Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
aSsc9zh1ex.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\AEGISIIINVHelper.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AsSQLHelper.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\CoverDes.exe.manifest
|
XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Strepera.wad
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\emblem-default-symbolic.symbolic.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\face-crying.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsc4B5D.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\wxbase30u_xml_gcc_custom.dll
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\aSsc9zh1ex.exe
|
"C:\Users\user\Desktop\aSsc9zh1ex.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://barsam.com.au/bin_QuCucbUMda229.bin
|
|
||
|
http://crl.sectigo.com/SectigoRSACodeSigningCA.crl0s
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
http://ocsp.sectigo.com0
|
unknown
|
||
|
http://crt.sectigo.com/SectigoRSACodeSigningCA.crt0#
|
unknown
|
||
|
https://sectigo.com/CPS0C
|
unknown
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2D70000
|
direct allocation
|
page execute and read and write
|
|
|
|
28E37A5F000
|
heap
|
page read and write
|
||
|
2B2D0100000
|
trusted library section
|
page readonly
|
||
|
7A6000
|
unkown
|
page read and write
|
||
|
2ADF000
|
stack
|
page read and write
|
||
|
990000
|
heap
|
page read and write
|
||
|
1FF4909D000
|
heap
|
page read and write
|
||
|
1A74083E000
|
heap
|
page read and write
|
||
|
2B2CF079000
|
heap
|
page read and write
|
||
|
2B2D00D0000
|
trusted library section
|
page readonly
|
||
|
A41000
|
heap
|
page read and write
|
||
|
9F8000
|
heap
|
page read and write
|
||
|
2B2CF0A0000
|
heap
|
page read and write
|
||
|
2B2CEE00000
|
heap
|
page read and write
|
||
|
28E379A0000
|
trusted library allocation
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
B3D47F9000
|
stack
|
page read and write
|
||
|
2B2D00F0000
|
trusted library section
|
page readonly
|
||
|
1FF490AA000
|
heap
|
page read and write
|
||
|
1FF49190000
|
trusted library allocation
|
page read and write
|
||
|
25871429000
|
heap
|
page read and write
|
||
|
28E37A00000
|
heap
|
page read and write
|
||
|
2B2D4621000
|
trusted library allocation
|
page read and write
|
||
|
F9C64FB000
|
stack
|
page read and write
|
||
|
1A740813000
|
heap
|
page read and write
|
||
|
2587144C000
|
heap
|
page read and write
|
||
|
2B2D00E0000
|
trusted library section
|
page readonly
|
||
|
25871413000
|
heap
|
page read and write
|
||
|
5B900FE000
|
stack
|
page read and write
|
||
|
2B2CF802000
|
heap
|
page read and write
|
||
|
732D1000
|
unkown
|
page execute read
|
||
|
2B2D460E000
|
trusted library allocation
|
page read and write
|
||
|
2551463C000
|
heap
|
page read and write
|
||
|
206CD902000
|
heap
|
page read and write
|
||
|
7B5000
|
unkown
|
page read and write
|
||
|
1FF491A0000
|
trusted library allocation
|
page read and write
|
||
|
28E37B02000
|
heap
|
page read and write
|
||
|
2B2D4750000
|
trusted library allocation
|
page read and write
|
||
|
C3D80EC000
|
stack
|
page read and write
|
||
|
2B2D483E000
|
heap
|
page read and write
|
||
|
25515002000
|
trusted library allocation
|
page read and write
|
||
|
28E37830000
|
heap
|
page read and write
|
||
|
5B8FFFB000
|
stack
|
page read and write
|
||
|
28E378A0000
|
heap
|
page read and write
|
||
|
206CE202000
|
trusted library allocation
|
page read and write
|
||
|
2B2D4760000
|
remote allocation
|
page read and write
|
||
|
2B2CF102000
|
heap
|
