Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SD 2477.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\Meniscotherium1.Sch7
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\emblem-default-symbolic.symbolic.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\lang-1026.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\network-cellular-hardware-disabled-symbolic.svg
|
SVG Scalable Vector Graphics image
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\nsz4CB.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SD 2477.exe
|
"C:\Users\user\Desktop\SD 2477.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://www.avast.com0/
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3200000
|
direct allocation
|
page execute and read and write
|
|
|
|
18E79700000
|
heap
|
page read and write
|
||
|
1BE28C5E000
|
heap
|
page read and write
|
||
|
66C0EF7000
|
stack
|
page read and write
|
||
|
18E79713000
|
heap
|
page read and write
|
||
|
EEDCFF9000
|
stack
|
page read and write
|
||
|
66C0FFF000
|
stack
|
page read and write
|
||
|
24A51313000
|
heap
|
page read and write
|
||
|
256BEF50000
|
heap
|
page read and write
|
||
|
1AEF327C000
|
heap
|
page read and write
|
||
|
1AEF8CD0000
|
remote allocation
|
page read and write
|
||
|
46B36FF000
|
stack
|
page read and write
|
||
|
1AEF8C24000
|
trusted library allocation
|
page read and write
|
||
|
18E7964A000
|
heap
|
page read and write
|
||
|
18E79600000
|
heap
|
page read and write
|
||
|
2A075520000
|
trusted library allocation
|
page read and write
|
||
|
18E79613000
|
heap
|
page read and write
|
||
|
1BE28A20000
|
heap
|
page read and write
|
||
|
1AEF3213000
|
heap
|
page read and write
|
||
|
18E79647000
|
heap
|
page read and write
|
||
|
1AEF89E0000
|
trusted library allocation
|
page read and write
|
||
|
1AEF3C15000
|
heap
|
page read and write
|
||
|
1AEF8A2F000
|
heap
|
page read and write
|
||
|
256BEFF0000
|
trusted library allocation
|
page read and write
|
||
|
1AEF3326000
|
heap
|
page read and write
|
||
|
AA4CD7F000
|
stack
|
page read and write
|
||
|
76D897B000
|
stack
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
24A51253000
|
heap
|
page read and write
|
||
|
24A51200000
|
heap
|
page read and write
|
||
|
66C092E000
|
stack
|
page read and write
|
||
|
18E79670000
|
heap
|
page read and write
|
||
|
1AEF47D0000
|
trusted library allocation
|
page read and write
|
||
|
1AEF8C21000
|
trusted library allocation
|
page read and write
|
||
|
AA4CF7B000
|
stack
|
page read and write
|
||
|
2210000
|
trusted library allocation
|
page read and write
|
||
|
24A51308000
|
heap
|
page read and write
|
||
|
2A075540000
|
trusted library allocation
|
page read and write
|
||
|
1AEF8B03000
|
heap
|
page read and write
|
||
|
256BF06F000
|
heap
|
page read and write
|
||
|
66C0DFB000
|
stack
|
page read and write
|
||
|
24A5123C000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
1BE28C5A000
|
heap
|
page read and write
|
||
|
18E79410000
|
heap
|
page read and write
|
||
|
46B38FF000
|
stack
|
page read and write
|
||
|
1AEF327A000
|
heap
|
page read and write
|
||
|
1AEF8CA0000
|
trusted library allocation
|
page read and write
|
||
|
1BE28C5C000
|
heap
|
page read and write
|
||
|
77E000
|
stack
|
page read and write
|
||
|
1AEF3D59000
|
heap
|
page read and write
|
||
|
1AEF3314000
|
heap
|
page read and write
|
||
|
A26BD0B000
|
stack
|
page read and write
|
||
|
AA4CC79000
|
stack
|
page read and write
|
||
|
1AEF8860000
|
trusted library allocation
|
page read and write
|
||
|
256BEF60000
|
heap
|
page read and write
|
||
|
1AEF3D18000
|
heap
|
page read and write
|
||
|
AA4CA77000
|
stack
|
page read and write
|
||
|
1AEF8A61000
|
heap
|
page read and write
|
||
|
EEDCEF9000
|
stack
|
page read and write
|
||
|
18E7963C000
