Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Users\user\Desktop\niPie.exe
|
'C:\Users\user\Desktop\niPie.exe'
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
http://crl.thawte.com/ThawteTimestampingCA.crl0
|
unknown
|
||
http://www.symauth.com/cps0(
|
unknown
|
||
http://www.symauth.com/rpa00
|
unknown
|
||
http://ocsp.thawte.com0
|
unknown
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
7FF5632B7000
|
unkown image
|
page readonly
|
||
19C000
|
unkown
|
page read and write
|
||
410000
|
heap default
|
page read and write
|
||
409000
|
unkown image
|
page readonly
|
||
2A203200000
|
unkown
|
page read and write
|
||
2A203780000
|
unkown image
|
page readonly
|
||
400000
|
unkown image
|
page readonly
|
||
2A2031D0000
|
unkown image
|
page readonly
|
||
7FF563274000
|
unkown image
|
page readonly
|
||
40C000
|
unkown image
|
page write copy
|
||
7DF56D062000
|
unkown image
|
page readonly
|
||
7FF5631B1000
|
unkown image
|
page readonly
|
||
7FF562F21000
|
unkown image
|
page readonly
|
||
2A203300000
|
unkown
|
page read and write
|
||
7FF562D61000
|
unkown image
|
page readonly
|
||
7FFB2000
|
unkown image
|
page readonly
|
||
7DF46AF20000
|
unkown image
|
page readonly
|
||
2A203270000
|
unkown
|
page read and write
|
||
7FF563077000
|
unkown image
|
page readonly
|
||
7FF563277000
|
unkown image
|
page readonly
|
||
2A20328C000
|
unkown
|
page read and write
|
||
7FF5632A3000
|
unkown image
|
page readonly
|
||
7FF5631DA000
|
unkown image
|
page readonly
|
||
7FF562D67000
|
unkown image
|
page readonly
|
||
30000
|
unkown image
|
page read and write
|
||
870000
|
unkown image
|
page readonly
|
||
7FF5632B7000
|
unkown image
|
page readonly
|
||
2A203080000
|
unkown image
|
page read and write
|
||
7FF5630A6000
|
unkown image
|
page readonly
|
||
21E0000
|
heap private
|
page read and write
|
||
2180000
|
heap private
|
page read and write
|
||
2A203250000
|
unkown
|
page read and write
|
||
7FF5631D6000
|
unkown image
|
page readonly
|
||
7FFC0000
|
unkown image
|
page readonly
|
||
2A2031F0000
|
unkown
|
page read and write
|
||
7FFB0000
|
unkown image
|
page readonly
|
||
401000
|
unkown image
|
page execute read
|
||
7FFC2000
|
unkown image
|
page readonly
|
||
AFBB27E000
|
stack
|
page read and write
|
||
2A20324D000
|
unkown
|
page read and write
|
||
2A203A02000
|
unkown
|
page read and write
|
||
40C000
|
unkown image
|
page read and write
|
||
2A20327E000
|
unkown
|
page read and write
|
||
7FFD0000
|
unkown image
|
page readonly
|
||
2DD000
|
unkown
|
page read and write
|
||
7FF5631CD000
|
unkown image
|
page readonly
|
||
7FFC0000
|
unkown image
|
page readonly
|
||
7DF56D052000
|
unkown image
|
page readonly
|
||
2A2030D0000
|
unkown image
|
page readonly
|
||
7FFB0000
|
unkown image
|
page readonly
|
||
409000
|
unkown image
|
page readonly
|
||
7FF562F77000
|
unkown image
|
page readonly
|
||
72F000
|
stack
|
page read and write
|
||
2E1000
|
unkown
|
page read and write
|
||
2A2030A0000
|
unkown image
|
page readonly
|
||
7FEB0000
|
unkown image
|
page readonly
|
||
2A20322A000
|
unkown
|
page read and write
|
||
550000
|
heap default
|
page read and write
|
||
7DF56D070000
|
unkown image
|
page readonly
|
||
7FF563135000
|
unkown image
|
page readonly
|
||
1F0000
|
unkown
|
page read and write
|
||
AFBACFE000
|
stack
|
page read and write
|
||
