Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
QT_0948765446-NMPMUST-9876563783.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\ArtDeco_green_22.bmp
|
PNG image data, 110 x 110, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\applications-engineering.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\document-print-preview-symbolic.symbolic.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\flugters.GLA
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\libpixbufloader-tiff.dll
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\library.dll
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\mail-attachment-symbolic.symbolic.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\mail-forward.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\mail-reply-all-symbolic.symbolic.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\network-cellular-disabled-symbolic.svg
|
SVG Scalable Vector Graphics image
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\nsmF740.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
There are 2 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\QT_0948765446-NMPMUST-9876563783.exe
|
"C:\Users\user\Desktop\QT_0948765446-NMPMUST-9876563783.exe"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3370000
|
direct allocation
|
page execute and read and write
|
|
|
|
40A000
|
unkown
|
page read and write
|
||
|
2A6F5421000
|
heap
|
page read and write
|
||
|
213E368C000
|
heap
|
page read and write
|
||
|
2A6F05C1000
|
trusted library allocation
|
page read and write
|
||
|
213E3702000
|
heap
|
page read and write
|
||
|
216F1180000
|
heap
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
216F1268000
|
heap
|
page read and write
|
||
|
1C8AFE38000
|
heap
|
page read and write
|
||
|
1C8AFE3F000
|
heap
|
page read and write
|
||
|
2A6F57B0000
|
remote allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1C8AFE56000
|
heap
|
page read and write
|
||
|
2A6F0758000
|
heap
|
page read and write
|
||
|
1C8AFE3F000
|
heap
|
page read and write
|
||
|
213E3676000
|
heap
|
page read and write
|
||
|
213E35B0000
|
trusted library allocation
|
page read and write
|
||
|
5CE000
|
heap
|
page read and write
|
||
|
66425DF000
|
stack
|
page read and write
|
||
|
2A6F0600000
|
heap
|
page read and write
|
||
|
216F1254000
|
heap
|
page read and write
|
||
|
E084C7E000
|
stack
|
page read and write
|
||
|
2A6EFEA1000
|
heap
|
page read and write
|
||
|
739B4000
|
unkown
|
page readonly
|
||
|
2A6F548B000
|
heap
|
page read and write
|
||
|
2A6F54DF000
|
heap
|
page read and write
|
||
|
2A6F5390000
|
trusted library allocation
|
page read and write
|
||
|
2A6F5720000
|
trusted library allocation
|
page read and write
|
||
|
1C8AFFC0000
|
trusted library allocation
|
page read and write
|
||
|
2A6F5708000
|
trusted library allocation
|
page read and write
|
||
|
1C8B0B00000
|
trusted library allocation
|
page read and write
|
||
|
2280000
|
trusted library allocation
|
page read and write
|
||
|
E084A7A000
|
stack
|
page read and write
|
||
|
213E3700000
|
heap
|
page read and write
|
||
|
5C1000
|
heap
|
page read and write
|
||
|
99000
|
stack
|
page read and write
|
||
|
213E3677000
|
heap
|
page read and write
|
||
|
2A6F5502000
|
heap
|
page read and write
|
||
|
2A6F5724000
|
trusted library allocation
|
page read and write
|
||
|
664287F000
|
stack
|
page read and write
|
||
|
1C8AFF80000
|
trusted library allocation
|
page read and write
|
||
|
2A6F54B1000
|
heap
|
page read and write
|
||
|
1C8AFDF0000
|
heap
|
page read and write
|
||
|
1C8AFCB0000
