Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\zRZljp49Uz.exe
|
"C:\Users\user\Desktop\zRZljp49Uz.exe"
|
 |
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://51.195.166.184/
|
51.195.166.184
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
51.195.166.184
|
unknown
|
France
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2CC000
|
stack
|
page read and write
|
||
|
FA52B7E000
|
unkown
|
page read and write
|
||
|
802000
|
heap
|
page read and write
|
||
|
2DB0000
|
trusted library section
|
page readonly
|
||
|
289B000
|
stack
|
page read and write
|
||
|
7ED000
|
heap
|
page read and write
|
||
|
2450000
|
heap
|
page read and write
|
||
|
A41000
|
unkown
|
page execute read
|
||
|
28432210000
|
heap
|
page read and write
|
||
|
A50000
|
unkown
|
page readonly
|
||
|
28432400000
|
unkown
|
page read and write
|
||
|
29DF000
|
stack
|
page read and write
|
||
|
802000
|
heap
|
page read and write
|
||
|
7CB000
|
heap
|
page read and write
|
||
|
240D000
|
stack
|
page read and write
|
||
|
28432455000
|
unkown
|
page read and write
|
||
|
284323B0000
|
unkown
|
page readonly
|
||
|
28432502000
|
unkown
|
page read and write
|
||
|
28433DA0000
|
unkown
|
page read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
3CA000
|
stack
|
page read and write
|
||
|
7BA000
|
heap
|
page read and write
|
||
|
2430000
|
heap
|
page read and write
|
||
|
28432990000
|
unkown
|
page readonly
|
||
|
802000
|
heap
|
page read and write
|
||
|
7EF000
|
heap
|
page read and write
|
||
|
A50000
|
unkown
|
page readonly
|
||
|
2C9E000
|
stack
|
page read and write
|
||
|
2D9F000
|
stack
|
page read and write
|
||
|
620000
|
trusted library allocation
|
page read and write
|
||
|
28432360000
|
unkown
|
page write copy
|
||
|
FA52AFA000
|
unkown
|
page read and write
|
||
|
FA52BFF000
|
unkown
|
page read and write
|
||
|
802000
|
heap
|
page read and write
|
||
|
2C5F000
|
stack
|
page read and write
|
||
|
FA5274F000
|
unkown
|
page read and write
|
||
|
28432413000
|
unkown
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
28432220000
|
heap
|
page read and write
|
||
|
28432280000
|
heap
|
page read and write
|
||
|
28DE000
|
stack
|
page read and write
|
||
|
7CB000
|
heap
|
page read and write
|
||
|
A4E000
|
unkown
|
page read and write
|
||
|
76E000
|
stack
|
page read and write
|
||
|
28432600000
|
unkown
|
page readonly
|
||
|
7EF000
|
heap
|
page read and write
|
||
|
7BA000
|
heap
|
page read and write
|
||
|
A40000
|
unkown
|
page readonly
|
||
|
FA52A7F000
|
unkown
|
page read and write
|
||
|
A4C000
|
unkown
|
page readonly
|
||
|
9FD000
|
stack
|
page read and write
|
||
|
28432402000
|
unkown
|
page read and write
|
||
|
655000
|
heap
|
page read and write
|
||
|
7BA000
|
heap
|
page read and write
|
||
|
A40000
|
unkown
|
page readonly
|
||
|
A41000
|
unkown
|
page execute read
|
||
|
28432440000
|
unkown
|
page read and write
|
||
|
802000
|
heap
|
page read and write
|
||
|
FA527C9000
|
unkown
|
page read and write
|
||
|
28432445000
|
unkown
|
page read and write
|
||
|
650000
|
heap
|
page read and write
|
||
|
97E000
|
stack
|
page read and write
|
||
|
A3E000
|
stack
|
page read and write
|
||
|
9BE000
|
stack
|
page read and write
|
||
|
2B1E000
|
stack
|
page read and write
|
||
|
2B5E000
|
stack
|
page read and write
|
||
|
28432429000
|
unkown
|
page read and write
|
||
|
FA526CB000
|
stack
|
page read and write
|
||
|
78A000
|
heap
|
page read and write
|
||
|
2A1E000
|
stack
|
page read and write
|
||
|
7EF000
|
heap
|
page read and write
|
||
|
7CB000
|
heap
|
page read and write
|
||
|
260000
|
heap
|
page read and write
|
||
|
A4C000
|
unkown
|
page readonly
|
||
|
B5E000
|
stack
|
page read and write
|
There are 65 hidden memdumps, click here to show them.