Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
xcVh7ZmH4Y.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\Airplane_16.bmp
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, Exif Standard: [TIFF image data,
big-endian, direntries=3], baseline, precision 8, 110x110, frames 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AsOpenFile.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Borders.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Green_Leaves_21.bmp
|
JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, Exif Standard: [TIFF image data,
big-endian, direntries=3], baseline, precision 8, 110x110, frames 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\duperinger.ini
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nss732B.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\printer-symbolic.symbolic.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\xcVh7ZmH4Y.exe
|
"C:\Users\user\Desktop\xcVh7ZmH4Y.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
http://crl.F
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\PUGREE\gruopvkkendes
|
Expand String Value
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Antiplatelet\SKUESPILLEREVNE
|
Coiffured147
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2D00000
|
unkown
|
page execute and read and write
|
|
|
|
73544000
|
unkown
|
page readonly
|
||
|
2AAD3A63000
|
heap
|
page read and write
|
||
|
1D9B56A5000
|
heap
|
page read and write
|
||
|
217E000
|
stack
|
page read and write
|
||
|
21D6E0C9000
|
heap
|
page read and write
|
||
|
203F8D08000
|
heap
|
page read and write
|
||
|
B1E000
|
stack
|
page read and write
|
||
|
28176160000
|
heap
|
page read and write
|
||
|
13E017E000
|
stack
|
page read and write
|
||
|
2856BE40000
|
heap
|
page read and write
|
||
|
5C6311C000
|
stack
|
page read and write
|
||
|
2208E428000
|
heap
|
page read and write
|
||
|
12413908000
|
heap
|
page read and write
|
||
|
1D9B6010000
|
trusted library allocation
|
page read and write
|
||
|
21D6E06F000
|
heap
|
page read and write
|
||
|
FC391FD000
|
stack
|
page read and write
|
||
|
5C634F9000
|
stack
|
page read and write
|
||
|
21D6E0EA000
|
heap
|
page read and write
|
||
|
12413849000
|
heap
|
page read and write
|
||
|
21D6E029000
|
heap
|
page read and write
|
||
|
1241383C000
|
heap
|
page read and write
|
||
|
1241386B000
|
heap
|
page read and write
|
||
|
21D6E082000
|
heap
|
page read and write
|
||
|
1241385F000
|
heap
|
page read and write
|
||
|
21D6E7E0000
|
remote allocation
|
page read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
21D6E0E3000
|
heap
|
page read and write
|
||
|
281760F0000
|
heap
|
page read and write
|
||
|
5C6377F000
|
stack
|
page read and write
|
||
|
22A0000
|
heap
|
page read and write
|
||
|
2AAD3A00000
|
heap
|
page read and write
|
||
|
157A7F7000
|
stack
|
page read and write
|
||
|
2CFF000
|
stack
|
page read and write
|
||
|
21D6E955000
|
heap
|
page read and write
|
||
|
75D000
|
heap
|
page read and write
|
||
|
28176313000
|
heap
|
page read and write
|
||
|
157A6FB000
|
stack
|
page read and write
|
||
|
157A8FE000
|
stack
|
page read and write
|
||
|
12413720000
|
heap
|
page read and write
|
||
|
F70487E000
|
stack
|
page read and write
|
||
|
1241385F000
|
heap
|
page read and write
|
||
|
F704D7C000
|
stack
|
page read and write
|
||
|
FC38FF7000
|
stack
|
page read and write
|
||
|
203F8B20000
|
heap
|
page read and write
|
||
|
E73167F000
|
stack
|
page read and write
|
||
|
21D6E0EA000
|
heap
|
page read and write
|
||
|
2AAD3A5E000
|
heap
|
page read and write
|
||
|
5C63579000
|
stack
|
page read and write
|
||
|
2208E457000
|
heap
|
page read and write
|
||
|
28176281000
|
heap
|
page read and write
|
||
|
2208E1B0000
|
heap
|
page read and write
|
||
|
FC3899C000
|
stack
|
page read and write
|
||
|
B26000
|
heap
|
page read and write
|
||
|
2208E478000
|
heap
|
page read and write