|
trusted library allocation
|
page read and write
|
||
|
E08487A000
|
stack
|
page read and write
|
||
|
1C8B0D40000
|
heap
|
page readonly
|
||
|
213E365E000
|
heap
|
page read and write
|
||
|
216F1200000
|
heap
|
page read and write
|
||
|
2A6F0713000
|
heap
|
page read and write
|
||
|
2A6F54AA000
|
heap
|
page read and write
|
||
|
216F1302000
|
heap
|
page read and write
|
||
|
213E3708000
|
heap
|
page read and write
|
||
|
634000
|
heap
|
page read and write
|
||
|
216F1300000
|
heap
|
page read and write
|
||
|
46C000
|
unkown
|
page readonly
|
||
|
216F1213000
|
heap
|
page read and write
|
||
|
435000
|
unkown
|
page read and write
|
||
|
2A6F54FF000
|
heap
|
page read and write
|
||
|
2A6EFE79000
|
heap
|
page read and write
|
||
|
739B0000
|
unkown
|
page readonly
|
||
|
628000
|
heap
|
page read and write
|
||
|
5C5000
|
heap
|
page read and write
|
||
|
6642C77000
|
stack
|
page read and write
|
||
|
216F1228000
|
heap
|
page read and write
|
||
|
2A6EFE3D000
|
heap
|
page read and write
|
||
|
5DB000
|
heap
|
page read and write
|
||
|
627000
|
heap
|
page read and write
|
||
|
213E3629000
|
heap
|
page read and write
|
||
|
E0840FB000
|
stack
|
page read and write
|
||
|
11C8579000
|
stack
|
page read and write
|
||
|
2A6EFF02000
|
heap
|
page read and write
|
||
|
213E4002000
|
trusted library allocation
|
page read and write
|
||
|
2A6EFEBC000
|
heap
|
page read and write
|
||
|
E0843FD000
|
stack
|
page read and write
|
||
|
2A6F05F0000
|
trusted library allocation
|
page read and write
|
||
|
216F125E000
|
heap
|
page read and write
|
||
|
E0841FC000
|
stack
|
page read and write
|
||
|
2A6F544A000
|
heap
|
page read and write
|
||
|
627000
|
heap
|
page read and write
|
||
|
2A6F5330000
|
trusted library allocation
|
page read and write
|
||
|
2A6F0759000
|
heap
|
page read and write
|
||
|
2A6F57B0000
|
remote allocation
|
page read and write
|
||
|
2A6F5507000
|
heap
|
page read and write
|
||
|
11C81EB000
|
stack
|
page read and write
|
||
|
1C8B0D50000
|
trusted library allocation
|
page read and write
|
||
|
2A6EFF14000
|
heap
|
page read and write
|
||
|
2A6F5720000
|
trusted library allocation
|
page read and write
|
||
|
74218FE000
|
stack
|
page read and write
|
||
|
216F1313000
|
heap
|
page read and write
|
||
|
216F1A90000
|
trusted library allocation
|
page read and write
|
||
|
213E3510000
|
heap
|
page read and write
|
||
|
2A6F54EA000
|
heap
|
page read and write
|
||
|
387D000
|
stack
|
page read and write
|
||
|
1C8AFE00000
|
heap
|
page read and write
|
||
|
213E3681000
|
heap
|
page read and write
|
||
|
2A6F5360000
|
trusted library allocation
|
page read and write
|
||
|
27EF000
|
stack
|
page read and write
|
||
|
2A6EFEA7000
|
heap
|
page read and write
|
||
|
627000
|
heap
|
page read and write
|
||
|
2A6F12C0000
|
trusted library allocation
|
page read and write
|
||
|
74214BC000
|
stack
|
page read and write
|
||
|
588000
|
heap
|
page read and write
|
||
|
E0842FE000
|
stack
|
page read and write
|
||
|
213E363C000
|
heap
|
page read and write
|
||
|
2A6F5380000
|
trusted library allocation
|
page read and write
|
||
|
2A6F0602000
|
heap
|
page read and write
|
||
|
5D4000
|
heap
|
page read and write
|
||
|
2A6F5394000
|
trusted library allocation
|
page read and write
|
||
|
2A6F5350000
|
trusted library allocation
|
page read and write
|
||
|
61C000
|
heap
|
page read and write
|
||
|
2A6F0702000
|
heap
|
page read and write
|
||
|
2A6F54E4000
|
heap
|
page read and write
|
||
|
2A6EFF02000
|
heap
|
page read and write
|
||
|
1C8AFFB5000
|
heap
|
