Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\wscript.exe
|
C:\Windows\System32\wscript.exe 'C:\Users\user\Desktop\config_xml.js'
|
 |
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.techsmith.com/xmp/tsc/
|
unknown
|
|
|
|
http://ns.ad
|
unknown
|
|
|
|
http://www.techsmith.com/xmp/tscHS/
|
unknown
|
|
|
|
http://www.techsmith.com/xmp/tscIQ/
|
unknown
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
254B507F000
|
unkown
|
page read and write
|
|
|
|
B493BFE000
|
unkown
|
page read and write
|
|
|
|
7FF5BFDB7000
|
unkown image
|
page readonly
|
|
|
|
7FF56EDA2000
|
unkown image
|
page readonly
|
|
|
|
7FF56ED9A000
|
unkown image
|
page readonly
|
|
|
|
254B4F00000
|
heap private
|
page read and write
|
|
|
|
7136DF7000
|
unkown
|
page read and write
|
|
|
|
7FF56EBFD000
|
unkown image
|
page readonly
|
|
|
|
254B508A000
|
unkown
|
page read and write
|
|
|
|
7FF56ECB5000
|
unkown image
|
page readonly
|
|
|
|
7FF5CAA80000
|
unkown image
|
page readonly
|
|
|
|
B493AFF000
|
unkown
|
page read and write
|
|
|
|
254B5013000
|
unkown
|
page read and write
|
|
|
|
7DF583E30000
|
unkown image
|
page readonly
|
|
|
|
7FF5CADB2000
|
unkown image
|
page readonly
|
|
|
|
7FF5CAF0A000
|
unkown image
|
page readonly
|
|
|
|
B493119000
|
unkown
|
page read and write
|
|
|
|
7FF56E870000
|
unkown image
|
page readonly
|
|
|
|
7FF56EA27000
|
unkown image
|
page readonly
|
|
|
|
7DF583E40000
|
unkown image
|
page readonly
|
|
|
|
7DF5DFFA0000
|
unkown image
|
page readonly
|
|
|
|
7DF5DFF92000
|
unkown image
|
page readonly
|
|
|
|
7FF56ED0F000
|
unkown image
|
page readonly
|
|
|
|
7DF5DFF90000
|
unkown image
|
page readonly
|
|
|
|
7FF5CAF04000
|
unkown image
|
page readonly
|
|
|
|
28741DE0000
|
unkown
|
page read and write
|
|
|
|
254B4F40000
|
unkown image
|
page readonly
|
|
|
|
B4937FF000
|
unkown
|
page read and write
|
|
|
|
7FF56ED18000
|
unkown image
|
page readonly
|
|
|
|
2873FFB6000
|
unkown
|
page read and write
|
|
|
|
2873FEF0000
|
unkown
|
page read and write
|
|
|
|
254B5802000
|
unkown
|
page read and write
|
|
|
|
7FF56ED2D000
|
unkown image
|
page readonly
|
|
|
|
2873FFE6000
|
unkown
|
page read and write
|
|
|
|
7FF5CAE2B000
|
unkown image
|
page readonly
|
|
|
|
254B4EF0000
|
unkown image
|
page read and write
|
|
|
|
2873FEB0000
|
unkown image
|
page readonly
|
|
|
|
7FF56EBAE000
|
unkown image
|
page readonly
|
|
|
|
2873FFDD000
|
unkown
|
page read and write
|
|
|
|
7FF56E876000
|
unkown image
|
page readonly
|
|
|
|
2873FFA8000
|
unkown
|
page read and write
|
|
|
|
254B5029000
|
unkown
|
page read and write
|
|
|
|
B4934FE000
|
unkown
|
page read and write
|
|
|
|
713676B000
|
unkown
|
page read and write
|
|
|
|
7FF5BFDB7000
|
unkown image
|
page readonly
|
|
|
|
7FF56EB53000
|
unkown image
|
page readonly
|
|
|
|
7DF5DFFB0000
|
unkown image
|
page readonly
|
|
|
|
7FF56EA30000
|
unkown image
|
page readonly
|
|
|
|
7FF5CA956000
|
unkown image
|
page readonly
|
|
|
|
2873FFBA000
|
unkown
|
page read and write
|
|
|
|
254B4F90000
|
unkown
|
page read and write
|
|
|
|
7DF5DFFA2000
|
unkown image
|
page readonly
|
|
|
|
7DF4DDE60000
|
unkown image
|
page readonly
|
|
|
|
2873FF50000
|
unkown image
|
page readonly
|
|
|
|
7FF5CAF12000
|
unkown image
|
page readonly
|
|
|
|
7136B7B000
|
unkown
|
page read and write
|
|
|
|
7FF5CAE68000