page read and write
|
||
|
8F5000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
A3A000
|
heap
|
page read and write
|
||
|
1A740828000
|
heap
|
page read and write
|
||
|
2B2D48F0000
|
heap
|
page read and write
|
||
|
206CD802000
|
heap
|
page read and write
|
||
|
2587148D000
|
heap
|
page read and write
|
||
|
206CD829000
|
heap
|
page read and write
|
||
|
206CD800000
|
heap
|
page read and write
|
||
|
A769F1E000
|
stack
|
page read and write
|
||
|
28E37A5F000
|
heap
|
page read and write
|
||
|
28E37B13000
|
heap
|
page read and write
|
||
|
2B2CF08C000
|
heap
|
page read and write
|
||
|
25514685000
|
heap
|
page read and write
|
||
|
A76A7FA000
|
stack
|
page read and write
|
||
|
B3D48FB000
|
stack
|
page read and write
|
||
|
1A740900000
|
heap
|
page read and write
|
||
|
1FF49D10000
|
trusted library allocation
|
page read and write
|
||
|
2B2CF077000
|
heap
|
page read and write
|
||
|
258713C0000
|
heap
|
page read and write
|
||
|
2594000
|
heap
|
page read and write
|
||
|
2B2D4760000
|
remote allocation
|
page read and write
|
||
|
7D6000
|
unkown
|
page readonly
|
||
|
1FF48EB0000
|
heap
|
page read and write
|
||
|
25871E02000
|
trusted library allocation
|
page read and write
|
||
|
C3D877F000
|
stack
|
page read and write
|
||
|
5B901FB000
|
stack
|
page read and write
|
||
|
2B2D4644000
|
trusted library allocation
|
page read and write
|
||
|
25514613000
|
heap
|
page read and write
|
||
|
55DF87E000
|
stack
|
page read and write
|
||
|
1A740869000
|
heap
|
page read and write
|
||
|
F9C65FA000
|
stack
|
page read and write
|
||
|
206CD851000
|
heap
|
page read and write
|
||
|
B3D43DB000
|
stack
|
page read and write
|
||
|
D66000
|
heap
|
page read and write
|
||
|
1A740640000
|
heap
|
page read and write
|
||
|
2580000
|
trusted library allocation
|
page read and write
|
||
|
28E37A7A000
|
heap
|
page read and write
|
||
|
2B2D4900000
|
heap
|
page read and write
|
||
|
2B2D4814000
|
heap
|
page read and write
|
||
|
206CD880000
|
heap
|
page read and write
|
||
|
1A740869000
|
heap
|
page read and write
|
||
|
B3D4779000
|
stack
|
page read and write
|
||
|
2B2CF815000
|
heap
|
page read and write
|
||
|
1FF490AF000
|
heap
|
page read and write
|
||
|
2B2D4630000
|
trusted library allocation
|
page read and write
|
||
|
2B2D4844000
|
heap
|
page read and write
|
||
|
2B2CEF60000
|
trusted library allocation
|
page read and write
|
||
|
5B8FADC000
|
stack
|
page read and write
|
||
|
255145D0000
|
heap
|
page read and write
|
||
|
2B2D46D0000
|
trusted library allocation
|
page read and write
|
||
|
2B2D4861000
|
heap
|
page read and write
|
||
|
2B2D44E0000
|
trusted library allocation
|
page read and write
|
||
|
2B2CEF70000
|
trusted library section
|
page read and write
|
||
|
7A9000
|
unkown
|
page read and write
|
||
|
C3D81EE000
|
stack
|
page read and write
|
||
|
2CF0000
|
trusted library allocation
|
page read and write
|
||
|
8B40D77000
|
stack
|
page read and write
|
||
|
2B2D4710000
|
trusted library allocation
|
page read and write
|
||
|
25514600000
|
heap
|
page read and write
|
||
|
1FF49F50000
|
heap
|
page readonly
|
||
|
F9C697E000
|
stack
|
page read and write
|
||
|
25514652000
|
heap
|
page read and write
|
||
|
A3D000
|
heap
|
page read and write
|
||
|
33AE000
|
stack
|
page read and write
|
||
|
1FF4908C000
|
heap
|
page read and write
|
||
|
206CD864000
|
heap
|
page read and write
|
||
|
2B2D4720000
|
trusted library allocation
|
page read and write
|
||
|
25514708000
|
heap
|
page read and write
|
||
|
25514702000
|
heap
|
page read and write
|
||
|
258713F0000
|
trusted library allocation