|
heap
|
page read and write
|
||
|
24A51302000
|
heap
|
page read and write
|
||
|
1AEF8AFD000
|
heap
|
page read and write
|
||
|
A26C57E000
|
stack
|
page read and write
|
||
|
1AEF8C80000
|
trusted library allocation
|
page read and write
|
||
|
42D000
|
unkown
|
page read and write
|
||
|
1AEF3272000
|
heap
|
page read and write
|
||
|
1AEF47C0000
|
trusted library allocation
|
page read and write
|
||
|
1AEF3A70000
|
trusted library allocation
|
page read and write
|
||
|
1AEF8C00000
|
trusted library allocation
|
page read and write
|
||
|
7E3000
|
heap
|
page read and write
|
||
|
1AEF8C90000
|
trusted library allocation
|
page read and write
|
||
|
1AEF3C02000
|
heap
|
page read and write
|
||
|
1AEF89A0000
|
trusted library allocation
|
page read and write
|
||
|
1BE28C29000
|
heap
|
page read and write
|
||
|
2A074538000
|
heap
|
page read and write
|
||
|
18E79702000
|
heap
|
page read and write
|
||
|
1BE28B90000
|
trusted library allocation
|
page read and write
|
||
|
1AEF3224000
|
heap
|
page read and write
|
||
|
733D4000
|
unkown
|
page readonly
|
||
|
2A075270000
|
trusted library allocation
|
page read and write
|
||
|
1AEF8C08000
|
trusted library allocation
|
page read and write
|
||
|
2A074530000
|
heap
|
page read and write
|
||
|
18E793B0000
|
heap
|
page read and write
|
||
|
A26C37B000
|
stack
|
page read and write
|
||
|
97000
|
stack
|
page read and write
|
||
|
2A07457D000
|
heap
|
page read and write
|
||
|
2A074500000
|
heap
|
page read and write
|
||
|
24A5124F000
|
heap
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
18E79708000
|
heap
|
page read and write
|
||
|
2A07457D000
|
heap
|
page read and write
|
||
|
1BE28C87000
|
heap
|
page read and write
|
||
|
256BFA02000
|
trusted library allocation
|
page read and write
|
||
|
1AEF3D59000
|
heap
|
page read and write
|
||
|
A26C47F000
|
stack
|
page read and write
|
||
|
18E79669000
|
heap
|
page read and write
|
||
|
1AEF8CB0000
|
trusted library allocation
|
page read and write
|
||
|
76D86FF000
|
stack
|
page read and write
|
||
|
1BE28C00000
|
heap
|
page read and write
|
||
|
2A074490000
|
heap
|
page read and write
|
||
|
256BF102000
|
heap
|
page read and write
|
||
|
2A075530000
|
heap
|
page readonly
|
||
|
1BE29402000
|
trusted library allocation
|
page read and write
|
||
|
1AEF3200000
|
heap
|
page read and write
|
||
|
24A5127B000
|
heap
|
page read and write
|
||
|
1AEF8970000
|
trusted library allocation
|
page read and write
|
||
|
256BF113000
|
heap
|
page read and write
|
||
|
560000
|
trusted library allocation
|
page read and write
|
||
|
18E793A0000
|
heap
|
page read and write
|
||
|
24A51270000
|
heap
|
page read and write
|
||
|
1AEF3170000
|
heap
|
page read and write
|
||
|
277F000
|
stack
|
page read and write
|
||
|
1BE28C13000
|
heap
|
page read and write
|
||
|
62E000
|
stack
|
page read and write
|
||
|
24A51288000
|
heap
|
page read and write
|
||
|
1AEF89E0000
|
trusted library allocation
|
page read and write
|
||
|
1AEF8980000
|
trusted library allocation
|
page read and write
|
||
|
2A0755A0000
|
trusted library allocation
|
page read and write
|
||
|
427000
|
unkown
|
page read and write
|
||
|
1AEF89B4000
|
trusted library allocation
|
page read and write
|
||
|
46B37F7000
|
stack
|
page read and write
|
||
|
76D8C7E000
|
stack
|
page read and write
|
||
|
76D877E000
|
stack
|
page read and write
|
||
|
1AEF8CD0000
|
remote allocation
|
page read and write
|
||
|
1AEF3277000
|
heap
|
page read and write
|
||
|
1AEF8C60000
|
trusted library allocation
|
page read and write
|
||
|
2A074540000
|
heap
|
page read and write
|
||
|
24A51222000
|
heap
|
page read and write
|
||
|
18E79648000
|
heap
|
page read and write
|
||
|
18E79681000
|
heap
|
page read and write
|
||
|
AA4D57E000
|
stack
|