|
unkown image
|
page readonly
|
|
|
|
254B503C000
|
unkown
|
page read and write
|
|
|
|
254B5066000
|
unkown
|
page read and write
|
|
|
|
254B54D0000
|
unkown image
|
page readonly
|
|
|
|
28741DD0000
|
unkown
|
page read and write
|
|
|
|
7FF56ED26000
|
unkown image
|
page readonly
|
|
|
|
2873FEA0000
|
unkown image
|
page readonly
|
|
|
|
7FF56EC1C000
|
unkown image
|
page readonly
|
|
|
|
254B5650000
|
unkown image
|
page readonly
|
|
|
|
7FF5CAE99000
|
unkown image
|
page readonly
|
|
|
|
254B505C000
|
unkown
|
page read and write
|
|
|
|
7FF56ECDC000
|
unkown image
|
page readonly
|
|
|
|
7FF5CAE64000
|
unkown image
|
page readonly
|
|
|
|
254B5002000
|
unkown
|
page read and write
|
|
|
|
7FF5CAE1A000
|
unkown image
|
page readonly
|
|
|
|
254B505A000
|
unkown
|
page read and write
|
|
|
|
7FF5CA6A5000
|
unkown image
|
page readonly
|
|
|
|
254B5108000
|
unkown
|
page read and write
|
|
|
|
7FF5CAE8E000
|
unkown image
|
page readonly
|
|
|
|
7FF56ECC7000
|
unkown image
|
page readonly
|
|
|
|
28741DD4000
|
unkown
|
page read and write
|
|
|
|
287402F0000
|
unkown image
|
page readonly
|
|
|
|
7FF5CADBC000
|
unkown image
|
page readonly
|
|
|
|
28741DE0000
|
unkown
|
page read and write
|
|
|
|
7FF56ED29000
|
unkown image
|
page readonly
|
|
|
|
7DF5DFFB0000
|
unkown image
|
page readonly
|
|
|
|
7FF56ECB0000
|
unkown image
|
page readonly
|
|
|
|
2873FED0000
|
unkown
|
page read and write
|
|
|
|
7FF56EB91000
|
unkown image
|
page readonly
|
|
|
|
7FF5CAE4C000
|
unkown image
|
page readonly
|
|
|
|
254B5000000
|
unkown
|
page read and write
|
|
|
|
7FF56ECBB000
|
unkown image
|
page readonly
|
|
|
|
7FF56ECFA000
|
unkown image
|
page readonly
|
|
|
|
7FF5CAE1E000
|
unkown image
|
page readonly
|
|
|
|
28741DD8000
|
unkown
|
page read and write
|
|
|
|
7FF5CAE88000
|
unkown image
|
page readonly
|
|
|
|
7DF5DFF92000
|
unkown image
|
page readonly
|
|
|
|
7FF56ECAA000
|
unkown image
|
page readonly
|
|
|
|
7FF5CAF11000
|
unkown image
|
page readonly
|
|
|
|
7FF5CAA9F000
|
unkown image
|
page readonly
|
|
|
|
7DF583E40000
|
unkown image
|
page readonly
|
|
|
|
7FF56ECF4000
|
unkown image
|
page readonly
|
|
|
|
7FF5CAE7E000
|
unkown image
|
page readonly
|
|
|
|
2873FFE7000
|
unkown
|
page read and write
|
|
|
|
7FF5CAE96000
|
unkown image
|
page readonly
|
|
|
|
7FF5CABD0000
|
unkown image
|
page readonly
|
|
|
|
7FF5CAE74000
|
unkown image
|
page readonly
|
|
|
|
7FF56ED1E000
|
unkown image
|
page readonly
|
|
|
|
7FF56ED94000
|
unkown image
|
page readonly
|
|
|
|
2873FFDF000
|
unkown
|
page read and write
|
|
|
|
7FF5CAE37000
|
unkown image
|
page readonly
|
|
|
|
7FF5CAE57000
|
unkown image
|
page readonly
|
|
|
|
7DF5DFFA2000
|
unkown image
|
page readonly
|
|
|
|
254B4F10000
|
unkown image
|
page readonly
|
|
|
|
7FF56ED04000
|
unkown image
|
page readonly
|
|
|
|
254B4F10000
|
unkown image
|
page readonly
|
|
|
|
2873FFD0000
|
unkown
|
page read and write
|
|
|
|
7DF583E20000
|
unkown image
|
page readonly
|
|
|
|
7FF5CAE0A000
|
unkown image
|
page readonly
|
|
|
|
7FF56EBAB000
|
unkown image
|
page readonly
|
|
|
|
2873FE80000
|
unkown image
|
page readonly
|
|
|
|
2873FF20000
|
heap private
|
page read and write
|
|
|
|
B4935FE000
|
unkown
|
page read and write
|
|
|
|
7DF583E22000
|
unkown image
|
page readonly
|
|
|
|
7FF5CAE9D000
|