|
page read and write
|
||
|
1A740802000
|
heap
|
page read and write
|
||
|
2B2D4800000
|
heap
|
page read and write
|
||
|
786000
|
unkown
|
page read and write
|
||
|
206CD6F0000
|
heap
|
page read and write
|
||
|
1FF49F70000
|
trusted library allocation
|
page read and write
|
||
|
25514560000
|
heap
|
page read and write
|
||
|
1FF4908C000
|
heap
|
page read and write
|
||
|
55DF47B000
|
stack
|
page read and write
|
||
|
2B2CF06F000
|
heap
|
page read and write
|
||
|
1FF491C0000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
7D6000
|
unkown
|
page readonly
|
||
|
55DF67C000
|
stack
|
page read and write
|
||
|
8B407DD000
|
stack
|
page read and write
|
||
|
7B3000
|
unkown
|
page read and write
|
||
|
28E37A88000
|
heap
|
page read and write
|
||
|
206CD85E000
|
heap
|
page read and write
|
||
|
732D4000
|
unkown
|
page readonly
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
25871502000
|
heap
|
page read and write
|
||
|
2B2D4888000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
25514713000
|
heap
|
page read and write
|
||
|
1A740902000
|
heap
|
page read and write
|
||
|
2B2D4760000
|
remote allocation
|
page read and write
|
||
|
2B2CF918000
|
heap
|
page read and write
|
||
|
C3D897F000
|
stack
|
page read and write
|
||
|
2B2D481F000
|
heap
|
page read and write
|
||
|
7A4000
|
unkown
|
page read and write
|
||
|
F9C6BFA000
|
stack
|
page read and write
|
||
|
2B2D4630000
|
trusted library allocation
|
page read and write
|
||
|
206CD908000
|
heap
|
page read and write
|
||
|
2B2D0460000
|
trusted library allocation
|
page read and write
|
||
|
1FF491C9000
|
heap
|
page read and write
|
||
|
2B2CF900000
|
heap
|
page read and write
|
||
|
B3D4979000
|
stack
|
page read and write
|
||
|
8B40C7B000
|
stack
|
page read and write
|
||
|
2B2CF075000
|
heap
|
page read and write
|
||
|
2B2CF918000
|
heap
|
page read and write
|
||
|
1FF49F60000
|
trusted library allocation
|
page read and write
|
||
|
F9C6FFF000
|
stack
|
page read and write
|
||
|
C3D816E000
|
stack
|
page read and write
|
||
|
1FF49048000
|
heap
|
page read and write
|
||
|
2587146A000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
A76A5FE000
|
stack
|
page read and write
|
||
|
1FF491C5000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1A7407A0000
|
trusted library allocation
|
page read and write
|
||
|
2B2CF029000
|
heap
|
page read and write
|
||
|
25514667000
|
heap
|
page read and write
|
||
|
28E37A29000
|
heap
|
page read and write
|
||
|
25871360000
|
heap
|
page read and write
|
||
|
25514629000
|
heap
|
page read and write
|
||
|
2B2CF093000
|
heap
|
page read and write
|
||
|
77C000
|
unkown
|
page read and write
|
||
|
2B2CFFE0000
|
trusted library allocation
|
page read and write
|
||
|
55DF37F000
|
stack
|
page read and write
|
||
|
2B2D48F7000
|
heap
|
page read and write
|
||
|
2B2D48DF000
|
heap
|
page read and write
|
||
|
F9C6C7E000
|
stack
|
page read and write
|
||
|
2B2CF013000
|
heap
|
page read and write
|
||
|
8C0000
|
trusted library allocation
|
page read and write
|
||
|
1A741002000
|
trusted library allocation
|
page read and write
|
||
|
1A740869000
|
heap
|
page read and write
|
||
|
1A7406A0000
|
heap
|
page read and write
|
||
|
C3D867B000
|
stack
|
page read and write
|
||
|
25871508000
|
heap
|
page read and write
|
||
|
25514662000
|
heap
|
page read and write
|
||
|
2587147E000
|
heap
|
page read and write
|
||
|
2B2CF902000
|
heap
|
page read and write
|
||
|
2B2CEE60000
|
heap
|
page read and write
|
||
|
2B2CF03E000
|
heap
|
page read and write
|
||
|
55DEFAD000
|
stack
|
page read and write
