Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SHIPMENTDOCUMENTSPDF.exe
|
"C:\Users\user\Desktop\SHIPMENTDOCUMENTSPDF.exe"
|
 |
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
goodies.dynamic-dns.net
|
|
||
|
https://github.com/syohex/java-simple-mine-sweeperC:
|
unknown
|
||
|
https://github.com/syohex/java-simple-mine-sweeper
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\ActiveMovie\devenum
|
Version
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2720000
|
direct allocation
|
page execute and read and write
|
|
|
|
326F000
|
direct allocation
|
page readonly
|
|
|
|
3134000
|
direct allocation
|
page readonly
|
|
|
|
9B6000
|
unkown
|
page write copy
|
||
|
852000
|
unkown
|
page write copy
|
||
|
666000
|
heap
|
page read and write
|
||
|
750000
|
unkown
|
page readonly
|
||
|
62A000
|
heap
|
page read and write
|
||
|
3A4F000
|
trusted library allocation
|
page read and write
|
||
|
18B000
|
stack
|
page read and write
|
||
|
9D0000
|
trusted library allocation
|
page read and write
|
||
|
337D000
|
stack
|
page read and write
|
||
|
9BB000
|
unkown
|
page readonly
|
||
|
2710000
|
heap
|
page read and write
|
||
|
81F000
|
unkown
|
page execute read
|
||
|
852000
|
unkown
|
page write copy
|
||
|
666000
|
heap
|
page read and write
|
||
|
750000
|
unkown
|
page readonly
|
||
|
DCE000
|
stack
|
page read and write
|
||
|
2650000
|
trusted library allocation
|
page read and write
|
||
|
751000
|
unkown
|
page execute read
|
||
|
4FC000
|
stack
|
page read and write
|
||
|
CCD000
|
stack
|
page read and write
|
||
|
25B0000
|
trusted library allocation
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
75D000
|
unkown
|
page execute read
|
||
|
667000
|
heap
|
page read and write
|
||
|
81F000
|
unkown
|
page execute read
|
||
|
37F7000
|
trusted library allocation
|
page read and write
|
||
|
65E000
|
heap
|
page read and write
|
||
|
1C0000
|
unclassified section
|
page readonly
|
||
|
326D000
|
direct allocation
|
page read and write
|
||
|
643000
|
heap
|
page read and write
|
||
|
120000
|
heap
|
page read and write
|
||
|
2640000
|
heap
|
page read and write
|
||
|
3120000
|
direct allocation
|
page read and write
|
||
|
37F3000
|
trusted library allocation
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
2643000
|
heap
|
page read and write
|
||
|
655000
|
heap
|
page read and write
|
||
|
38BA000
|
trusted library allocation
|
page read and write
|
||
|
649000
|
heap
|
page read and write
|
||
|
B4D000
|
stack
|
page read and write
|
||
|
9BF000
|
unkown
|
page readonly
|
||
|
759000
|
unkown
|
page execute read
|
||
|
3139000
|
direct allocation
|
page read and write
|
||
|
751000
|
unkown
|
page execute read
|
||
|
65E000
|
heap
|
page read and write
|
||
|
62E000
|
heap
|
page read and write
|
||
|
C8E000
|
stack
|
page read and write
|
||
|
663000
|
heap
|
page read and write
|
||
|
9BB000
|
unkown
|
page readonly
|
||
|
9B6000
|
unkown
|
page read and write
|
||
|
759000
|
unkown
|
page execute read
|
||
|
75D000
|
unkown
|
page execute read
|
||
|
9BF000
|
unkown
|
page readonly
|
||
|
37EB000
|
trusted library allocation
|
page read and write
|
||
|
823000
|
unkown
|
page readonly
|
||
|
65E000
|
heap
|
page read and write
|
||
|
65E000
|
heap
|
page read and write
|
||
|
25AC000
|
stack
|
page read and write
|
||
|
A4E000
|
stack
|
page read and write
|
||
|
2600000
|
heap
|
page read and write
|
||
|
B8E000
|
stack
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
||
|
656000
|
heap
|
page read and write
|
||
|
3121000
|
direct allocation
|
page execute read
|
||
|
662000
|
heap
|
page read and write
|
||
|
823000
|
unkown
|
page readonly
|
||
|
600000
|
heap
|
page read and write
|
There are 60 hidden memdumps, click here to show them.