Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
exe.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\~DF56168A067CC46460.TMP
|
data
|
dropped
|
 |
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\exe.exe
|
"C:\Users\user\Desktop\exe.exe"
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2C0000
|
unkown
|
page execute and read and write
|
|
|
|
7EFC0000
|
unkown image
|
page readonly
|
|
|
|
7EFD0000
|
unkown image
|
page readonly
|
|
|
|
520000
|
heap private
|
page read and write
|
|
|
|
2470000
|
unkown
|
page read and write
|
|
|
|
190000
|
unkown image
|
page readonly
|
|
|
|
7F0000
|
unkown image
|
page readonly
|
|
|
|
8B000
|
unkown
|
page read and write
|
|
|
|
420000
|
unkown image
|
page readonly
|
|
|
|
1DA0000
|
unkown
|
page read and write
|
|
|
|
810000
|
unkown image
|
page readonly
|
|
|
|
7EFD0000
|
unkown image
|
page readonly
|
|
|
|
401000
|
unkown image
|
page execute read
|
|
|
|
290000
|
unkown image
|
page readonly
|
|
|
|
25B4000
|
heap private
|
page read and write
|
|
|
|
7EFB2000
|
unkown image
|
page readonly
|
|
|
|
2700000
|
heap private
|
page read and write
|
|
|
|
577000
|
heap default
|
page read and write
|
|
|
|
20000
|
unkown
|
page read and write
|
|
|
|
41E000
|
unkown image
|
page read and write
|
|
|
|
2740000
|
unkown image
|
page read and write
|
|
|
|
9A0000
|
unkown image
|
page readonly
|
|
|
|
400000
|
unkown image
|
page readonly
|
|
|
|
2A0000
|
unkown image
|
page read and write
|
|
|
|
7EFC2000
|
unkown image
|
page readonly
|
|
|
|
2572000
|
heap private
|
page read and write
|
|
|
|
10000
|
unkown image
|
page read and write
|
|
|
|
18D000
|
unkown
|
page read and write
|
|
|
|
25BB000
|
heap private
|
page read and write
|
|
|
|
2554000
|
heap private
|
page read and write
|
|
|
|
7EFC0000
|
unkown image
|
page readonly
|
|
|
|
270A000
|
heap private
|
page read and write
|
|
|
|
7EFB0000
|
unkown image
|
page readonly
|
|
|
|
401000
|
unkown image
|
page execute read
|
|
|
|
800000
|
heap private
|
page read and write
|
|
|
|
7EFC2000
|
unkown image
|
page readonly
|
|
|
|
25B8000
|
heap private
|
page read and write
|
|
|
|
400000
|
unkown image
|
page readonly
|
|
|
|
594000
|
heap default
|
page read and write
|
|
|
|
400000
|
unkown image
|
page readonly
|
|
|
|
7EFDF000
|
unkown
|
page read and write
|
|
|
|
2E0000
|
heap private
|
page read and write
|
|
|
|
570000
|
heap default
|
page read and write
|
|
|
|
370000
|
unkown image
|
page read and write
|
|
|
|
7EFE0000
|
unkown image
|
page readonly
|
|
|
|
670000
|
unkown image
|
page readonly
|
|
|
|
220000
|
unkown
|
page execute read
|
|
|
|
7EFB0000
|
unkown image
|
page readonly
|
|
|
|
25B0000
|
heap private
|
page read and write
|
|
|
|
2550000
|
heap private
|
page read and write
|
|
|
|
420000
|
unkown image
|
page readonly
|
|
|
|
430000
|
unkown image
|
page readonly
|
|
|
|
7EFB2000
|
unkown image
|
page readonly
|
|
|
|
2F0000
|
heap default
|
page read and write
|
|
|
|
2728000
|
heap private
|
page read and write
|
|
There are 45 hidden memdumps, click here to show them.