|
||
|
E7315FF000
|
stack
|
page read and write
|
||
|
2208E1C0000
|
heap
|
page read and write
|
||
|
E73119A000
|
stack
|
page read and write
|
||
|
2AAD4402000
|
trusted library allocation
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
21D6E013000
|
heap
|
page read and write
|
||
|
2856BE1B000
|
heap
|
page read and write
|
||
|
2856BF10000
|
heap
|
page read and write
|
||
|
1D9B56A0000
|
heap
|
page read and write
|
||
|
1D9B56B0000
|
trusted library allocation
|
page read and write
|
||
|
28176308000
|
heap
|
page read and write
|
||
|
2208E500000
|
heap
|
page read and write
|
||
|
203F8D02000
|
heap
|
page read and write
|
||
|
E7316FC000
|
stack
|
page read and write
|
||
|
13E05FB000
|
stack
|
page read and write
|
||
|
FC392FE000
|
stack
|
page read and write
|
||
|
761000
|
heap
|
page read and write
|
||
|
21D6E0C3000
|
heap
|
page read and write
|
||
|
FC38EFB000
|
stack
|
page read and write
|
||
|
40D000
|
unkown
|
page read and write
|
||
|
12413790000
|
heap
|
page read and write
|
||
|
12413850000
|
heap
|
page read and write
|
||
|
28176300000
|
heap
|
page read and write
|
||
|
21D6DE70000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
99000
|
stack
|
page read and write
|
||
|
28176100000
|
heap
|
page read and write
|
||
|
F7048FE000
|
stack
|
page read and write
|
||
|
2AAD3A29000
|
heap
|
page read and write
|
||
|
12414202000
|
trusted library allocation
|
page read and write
|
||
|
21D6E0A3000
|
heap
|
page read and write
|
||
|
12413889000
|
heap
|
page read and write
|
||
|
2AAD3A5C000
|
heap
|
page read and write
|
||
|
28176213000
|
heap
|
page read and write
|
||
|
1D9B62F0000
|
trusted library allocation
|
page read and write
|
||
|
13E01FE000
|
stack
|
page read and write
|
||
|
1D9B5420000
|
heap
|
page read and write
|
||
|
12413813000
|
heap
|
page read and write
|
||
|
2AAD3A81000
|
heap
|
page read and write
|
||
|
1241384D000
|
heap
|
page read and write
|
||
|
2208EC02000
|
trusted library allocation
|
page read and write
|
||
|
203F8B90000
|
heap
|
page read and write
|
||
|
737000
|
heap
|
page read and write
|
||
|
28176268000
|
heap
|
page read and write
|
||
|
21D6DED0000
|
heap
|
page read and write
|
||
|
203F8C29000
|
heap
|
page read and write
|
||
|
208607D000
|
stack
|
page read and write
|
||
|
1D9B62D0000
|
trusted library allocation
|
page read and write
|
||
|
21D6E976000
|
heap
|
page read and write
|
||
|
1D9B5456000
|
heap
|
page read and write
|
||
|
20863FE000
|
stack
|
page read and write
|
||
|
42F000
|
unkown
|
page read and write
|
||
|
2208E413000
|
heap
|
page read and write
|
||
|
2208E46B000
|
heap
|
page read and write
|
||
|
565000
|
heap
|
page read and write
|
||
|
1D9B5240000
|
heap
|
page read and write
|
||
|
203F8C13000
|
heap
|
page read and write
|
||
|
BDE437E000
|
stack
|
page read and write
|
||
|
203F8D00000
|
heap
|
page read and write
|
||
|
2208E46B000
|
heap
|
page read and write
|
||
|
21F0000
|
heap
|
page read and write
|
||
|
1D9B6350000
|
trusted library allocation
|
page read and write
|
||
|
1D9B5418000
|
heap
|
page read and write
|
||
|
28176302000
|
heap
|
page read and write
|
||
|
1241387B000
|
heap
|
page read and write
|
||
|
2F2C000
|
stack
|
page read and write
|
||
|
12413829000
|
heap
|
page read and write
|
||
|
21D6E102000
|
heap
|
page read and write
|
||
|
1D9B5410000
|
heap
|
page read and write
|
||
|
21D6E0AF000
|
heap
|
page read and write
|
||
|
203F8B30000
|
heap
|
page read and write
|
||
|
1D9B5250000
|
trusted library allocation
|
page read and write
|
||
|
1D9B53A0000
|
heap
|
page read and write
|
||
|
157A5FF000
|
stack
|
page read and write
|
||
|
1D9B545D000
|
heap
|
page read and write
|
||
|
20864FF000
|
stack
|
page read and write
|
||
|
2AAD3A3C000
|
heap
|
page read and write
|
||
|
297E000
|
stack
|
page read and write
|
||
|
2208E400000
|
heap
|
page read and write
|
||
|
2085F7E000
|
stack
|