page read and write
|
||
|
1C8AFDF8000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
26EF000
|
stack
|
page read and write
|
||
|
2A6F0700000
|
heap
|
page read and write
|
||
|
2A6F5462000
|
heap
|
page read and write
|
||
|
2A6EFC50000
|
heap
|
page read and write
|
||
|
2A6F5504000
|
heap
|
page read and write
|
||
|
946000
|
heap
|
page read and write
|
||
|
2A6F5340000
|
trusted library allocation
|
page read and write
|
||
|
1C8AFE3F000
|
heap
|
page read and write
|
||
|
213E3660000
|
heap
|
page read and write
|
||
|
2A6EFE77000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
2A6EFE75000
|
heap
|
page read and write
|
||
|
2A6F5504000
|
heap
|
page read and write
|
||
|
213E3613000
|
heap
|
page read and write
|
||
|
11C867E000
|
stack
|
page read and write
|
||
|
11C86F9000
|
stack
|
page read and write
|
||
|
2A6F54B7000
|
heap
|
page read and write
|
||
|
2A6F0615000
|
heap
|
page read and write
|
||
|
2A6F54DD000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1C8B0DB0000
|
trusted library allocation
|
page read and write
|
||
|
28FB000
|
trusted library allocation
|
page read and write
|
||
|
213E3600000
|
heap
|
page read and write
|
||
|
2A6F570E000
|
trusted library allocation
|
page read and write
|
||
|
2A6EFE58000
|
heap
|
page read and write
|
||
|
6642D7E000
|
stack
|
page read and write
|
||
|
629000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
6642A7B000
|
stack
|
page read and write
|
||
|
213E3661000
|
heap
|
page read and write
|
||
|
2A6F05E3000
|
trusted library allocation
|
page read and write
|
||
|
216F1C02000
|
trusted library allocation
|
page read and write
|
||
|
2A6F5350000
|
trusted library allocation
|
page read and write
|
||
|
2A6F5507000
|
heap
|
page read and write
|
||
|
2A6F5780000
|
trusted library allocation
|
page read and write
|
||
|
1C8AFF10000
|
heap
|
page read and write
|
||
|
2A6F5504000
|
heap
|
page read and write
|
||
|
2A6F5380000
|
trusted library allocation
|
page read and write
|
||
|
2A6F5504000
|
heap
|
page read and write
|
||
|
2A6EFE8C000
|
heap
|
page read and write
|
||
|
2A6F54EC000
|
heap
|
page read and write
|
||
|
E083BBB000
|
stack
|
page read and write
|
||
|
2210000
|
heap
|
page read and write
|
||
|
1C8AFF90000
|
trusted library allocation
|
page read and write
|
||
|
2A6F5740000
|
trusted library allocation
|
page read and write
|
||
|
212E000
|
stack
|
page read and write
|
||
|
2A6F0718000
|
heap
|
page read and write
|
||
|
2A6EFF26000
|
heap
|
page read and write
|
||
|
213E3663000
|
heap
|
page read and write
|
||
|
1C8AFE37000
|
heap
|
page read and write
|
||
|
22A0000
|
heap
|
page read and write
|
||
|
2290000
|
trusted library allocation
|
page read and write
|
||
|
2A6EFC40000
|
heap
|
page read and write
|
||
|
1C8AFEF0000
|
heap
|
page read and write
|
||
|
5BD000
|
heap
|
page read and write
|
||
|
213E3520000
|
heap
|
page read and write
|
||
|
E083FF7000
|
stack
|
page read and write
|
||
|
2A6F5720000
|
trusted library allocation
|
page read and write
|
||
|
739B1000
|
unkown
|
page execute read
|
||
|
2A6F5760000
|
trusted library allocation
|
page read and write
|
||
|
2A6F5700000
|
trusted library allocation
|
page read and write
|
||
|
E0844FB000
|
stack
|
page read and write
|
||
|
560000
|
trusted library allocation
|
page read and write
|
||
|
664297B000
|
stack
|
page read and write
|
||
|
2A6EFE13000
|
heap
|
page read and write
|
||
|
2A6F05E0000
|
trusted library allocation
|
page read and write
|
||
|
46C000
|
unkown
|
page readonly
|
||
|
2A6F0704000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