|
||
|
A769F9F000
|
stack
|
page read and write
|
||
|
F9C67F9000
|
stack
|
page read and write
|
||
|
8B40F7F000
|
stack
|
page read and write
|
||
|
732D0000
|
unkown
|
page readonly
|
||
|
2B2D44F0000
|
trusted library allocation
|
page read and write
|
||
|
F9C69FE000
|
stack
|
page read and write
|
||
|
A34000
|
heap
|
page read and write
|
||
|
1FF4908C000
|
heap
|
page read and write
|
||
|
A76A3FB000
|
stack
|
page read and write
|
||
|
F9C5F8B000
|
stack
|
page read and write
|
||
|
1FF49040000
|
heap
|
page read and write
|
||
|
206CD858000
|
heap
|
page read and write
|
||
|
28E37B00000
|
heap
|
page read and write
|
||
|
25871513000
|
heap
|
page read and write
|
||
|
1FF48EC0000
|
trusted library allocation
|
page read and write
|
||
|
1A740630000
|
heap
|
page read and write
|
||
|
2B2CEDF0000
|
heap
|
page read and write
|
||
|
25871488000
|
heap
|
page read and write
|
||
|
1A740913000
|
heap
|
page read and write
|
||
|
1FF49FC0000
|
trusted library allocation
|
page read and write
|
||
|
2B2CF913000
|
heap
|
page read and write
|
||
|
2551465C000
|
heap
|
page read and write
|
||
|
55DEF2F000
|
stack
|
page read and write
|
||
|
A76A6FC000
|
stack
|
page read and write
|
||
|
2587147D000
|
heap
|
page read and write
|
||
|
2551465F000
|
heap
|
page read and write
|
||
|
1FF49F40000
|
trusted library allocation
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
206CD813000
|
heap
|
page read and write
|
||
|
206CD900000
|
heap
|
page read and write
|
||
|
2B2D4600000
|
trusted library allocation
|
page read and write
|
||
|
2B2D4640000
|
trusted library allocation
|
page read and write
|
||
|
2B2CEFD1000
|
trusted library allocation
|
page read and write
|
||
|
782000
|
unkown
|
page read and write
|
||
|
25514700000
|
heap
|
page read and write
|
||
|
2B2CF113000
|
heap
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
8B406DC000
|
stack
|
page read and write
|
||
|
1FF49089000
|
heap
|
page read and write
|
||
|
2B2D4608000
|
trusted library allocation
|
page read and write
|
||
|
2B2D4600000
|
trusted library allocation
|
page read and write
|
||
|
2B2CF000000
|
heap
|
page read and write
|
||
|
206CD859000
|
heap
|
page read and write
|
||
|
1FF4909D000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
2B2D4903000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
1A740800000
|
heap
|
page read and write
|
||
|
2587144B000
|
heap
|
page read and write
|
||
|
28E37B08000
|
heap
|
page read and write
|
||
|
B3D487E000
|
stack
|
page read and write
|
||
|
2B2CF058000
|
heap
|
page read and write
|
||
|
2B2D4620000
|
trusted library allocation
|
page read and write
|
||
|
F9C6A7F000
|
stack
|
page read and write
|
||
|
25514679000
|
heap
|
page read and write
|
||
|
A769E9B000
|
stack
|
page read and write
|
||
|
2B2D0110000
|
trusted library section
|
page readonly
|
||
|
2590000
|
heap
|
page read and write
|
||
|
25871448000
|
heap
|
page read and write
|
||
|
2B2D4470000
|
trusted library allocation
|
page read and write
|
||
|
2B2CF958000
|
heap
|
page read and write
|
||
|
F9C6CFE000
|
stack
|
page read and write
|
||
|
25514664000
|
heap
|
page read and write
|
||
|
254E000
|
stack
|
page read and write
|
||
|
1FF49088000
|
heap
|
page read and write
|
||
|
32AD000
|
stack
|
page read and write
|
||
|
2B2D4904000
|
heap
|
page read and write
|
||
|
2587143C000
|
heap
|
page read and write
|
||
|
A3B000
|
heap
|
page read and write
|
||
|
1A740874000
|
heap
|
page read and write
|
||
|
25871447000
|
heap
|
page read and write
|
||
|
A26000
|
heap
|
page read and write
|
||
|
2B2D482D000
|
heap
|