page read and write
|
||
|
1AEF8A00000
|
heap
|
page read and write
|
||
|
1AEF3296000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
7EF000
|
heap
|
page read and write
|
||
|
1AEF4340000
|
trusted library allocation
|
page read and write
|
||
|
1BE28A30000
|
heap
|
page read and write
|
||
|
46B337E000
|
stack
|
page read and write
|
||
|
256BF002000
|
heap
|
page read and write
|
||
|
256BF100000
|
heap
|
page read and write
|
||
|
AA4CB7B000
|
stack
|
page read and write
|
||
|
2A074720000
|
heap
|
page read and write
|
||
|
46B35FB000
|
stack
|
page read and write
|
||
|
1AEF8AA1000
|
heap
|
page read and write
|
||
|
1AEF3302000
|
heap
|
page read and write
|
||
|
AA4CE7B000
|
stack
|
page read and write
|
||
|
46B327B000
|
stack
|
page read and write
|
||
|
46B347C000
|
stack
|
page read and write
|
||
|
7D5000
|
heap
|
page read and write
|
||
|
46B34FF000
|
stack
|
page read and write
|
||
|
2A0752E0000
|
trusted library allocation
|
page read and write
|
||
|
1AEF89E0000
|
trusted library allocation
|
page read and write
|
||
|
24A51040000
|
heap
|
page read and write
|
||
|
1BE28C60000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
1AEF87D0000
|
trusted library allocation
|
page read and write
|
||
|
1AEF3290000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
1BE28C85000
|
heap
|
page read and write
|
||
|
18E7964D000
|
heap
|
page read and write
|
||
|
733D1000
|
unkown
|
page execute read
|
||
|
1AEF3229000
|
heap
|
page read and write
|
||
|
76D8D7E000
|
stack
|
page read and write
|
||
|
1AEF3D13000
|
heap
|
page read and write
|
||
|
2A07457D000
|
heap
|
page read and write
|
||
|
AA4C87B000
|
stack
|
page read and write
|
||
|
24A511A0000
|
trusted library allocation
|
page read and write
|
||
|
2A074575000
|
heap
|
page read and write
|
||
|
18E79669000
|
heap
|
page read and write
|
||
|
B90000
|
heap
|
page read and write
|
||
|
278F000
|
trusted library allocation
|
page read and write
|
||
|
18E79629000
|
heap
|
page read and write
|
||
|
66C08AB000
|
stack
|
page read and write
|
||
|
256BF013000
|
heap
|
page read and write
|
||
|
1BE28D13000
|
heap
|
page read and write
|
||
|
1AEF3292000
|
heap
|
page read and write
|
||
|
1AEF8B05000
|
heap
|
page read and write
|
||
|
AA4D37A000
|
stack
|
page read and write
|
||
|
1AEF31D0000
|
heap
|
page read and write
|
||
|
1AEF8B00000
|
heap
|
page read and write
|
||
|
1AEF3D02000
|
heap
|
page read and write
|
||
|
256BF000000
|
heap
|
page read and write
|
||
|
256BF056000
|
heap
|
page read and write
|
||
|
256BF040000
|
heap
|
page read and write
|
||
|
2A0752D0000
|
trusted library allocation
|
page read and write
|
||
|
1AEF32A2000
|
heap
|
page read and write
|
||
|
1AEF3307000
|
heap
|
page read and write
|
||
|
2234000
|
heap
|
page read and write
|
||
|
76D867C000
|
stack
|
page read and write
|
||
|
3160000
|
trusted library allocation
|
page read and write
|
||
|
1AEF3D18000
|
heap
|
page read and write
|
||
|
18E79510000
|
trusted library allocation
|
page read and write
|
||
|
1AEF8A22000
|
heap
|
page read and write
|
||
|
46B32FF000
|
stack
|
page read and write
|
||
|
2A0744A0000
|
trusted library allocation
|
page read and write
|
||
|
1AEF8AFB000
|
heap
|
page read and write
|
||
|
1AEF3224000
|
heap
|
page read and write
|
||
|
1AEF8E00000
|
trusted library allocation
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
733D6000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1AEF47C3000
|
trusted library allocation
|
page read and write
|
||
|
24A5124A000
|
heap
|
page read and write
|
||
|
18E7964F000
|
heap
|
page read and write
|
||
|
1BE28A90000
|
heap
|
page read and write
|
||
|
18E79649000
|
heap
|
page read and write
|
||
|
1BE28C52000
|
heap
|
page read and write
|
||
|
1AEF8C0E000
|
trusted library allocation
