Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\ciao.exe
|
"C:\Users\user\Desktop\ciao.exe"
|
 |
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://123.206.58.135:8172/h
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
store-images.s-microsoft.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
123.206.58.135
|
unknown
|
China
|
|
|
|
103.199.16.245
|
unknown
|
Viet Nam
|
|
|
|
111.230.104.169
|
unknown
|
China
|
|
|
|
172.104.87.236
|
unknown
|
United States
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
21F0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
400000
|
unkown
|
page execute and read and write
|
|
|
|
2240000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
19E52CB0000
|
heap
|
page read and write
|
||
|
2EAC000
|
stack
|
page read and write
|
||
|
289756B4000
|
unkown
|
page read and write
|
||
|
468000
|
unkown
|
page write copy
|
||
|
2897AC40000
|
trusted library allocation
|
page read and write
|
||
|
2897AF00000
|
unkown
|
page read and write
|
||
|
2897ACE0000
|
trusted library allocation
|
page read and write
|
||
|
2201ABA0000
|
heap
|
page readonly
|
||
|
2201ABC0000
|
trusted library allocation
|
page read and write
|
||
|
19E52E4B000
|
unkown
|
page read and write
|
||
|
28975F18000
|
unkown
|
page read and write
|
||
|
2897AE84000
|
unkown
|
page read and write
|
||
|
2897AD70000
|
remote allocation
|
page read and write
|
||
|
2897AC34000
|
trusted library allocation
|
page read and write
|
||
|
2DAE000
|
stack
|
page read and write
|
||
|
9F3B6FE000
|
stack
|
page read and write
|
||
|
25225429000
|
unkown
|
page read and write
|
||
|
2201A8E0000
|
trusted library allocation
|
page read and write
|
||
|
2522545E000
|
unkown
|
page read and write
|
||
|
288E000
|
stack
|
page read and write
|
||
|
19E52E70000
|
unkown
|
page read and write
|
||
|
284F000
|
stack
|
page read and write
|
||
|
B77293C000
|
stack
|
page read and write
|
||
|
B772F77000
|
stack
|
page read and write
|
||
|
19E52E48000
|
unkown
|
page read and write
|
||
|
2897AEE0000
|
unkown
|
page read and write
|
||
|
289766E0000
|
trusted library section
|
page readonly
|
||
|
2397000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
4E5000
|
heap
|
page read and write
|
||
|
28975F02000
|
unkown
|
page read and write
|
||
|
32F1C7C000
|
stack
|
page read and write
|
||
|
59C000
|
heap
|
page read and write
|
||
|
25225400000
|
unkown
|
page read and write
|
||
|
28975F58000
|
unkown
|
page read and write
|
||
|
1861ED00000
|
unkown
|
page read and write
|
||
|
22019BC1000
|
heap
|
page read and write
|
||
|
2522547B000
|
unkown
|
page read and write
|
||
|
2897569D000
|
unkown
|
page read and write
|
||
|
1861ED32000
|
unkown
|
page read and write
|
||
|
463000
|
unkown
|
page readonly
|
||
|
2897AEAF000
|
unkown
|
page read and write
|
||
|
274E000
|
stack
|
page read and write
|
||
|
2897AE00000
|
unkown
|
page read and write
|
||
|
25225502000
|
unkown
|
page read and write
|
||
|
2897AC40000
|
trusted library allocation
|
page read and write
|
||
|
19E52E00000
|
unkown
|
page read and write
|
||
|
468000
|
unkown
|
page write copy
|
||
|
2897AD70000
|
remote allocation
|
page read and write
|
||
|
2C0F000
|
stack
|
page read and write
|
||
|
473000
|
unkown
|
page readonly
|
||
|
28976A70000
|
trusted library allocation
|
page read and write
|
||
|
1861EC02000
|
unkown
|
page read and write
|
||
|
1861E471000
|
unkown
|
page read and write
|
||
|
2280000
|
trusted library allocation
|
page read and write
|
||
|
9F3B0FC000
|
stack
|
page read and write
|
||
|
19E52F00000
|
unkown
|
page read and write
|
||
|
FB2697E000
|
stack
|
page read and write
|
||
|
2201A940000
|
trusted library allocation
|
page read and write
|
||
|
2897AA80000
|
trusted library allocation
|
page read and write
|
||
|
28976700000
|
trusted library section
|
page readonly
|
||
|
2201AB90000
|
trusted library allocation
|
page read and write
|
||
|
25225454000
|
unkown
|
page read and write
|
||
|
28975E15000
|
unkown
|
page read and write
|
||
|
FB2687A000
|
stack
|
page read and write
|
||
|
59E000
|
heap
|
page read and write
|
||
|
22019B78000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
28975E02000
|
unkown
|
page read and write
|
||
|
87317C000
|
stack
|
page read and write
|
||
|
8738FF000
|
stack
|
page read and write
|
||
|
8737F7000
|
stack
|
page read and write
|
||
|
2390000
|
heap
|
page read and write
|
||
|
2897AD40000
|
trusted library allocation
|
page read and write
|
||
|
2EAE000
|
stack
|
page read and write
|
||
|
32F1DFE000
|
stack
|
page read and write
|
||
|
FB2667B000
|
stack
|
page read and write
|
||
|
4E0000
|
heap
|
page read and write
|
||
|
2201AC10000
|
trusted library allocation
|
page read and write
|
||
|
19E52E3C000
|
unkown
|
page read and write
|
||
|
289756FA000
|
unkown
|
page read and write
|
||
|
2897AE3E000
|
unkown
|
page read and write
|
||
|
1861E4E1000
|
unkown
|
page read and write
|
||
|
9F3B67E000
|
stack
|
page read and write
|
||
|
19E52E7D000
|
unkown
|
page read and write
|
||
|
87347E000
|
stack
|
page read and write
|
||
|
9F3ABCC000
|
stack
|
page read and write
|
||
|
32F20FB000
|
stack
|
page read and write
|
||
|
1861E441000
|
unkown
|
page read and write
|