page read and write
|
||
|
2856C0E0000
|
heap
|
page read and write
|
||
|
73541000
|
unkown
|
page execute read
|
||
|
21D6E7E0000
|
remote allocation
|
page read and write
|
||
|
725000
|
heap
|
page read and write
|
||
|
FC38C7F000
|
stack
|
page read and write
|
||
|
2AAD3A61000
|
heap
|
page read and write
|
||
|
2AAD3A13000
|
heap
|
page read and write
|
||
|
203F8C27000
|
heap
|
page read and write
|
||
|
203F8C50000
|
heap
|
page read and write
|
||
|
20865FA000
|
stack
|
page read and write
|
||
|
1D9B62E0000
|
heap
|
page readonly
|
||
|
26ED000
|
stack
|
page read and write
|
||
|
1241384B000
|
heap
|
page read and write
|
||
|
73540000
|
unkown
|
page readonly
|
||
|
21D6E9A6000
|
heap
|
page read and write
|
||
|
F70459C000
|
stack
|
page read and write
|
||
|
731000
|
heap
|
page read and write
|
||
|
21D6DE60000
|
heap
|
page read and write
|
||
|
73546000
|
unkown
|
page readonly
|
||
|
12413913000
|
heap
|
page read and write
|
||
|
203F8C00000
|
heap
|
page read and write
|
||
|
2856BF30000
|
heap
|
page read and write
|
||
|
2AAD3B13000
|
heap
|
page read and write
|
||
|
12413902000
|
heap
|
page read and write
|
||
|
21D6E802000
|
heap
|
page read and write
|
||
|
5C636FB000
|
stack
|
page read and write
|
||
|
21D6E976000
|
heap
|
page read and write
|
||
|
28176268000
|
heap
|
page read and write
|
||
|
203F8C52000
|
heap
|
page read and write
|
||
|
BDE417B000
|
stack
|
page read and write
|
||
|
721000
|
heap
|
page read and write
|
||
|
2220000
|
trusted library allocation
|
page read and write
|
||
|
203F8C88000
|
heap
|
page read and write
|
||
|
1D9B56A9000
|
heap
|
page read and write
|
||
|
F704A7E000
|
stack
|
page read and write
|
||
|
208667F000
|
stack
|
page read and write
|
||
|
21D6E03C000
|
heap
|
page read and write
|
||
|
203F9602000
|
trusted library allocation
|
page read and write
|
||
|
2856BCE0000
|
heap
|
page read and write
|
||
|
12413827000
|
heap
|
page read and write
|
||
|
2AAD39C0000
|
trusted library allocation
|
page read and write
|
||
|
203F8BC0000
|
trusted library allocation
|
page read and write
|
||
|
13E08FE000
|
stack
|
page read and write
|
||
|
12413730000
|
heap
|
page read and write
|
||
|
1D9B6020000
|
trusted library allocation
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
21D6E91C000
|
heap
|
page read and write
|
||
|
560000
|
heap
|
page read and write
|
||
|
12413800000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
2208E402000
|
heap
|
page read and write
|
||
|
E731578000
|
stack
|
page read and write
|
||
|
6B0000
|
trusted library allocation
|
page read and write
|
||
|
21D6E113000
|
heap
|
page read and write
|
||
|
2BFE000
|
stack
|
page read and write
|
||
|
13E00FB000
|
stack
|
page read and write
|
||
|
464000
|
unkown
|
page readonly
|
||
|
1D9B5380000
|
heap
|
page read and write
|
||
|
28176253000
|
heap
|
page read and write
|
||
|
42C000
|
unkown
|
page read and write
|
||
|
1D9B545D000
|
heap
|
page read and write
|
||
|
2817626F000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1D9B545D000
|
heap
|
page read and write
|
||
|
157A17C000
|
stack
|
page read and write
|
||
|
21D6E000000
|
heap
|
page read and write
|
||
|
20861F7000
|
stack
|
page read and write
|
||
|
157AAFE000
|
stack
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
1D9B5455000
|
heap
|
page read and write
|
||
|
13E06FF000
|
stack
|
page read and write
|
||
|
157A1FE000
|
stack
|
page read and write
|
||
|
2AAD3B08000
|
heap
|
page read and write
|
||
|
12413900000
|
heap
|
page read and write
|
||
|
124137C0000
|
trusted library allocation
|
page read and write
|
||
|
21D6E976000
|
heap
|
page read and write
|
||
|
440000
|
unkown
|
page read and write
|
||
|
203F8C3C000
|
heap
|
page read and write
|
||
|
2A7F000
|
stack
|
page read and write
|
||
|
21D6E0B4000
|
heap
|
page read and write
|
||
|
2085E7B000
|
stack
|
page read and write
|
||
|
21F4000
|
heap
|