2A6F545C000
|
heap
|
page read and write
|
||
|
7421AFE000
|
stack
|
page read and write
|
||
|
2A6F542E000
|
heap
|
page read and write
|
||
|
2A6EFEFE000
|
heap
|
page read and write
|
||
|
216F1202000
|
heap
|
page read and write
|
||
|
2A6EFE93000
|
heap
|
page read and write
|
||
|
1C8B0D30000
|
trusted library allocation
|
page read and write
|
||
|
1C8AFFB9000
|
heap
|
page read and write
|
||
|
3350000
|
trusted library allocation
|
page read and write
|
||
|
28EF000
|
stack
|
page read and write
|
||
|
2A6EFE29000
|
heap
|
page read and write
|
||
|
2A6F58A0000
|
trusted library allocation
|
page read and write
|
||
|
217E000
|
stack
|
page read and write
|
||
|
739B6000
|
unkown
|
page readonly
|
||
|
21CE000
|
stack
|
page read and write
|
||
|
2A6F5770000
|
trusted library allocation
|
page read and write
|
||
|
2A6F57B0000
|
remote allocation
|
page read and write
|
||
|
2A6EFE6F000
|
heap
|
page read and write
|
||
|
2A6F54EE000
|
heap
|
page read and write
|
||
|
62E000
|
heap
|
page read and write
|
||
|
2A6F5390000
|
trusted library allocation
|
page read and write
|
||
|
427000
|
unkown
|
page read and write
|
||
|
2A6F54F7000
|
heap
|
page read and write
|
||
|
570000
|
heap
|
page read and write
|
||
|
1C8B0D60000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
6642E7E000
|
stack
|
page read and write
|
||
|
580000
|
heap
|
page read and write
|
||
|
2A6EFE00000
|
heap
|
page read and write
|
||
|
7421BFE000
|
stack
|
page read and write
|
||
|
32C0000
|
trusted library allocation
|
page read and write
|
||
|
61C000
|
heap
|
page read and write
|
||
|
213E3676000
|
heap
|
page read and write
|
||
|
213E3580000
|
heap
|
page read and write
|
||
|
2A6F5502000
|
heap
|
page read and write
|
||
|
1C8AFCA0000
|
heap
|
page read and write
|
||
|
1C8AFF70000
|
trusted library allocation
|
page read and write
|
||
|
216F1190000
|
heap
|
page read and write
|
||
|
2A6F54F7000
|
heap
|
page read and write
|
||
|
2A6EFF07000
|
heap
|
page read and write
|
||
|
6642B7F000
|
stack
|
page read and write
|
||
|
664255C000
|
stack
|
page read and write
|
||
|
2A6F5400000
|
heap
|
page read and write
|
||
|
11C85FA000
|
stack
|
page read and write
|
||
|
216F11F0000
|
heap
|
page read and write
|
||
|
2A6F543D000
|
heap
|
page read and write
|
||
|
213E3652000
|
heap
|
page read and write
|
||
|
2A6F5790000
|
trusted library allocation
|
page read and write
|
||
|
216F123C000
|
heap
|
page read and write
|
||
|
2A6F0E40000
|
trusted library allocation
|
page read and write
|
||
|
2A6F0718000
|
heap
|
page read and write
|
||
|
2A6F5360000
|
trusted library allocation
|
page read and write
|
||
|
2A6F52C0000
|
trusted library allocation
|
page read and write
|
||
|
2A6EFCB0000
|
heap
|
page read and write
|
||
|
397E000
|
stack
|
page read and write
|
||
|
2A6EFDB0000
|
trusted library allocation
|
page read and write
|
||
|
2214000
|
heap
|
page read and write
|
||
|
2A6F5721000
|
trusted library allocation
|
page read and write
|
||
|
213E3713000
|
heap
|
page read and write
|
||
|
2A6F58E0000
|
trusted library allocation
|
page read and write
|
||
|
1C8AFFB0000
|
heap
|
page read and write
|
||
|
2A6EFEFE000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
74219FB000
|
stack
|
page read and write
|
||
|
2A6F540E000
|
heap
|
page read and write
|
||
|
2A6F5506000
|
heap
|
page read and write
|
||
|
11C8779000
|
stack
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
2A6F5500000
|
heap
|
page read and write
|
There are 245 hidden memdumps, click here to show them.