page read and write
|
||
|
8B40AFC000
|
stack
|
page read and write
|
||
|
25514E70000
|
trusted library allocation
|
page read and write
|
||
|
1FF490AE000
|
heap
|
page read and write
|
||
|
99000
|
stack
|
page read and write
|
||
|
F9C66FE000
|
stack
|
page read and write
|
||
|
8B40E7D000
|
stack
|
page read and write
|
||
|
788000
|
unkown
|
page read and write
|
||
|
2B2CFB01000
|
trusted library allocation
|
page read and write
|
||
|
1FF491D0000
|
trusted library allocation
|
page read and write
|
||
|
1FF48FF0000
|
heap
|
page read and write
|
||
|
28E37840000
|
heap
|
page read and write
|
||
|
D2E000
|
stack
|
page read and write
|
||
|
C3D857E000
|
stack
|
page read and write
|
||
|
A3F000
|
heap
|
page read and write
|
||
|
206CD6E0000
|
heap
|
page read and write
|
||
|
25871400000
|
heap
|
page read and write
|
||
|
29DF000
|
stack
|
page read and write
|
||
|
732D6000
|
unkown
|
page readonly
|
||
|
2B2D4730000
|
trusted library allocation
|
page read and write
|
||
|
8B4075F000
|
stack
|
page read and write
|
||
|
25514570000
|
heap
|
page read and write
|
||
|
F9C68FB000
|
stack
|
page read and write
|
||
|
F9C63F8000
|
stack
|
page read and write
|
||
|
28E37A4F000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
206CD83C000
|
heap
|
page read and write
|
||
|
206CD913000
|
heap
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
2B2CF959000
|
heap
|
page read and write
|
||
|
2B2CF800000
|
heap
|
page read and write
|
||
|
55DEEAC000
|
stack
|
page read and write
|
||
|
206CD88B000
|
heap
|
page read and write
|
||
|
28E37A3C000
|
heap
|
page read and write
|
||
|
55DF77E000
|
stack
|
page read and write
|
||
|
C3D8877000
|
stack
|
page read and write
|
||
|
A3D000
|
heap
|
page read and write
|
||
|
2B2D4460000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
A76A4F7000
|
stack
|
page read and write
|
||
|
2B2D4760000
|
trusted library allocation
|
page read and write
|
||
|
2B2D48FD000
|
heap
|
page read and write
|
||
|
28E38202000
|
trusted library allocation
|
page read and write
|
||
|
1FF49180000
|
trusted library allocation
|
page read and write
|
||
|
206CD82C000
|
heap
|
page read and write
|
||
|
25871350000
|
heap
|
page read and write
|
||
|
2B2D00C0000
|
trusted library section
|
page readonly
|
||
|
8B40B7E000
|
stack
|
page read and write
|
||
|
5B8FBDF000
|
stack
|
page read and write
|
||
|
206CD780000
|
trusted library allocation
|
page read and write
|
||
|
1FF4909D000
|
heap
|
page read and write
|
||
|
28E37A70000
|
heap
|
page read and write
|
||
|
55DF577000
|
stack
|
page read and write
|
||
|
28E37A55000
|
heap
|
page read and write
|
||
|
7AD000
|
unkown
|
page read and write
|
||
|
F9C6AFE000
|
stack
|
page read and write
|
||
|
A2A000
|
heap
|
page read and write
|
||
|
2CE0000
|
trusted library allocation
|
page read and write
|
||
|
25871449000
|
heap
|
page read and write
|
||
|
2B2D4624000
|
trusted library allocation
|
page read and write
|
||
|
1FF49010000
|
heap
|
page read and write
|
||
|
1A740858000
|
heap
|
page read and write
|
||
|
28E37A13000
|
heap
|
page read and write
|
||
|
206CD750000
|
heap
|
page read and write
|
||
|
2B2D484B000
|
heap
|
page read and write
|
||
|
25871500000
|
heap
|
page read and write
|
||
|
F9C6DFA000
|
stack
|
page read and write
|
||
|
2B2CF0FD000
|
heap
|
page read and write
|
||
|
2B2D48A2000
|
heap
|
page read and write
|
||
|
1FF49084000
|
heap
|
page read and write
|
||
|
2B2D4740000
|
trusted library allocation
|
page read and write
|
||
|
A45000
|
heap
|
page read and write
|
There are 326 hidden memdumps, click here to show them.