|
page read and write
|
||
|
1AEF3160000
|
heap
|
page read and write
|
||
|
2A074729000
|
heap
|
page read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
1BE28D02000
|
heap
|
page read and write
|
||
|
1BE28C62000
|
heap
|
page read and write
|
||
|
1AEF8AF5000
|
heap
|
page read and write
|
||
|
EEDCAAB000
|
stack
|
page read and write
|
||
|
A26C27B000
|
stack
|
page read and write
|
||
|
1AEF8DC0000
|
trusted library allocation
|
page read and write
|
||
|
2200000
|
trusted library allocation
|
page read and write
|
||
|
2A075260000
|
trusted library allocation
|
page read and write
|
||
|
2A075550000
|
trusted library allocation
|
page read and write
|
||
|
1AEF8B02000
|
heap
|
page read and write
|
||
|
279A000
|
trusted library allocation
|
page read and write
|
||
|
1AEF8970000
|
trusted library allocation
|
page read and write
|
||
|
24A51030000
|
heap
|
page read and write
|
||
|
18E79E02000
|
trusted library allocation
|
page read and write
|
||
|
24A510A0000
|
heap
|
page read and write
|
||
|
1AEF8A14000
|
heap
|
page read and write
|
||
|
1AEF3300000
|
heap
|
page read and write
|
||
|
1AEF8A54000
|
heap
|
page read and write
|
||
|
76D8B7D000
|
stack
|
page read and write
|
||
|
1AEF8AED000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
1BE28D08000
|
heap
|
page read and write
|
||
|
1AEF3D04000
|
heap
|
page read and write
|
||
|
24A51202000
|
heap
|
page read and write
|
||
|
18E79674000
|
heap
|
page read and write
|
||
|
1AEF8850000
|
trusted library allocation
|
page read and write
|
||
|
437000
|
unkown
|
page read and write
|
||
|
2A074725000
|
heap
|
page read and write
|
||
|
EEDCF7F000
|
stack
|
page read and write
|
||
|
1AEF8A9F000
|
heap
|
page read and write
|
||
|
1AEF3C00000
|
heap
|
page read and write
|
||
|
1BE28C3C000
|
heap
|
page read and write
|
||
|
24A51300000
|
heap
|
page read and write
|
||
|
256BF028000
|
heap
|
page read and write
|
||
|
1AEF3D00000
|
heap
|
page read and write
|
||
|
2A074700000
|
heap
|
page read and write
|
||
|
1AEF3300000
|
heap
|
page read and write
|
||
|
1AEF8A40000
|
heap
|
page read and write
|
||
|
18E7964C000
|
heap
|
page read and write
|
||
|
66C10FF000
|
stack
|
page read and write
|
||
|
1AEF3302000
|
heap
|
page read and write
|
||
|
24A51A02000
|
trusted library allocation
|
page read and write
|
||
|
1AEF87E0000
|
trusted library allocation
|
page read and write
|
||
|
1BE28C57000
|
heap
|
page read and write
|
||
|
1AEF323D000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
443000
|
unkown
|
page readonly
|
||
|
66C09AF000
|
stack
|
page read and write
|
||
|
1AEF89A0000
|
trusted library allocation
|
page read and write
|
||
|
733D0000
|
unkown
|
page readonly
|
||
|
1AEF8980000
|
trusted library allocation
|
page read and write
|
||
|
1AEF32B4000
|
heap
|
page read and write
|
||
|
1AEF8CD0000
|
remote allocation
|
page read and write
|
||
|
256BEFC0000
|
heap
|
page read and write
|
||
|
EEDD07F000
|
stack
|
page read and write
|
||
|
1AEF8A4D000
|
heap
|
page read and write
|
||
|
76D8A77000
|
stack
|
page read and write
|
||
|
7A8000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
1BE28D00000
|
heap
|
page read and write
|
||
|
1AEF89B0000
|
trusted library allocation
|
page read and write
|
||
|
24A51213000
|
heap
|
page read and write
|
||
|
1AEF3258000
|
heap
|
page read and write
|
||
|
24A51229000
|
heap
|
page read and write
|
||
|
1AEF8AAA000
|
heap
|
page read and write
|
||
|
2A074730000
|
trusted library allocation
|
page read and write
|
||
|
2230000
|
heap
|
page read and write
|
||
|
443000
|
unkown
|
page readonly
|
||
|
B96000
|
heap
|
page read and write
|
||
|
EEDCE79000
|
stack
|
page read and write
|
||
|
267F000
|
stack
|
page read and write
|
There are 274 hidden memdumps, click here to show them.