
unkown
|
page readonly
|
|
|
|
7FF4F7A9E000
|
unkown
|
page readonly
|
|
|
|
2042F613000
|
unkown
|
page read and write
|
|
|
|
7FF4F799C000
|
unkown
|
page readonly
|
|
|
|
1E108AF0000
|
unkown
|
page readonly
|
|
|
|
7FF4F7AAD000
|
unkown
|
page readonly
|
|
|
|
B20000
|
unkown
|
page read and write
|
|
|
|
7FF4F7881000
|
unkown
|
page readonly
|
|
|
|
1E108A14000
|
unkown
|
page read and write
|
|
|
|
2042F650000
|
unkown
|
page read and write
|
|
|
|
1E1088E0000
|
unkown
|
page read and write
|
|
|
|
7FF50D923000
|
unkown
|
page readonly
|
|
|
|
1E10A759000
|
unkown
|
page read and write
|
|
|
|
1E108A2B000
|
unkown
|
page read and write
|
|
|
|
2042F629000
|
unkown
|
page read and write
|
|
|
|
1E108A97000
|
unkown
|
page read and write
|
|
|
|
7DFCA6D2E000
|
unkown
|
page readonly
|
|
|
|
1E10A7C1000
|
unkown
|
page read and write
|
|
|
|
7FF4F78D3000
|
unkown
|
page readonly
|
|
|
|
1E10A78A000
|
unkown
|
page read and write
|
|
|
|
2CFD000
|
unkown
|
page read and write
|
|
|
|
1E108A3D000
|
unkown
|
page read and write
|
|
|
|
F0879F7000
|
unkown
|
page read and write
|
|
|
|
7FF50D8E4000
|
unkown
|
page readonly
|
|
|
|
B1E000
|
unkown
|
page read and write
|
|
|
|
1E108A15000
|
unkown
|
page read and write
|
|
|
|
7FF4F7A35000
|
unkown
|
page readonly
|
|
|
|
7FF4F75F6000
|
unkown
|
page readonly
|
|
|
|
1E108A89000
|
unkown
|
page read and write
|
|
|
|
20430000000
|
unkown
|
page readonly
|
|
|
|
2CB2000
|
unkown
|
page read and write
|
|
|
|
D4F000
|
stack
|
page read and write
|
|
|
|
1E108A55000
|
unkown
|
page read and write
|
|
|
|
1E108A0E000
|
heap default
|
page read and write
|
|
|
|
F0878FE000
|
unkown
|
page read and write
|
|
|
|
2CB9000
|
unkown
|
page read and write
|
|
|
|
7FF4F7994000
|
unkown
|
page readonly
|
|
|
|
1E10A762000
|
unkown
|
page read and write
|
|
|
|
2042FAD0000
|
unkown
|
page readonly
|
|
|
|
2042F8D0000
|
unkown
|
page readonly
|
|
|
|
1E108A19000
|
unkown
|
page read and write
|
|
|
|
1E108A1A000
|
unkown
|
page read and write
|
|
|
|
2042F700000
|
unkown
|
page read and write
|
|
|
|
2CFD000
|
unkown
|
page read and write
|
|
|
|
CA7A1FF000
|
unkown
|
page read and write
|
|
|
|
CA7A4FF000
|
unkown
|
page read and write
|
|
|
|
7FF50D5FE000
|
unkown
|
page readonly
|
|
|
|
1E10C0A0000
|
unkown
|
page read and write
|
|
|
|
F0873CE000
|
unkown
|
page read and write
|
|
|
|
1E10A752000
|
unkown
|
page read and write
|
|
|
|
7FF50D822000
|
unkown
|
page readonly
|
|
|
|
2042FE02000
|
unkown
|
page read and write
|
|
|
|
7FF4F7A5F000
|
unkown
|
page readonly
|
|
|
|
2DEE000
|
unkown
|
page read and write
|
|
|
|
20430340000
|
unkown
|
page readonly
|
|
|
|
7FF4F7B14000
|
unkown
|
page readonly
|
|
|
|
7FF50D85F000
|
unkown
|
page readonly
|
|
|
|
2042F66C000
|
unkown
|
page read and write
|
|
|
|
2F2E000
|
unkown
|
page read and write
|
|
|
|
2042F600000
|
unkown
|
page read and write
|
|
|
|
1E108950000
|
unkown
|
page readonly
|
|
|
|
2042F681000
|
unkown
|
page read and write
|
|
|
|
7FF4F7A2A000
|
unkown
|
page readonly
|
|
|
|
2042F713000
|
unkown
|
page read and write
|
|
|
|
F087AFF000
|
unkown
|
page read and write
|
|
|
|
7FF4F7B1A000
|
unkown
|
page readonly
|
|
|
|
1E10A782000
|
unkown
|
page read and write
|
|
|
|
1E108AA1000
|
unkown
|
page read and write
|
|
|
|
316E000
|
unkown
|
page read and write
|
|
|
|
7FF50D895000
|
unkown
|
page readonly
|
|
|
|
1E10A7DB000
|
unkown
|
page read and write
|
|
|
|
7FF50D8D8000
|
unkown
|
page readonly
|
|
|
|
7FF4F7A2E000
|
unkown
|
page readonly
|
|
|
|
7FF4F7B22000
|
unkown
|
page readonly
|
|
|
|
1E10BFA0000
|
unkown
|
page read and write
|
|
|
|
1320000
|
unkown
|
page read and write
|
|
|
|
1E10A400000
|
heap private
|
page read and write
|
|
|
|
1330000
|
unkown
|
page read and write
|
|
|
|
1E10A7DB000
|
unkown
|
page read and write
|
|
|
|
7FF50D982000
|
unkown
|
page readonly
|
|
|
|
1E108A98000
|
unkown
|
page read and write
|
|
|
|
1E10A350000
|
unkown
|
page read and write
|
|
|
|
2042F590000
|
heap private
|
page read and write
|
|
|
|
7FF50D82C000
|
unkown
|
page readonly
|
|
|
|
7FF50D90D000
|
unkown
|
page readonly
|
|
|
|
7FF50D793000
|
unkown
|
page readonly
|
|
|
|
2042F63C000
|
unkown
|
page read and write
|
|
|
|
F08767E000
|
unkown
|
page read and write
|
|
|
|
7FF4F7911000
|
unkown
|
page readonly
|
|
|
|
2CB1000
|
unkown
|
page read and write
|
|
|
|
1E1089FE000
|
heap default
|
page read and write
|
|
|
|
1E10A755000
|
unkown
|
page read and write
|
|
|
|
1E10A7DB000
|
unkown
|
page read and write
|
|
|
|
1E10A79E000
|
unkown
|
page read and write
|
|
|
|
1E108A70000
|
unkown
|
page read and write
|
|
|
|
1E10A7DB000
|
unkown
|
page read and write
|
|
|
|
1E108A17000
|
unkown
|
page read and write
|
|
|
|
2CB0000
|
unkown
|
page read and write
|
|
|
|
B40000
|
heap default
|
page read and write
|
|
|
|
7FF4F7AA6000
|
unkown
|
page readonly
|
|
|
|
7FF4F7A7A000
|
unkown
|
page readonly
|
|
There are 259 hidden memdumps, click here to show them.