unkown image
|
page readonly
|
|
|
|
7DF5DFFA0000
|
unkown image
|
page readonly
|
|
|
|
7136C7B000
|
unkown
|
page read and write
|
|
|
|
2873FE70000
|
unkown image
|
page readonly
|
|
|
|
254B4F30000
|
unkown image
|
page readonly
|
|
|
|
287404F0000
|
unkown image
|
page readonly
|
|
|
|
7FF56EC9C000
|
unkown image
|
page readonly
|
|
|
|
7FF56EC14000
|
unkown image
|
page readonly
|
|
|
|
7FF5CAE20000
|
unkown image
|
page readonly
|
|
|
|
7FF5CADEF000
|
unkown image
|
page readonly
|
|
|
|
7FF5CA66C000
|
unkown image
|
page readonly
|
|
|
|
7DF481CF0000
|
unkown image
|
page readonly
|
|
|
|
7FF56EC03000
|
unkown image
|
page readonly
|
|
|
|
7FF5CAEB3000
|
unkown image
|
page readonly
|
|
|
|
7FF56ECE7000
|
unkown image
|
page readonly
|
|
|
|
28740670000
|
unkown image
|
page readonly
|
|
|
|
2873FE80000
|
unkown image
|
page readonly
|
|
|
|
7FF56EDA1000
|
unkown image
|
page readonly
|
|
|
|
287402EE000
|
heap private
|
page read and write
|
|
|
|
7FF56E885000
|
unkown image
|
page readonly
|
|
|
|
2873FFB8000
|
unkown
|
page read and write
|
|
|
|
2873FF98000
|
heap default
|
page read and write
|
|
|
|
71367EE000
|
unkown
|
page read and write
|
|
|
|
287402E5000
|
heap private
|
page read and write
|
|
|
|
2873FFCE000
|
unkown
|
page read and write
|
|
|
|
287402EC000
|
heap private
|
page read and write
|
|
|
|
254B5054000
|
unkown
|
page read and write
|
|
|
|
254B5100000
|
unkown
|
page read and write
|
|
|
|
7FF56EB71000
|
unkown image
|
page readonly
|
|
|
|
2873FFBA000
|
unkown
|
page read and write
|
|
|
|
7FF56ECAE000
|
unkown image
|
page readonly
|
|
|
|
28740160000
|
unkown image
|
page readonly
|
|
|
|
254B4F70000
|
unkown image
|
page readonly
|
|
|
|
2873FE60000
|
unkown image
|
page read and write
|
|
|
|
7FF56EB01000
|
unkown image
|
page readonly
|
|
|
|
7DF583E22000
|
unkown image
|
page readonly
|
|
|
|
254B5113000
|
unkown
|
page read and write
|
|
|
|
7DF583E32000
|
unkown image
|
page readonly
|
|
|
|
254B5102000
|
unkown
|
page read and write
|
|
|
|
7DF583E30000
|
unkown image
|
page readonly
|
|
|
|
7FF5CAE0C000
|
unkown image
|
page readonly
|
|
|
|
B4938FE000
|
unkown
|
page read and write
|
|
|
|
254B5061000
|
unkown
|
page read and write
|
|
|
|
2873FF90000
|
heap default
|
page read and write
|
|
|
|
7136CFE000
|
unkown
|
page read and write
|
|
|
|
287402E0000
|
heap private
|
page read and write
|
|
|
|
7136EFF000
|
unkown
|
page read and write
|
|
|
|
B4939FE000
|
unkown
|
page read and write
|
|
|
|
254B52D0000
|
unkown image
|
page readonly
|
|
|
|
7FF5CAE4F000
|
unkown image
|
page readonly
|
|
|
|
254B505E000
|
unkown
|
page read and write
|
|
|
|
28741DD1000
|
unkown
|
page read and write
|
|
|
|
254B4F60000
|
heap default
|
page read and write
|
|
|
|
7FF56ECDF000
|
unkown image
|
page readonly
|
|
|
|
2873FFAD000
|
heap default
|
page read and write
|
|
|
|
7FF5CAE25000
|
unkown image
|
page readonly
|
|
|
|
2873FFE7000
|
unkown
|
page read and write
|
|
|
|
7DF583E20000
|
unkown image
|
page readonly
|
|
|
|
7DF583E32000
|
unkown image
|
page readonly
|
|
|
|
7DF5DFF90000
|
unkown image
|
page readonly
|
|
|
|
7136A7D000
|
unkown
|
page read and write
|
|
|
|
7136FFE000
|
unkown
|
page read and write
|
|
|
|
7FF56EC9A000
|
unkown image
|
page readonly
|
|
There are 173 hidden memdumps, click here to show them.