page read and write
|
||
|
BDE3E7C000
|
stack
|
page read and write
|
||
|
BDE427D000
|
stack
|
page read and write
|
||
|
21D6E998000
|
heap
|
page read and write
|
||
|
157A47F000
|
stack
|
page read and write
|
||
|
21D6E0F8000
|
heap
|
page read and write
|
||
|
2AAD3B00000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
431000
|
unkown
|
page read and write
|
||
|
21D6E900000
|
heap
|
page read and write
|
||
|
203F8C70000
|
heap
|
page read and write
|
||
|
2AAD3930000
|
heap
|
page read and write
|
||
|
2208E220000
|
heap
|
page read and write
|
||
|
E7314FF000
|
stack
|
page read and write
|
||
|
F704E7F000
|
stack
|
page read and write
|
||
|
6F0000
|
heap
|
page read and write
|
||
|
5C635FE000
|
stack
|
page read and write
|
||
|
21D6E089000
|
heap
|
page read and write
|
||
|
2230000
|
trusted library allocation
|
page read and write
|
||
|
203F8D13000
|
heap
|
page read and write
|
||
|
20860FE000
|
stack
|
page read and write
|
||
|
2AAD3A52000
|
heap
|
page read and write
|
||
|
2817623C000
|
heap
|
page read and write
|
||
|
21D6E0E7000
|
heap
|
page read and write
|
||
|
6F8000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
2856BE10000
|
heap
|
page read and write
|
||
|
203F8C4D000
|
heap
|
page read and write
|
||
|
1D9B6090000
|
trusted library allocation
|
page read and write
|
||
|
FC38CFF000
|
stack
|
page read and write
|
||
|
2208E502000
|
heap
|
page read and write
|
||
|
21D6E927000
|
heap
|
page read and write
|
||
|
1D9B6300000
|
trusted library allocation
|
page read and write
|
||
|
21D6E0AA000
|
heap
|
page read and write
|
||
|
442000
|
unkown
|
page read and write
|
||
|
12413802000
|
heap
|
page read and write
|
||
|
227D000
|
stack
|
page read and write
|
||
|
FC390FE000
|
stack
|
page read and write
|
||
|
28176229000
|
heap
|
page read and write
|
||
|
27EF000
|
stack
|
page read and write
|
||
|
28176190000
|
trusted library allocation
|
page read and write
|
||
|
2208E320000
|
trusted library allocation
|
page read and write
|
||
|
1241384E000
|
heap
|
page read and write
|
||
|
2856C0E5000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page read and write
|
||
|
21D6E987000
|
heap
|
page read and write
|
||
|
203F8C7C000
|
heap
|
page read and write
|
||
|
2208E46B000
|
heap
|
page read and write
|
||
|
1D9B5477000
|
heap
|
page read and write
|
||
|
2817624D000
|
heap
|
page read and write
|
||
|
2208E43C000
|
heap
|
page read and write
|
||
|
2085EFE000
|
stack
|
page read and write
|
||
|
28176200000
|
heap
|
page read and write
|
||
|
1241386B000
|
heap
|
page read and write
|
||
|
21D6E7E0000
|
remote allocation
|
page read and write
|
||
|
21D6DFD0000
|
trusted library allocation
|
page read and write
|
||
|
BDE447B000
|
stack
|
page read and write
|
||
|
157A9FD000
|
stack
|
page read and write
|
||
|
28176C02000
|
trusted library allocation
|
page read and write
|
||
|
28176278000
|
heap
|
page read and write
|
||
|
13E07F7000
|
stack
|
page read and write
|
||
|
1D9B6080000
|
trusted library allocation
|
page read and write
|
||
|
12413870000
|
heap
|
page read and write
|
||
|
2208E513000
|
heap
|
page read and write
|
||
|
2AAD3990000
|
heap
|
page read and write
|
||
|
203F8C4B000
|
heap
|
page read and write
|
||
|
464000
|
unkown
|
page readonly
|
||
|
19A000
|
stack
|
page read and write
|
||
|
21D6E950000
|
heap
|
page read and write
|
||
|
28B0000
|
trusted library allocation
|
page read and write
|
||
|
E73147F000
|
stack
|
page read and write
|
||
|
F704B7B000
|
stack
|
page read and write
|
||
|
20862F7000
|
stack
|
page read and write
|
||
|
F704C77000
|
stack
|
page read and write
|
||
|
1D9B547B000
|
heap
|
page read and write
|
||
|
BDE3EFF000
|
stack
|
page read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
2AAD3920000
|
heap
|
page read and write
|
||
|
2AAD3B02000
|
heap
|
page read and write
|
There are 286 hidden memdumps, click here to show them.