2A203308000
|
unkown
|
page read and write
|
||
2A203302000
|
unkown
|
page read and write
|
||
7FF563267000
|
unkown image
|
page readonly
|
||
7FF5631FD000
|
unkown image
|
page readonly
|
||
41A000
|
heap default
|
page read and write
|
||
AFBAEFB000
|
stack
|
page read and write
|
||
7DF56D050000
|
unkown image
|
page readonly
|
||
7FF56326D000
|
unkown image
|
page readonly
|
||
2A20324A000
|
unkown
|
page read and write
|
||
7FF5632B2000
|
unkown image
|
page readonly
|
||
40A000
|
unkown image
|
page write copy
|
||
AFBAF7E000
|
stack
|
page read and write
|
||
7DF56D060000
|
unkown image
|
page readonly
|
||
2A203600000
|
unkown image
|
page readonly
|
||
7FF563261000
|
unkown image
|
page readonly
|
||
7FFC2000
|
unkown image
|
page readonly
|
||
C10000
|
unkown image
|
page readonly
|
||
54E000
|
stack
|
page read and write
|
||
AFBB077000
|
stack
|
page read and write
|
||
7FF5631C3000
|
unkown image
|
page readonly
|
||
7DF56D062000
|
unkown image
|
page readonly
|
||
9D000
|
unkown
|
page read and write
|
||
7FF5631AF000
|
unkown image
|
page readonly
|
||
40A000
|
unkown image
|
page read and write
|
||
2A2030F0000
|
heap default
|
page read and write
|
||
7FF5630C5000
|
unkown image
|
page readonly
|
||
2A203313000
|
unkown
|
page read and write
|
||
7FF5630F8000
|
unkown image
|
page readonly
|
||
86F000
|
stack
|
page read and write
|
||
7DF56D052000
|
unkown image
|
page readonly
|
||
2A2030A0000
|
unkown image
|
page readonly
|
||
7FF5630C8000
|
unkown image
|
page readonly
|
||
7DF56D050000
|
unkown image
|
page readonly
|
||
7FF56327B000
|
unkown image
|
page readonly
|
||
7FF5631E2000
|
unkown image
|
page readonly
|
||
40F000
|
unkown image
|
page readonly
|
||
7FF5632A6000
|
unkown image
|
page readonly
|
||
A80000
|
unkown image
|
page readonly
|
||
7FF56328A000
|
unkown image
|
page readonly
|
||
7FF5631F6000
|
unkown image
|
page readonly
|
||
7FF5630C0000
|
unkown image
|
page readonly
|
||
7FF563087000
|
unkown image
|
page readonly
|
||
400000
|
unkown image
|
page readonly
|
||
7FF563207000
|
unkown image
|
page readonly
|
||
2A2030C0000
|
unkown image
|
page readonly
|
||
40000
|
unkown image
|
page readonly
|
||
880000
|
unkown image
|
page readonly
|
||
7FFD0000
|
unkown image
|
page readonly
|
||
AFBB17F000
|
stack
|
page read and write
|
||
7FF563209000
|
unkown image
|
page readonly
|
||
2A203255000
|
unkown
|
page read and write
|
||
2A203090000
|
heap private
|
page read and write
|
||
400000
|
unkown image
|
page readonly
|
||
2A20323C000
|
unkown
|
page read and write
|
||
7FF563264000
|
unkown image
|
page readonly
|
||
A90000
|
unkown image
|
page readonly
|
||
7FFB2000
|
unkown image
|
page readonly
|
||
40000
|
unkown image
|
page readonly
|
||
AFBAC7E000
|
stack
|
page read and write
|
||
40F000
|
unkown image
|
page readonly
|
||
7DF56D070000
|
unkown image
|
page readonly
|
||
2A203213000
|
unkown
|
page read and write
|
||
7DF56D060000
|
unkown image
|
page readonly
|
||
AFBA99B000
|
unkown
|
page read and write
|
||
7FF56304A000
|
unkown image
|
page readonly
|
||
7FF5631BF000
|
unkown image
|
page readonly
|
||
76E000
|
stack
|
page read and write
|
||
2A203400000
|
unkown image
|
page readonly
|
||
401000
|
unkown image
|
page execute read
|
||
1A0000
|
unkown image
|
page readonly
|
There are 122 hidden memdumps, click here to show them.