Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\RKKO3T4hSU.exe
|
"C:\Users\user\Desktop\RKKO3T4hSU.exe"
|
 |
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://forum.median-xl.com/viewtopic.php?f=4&t=3702
|
unknown
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
EBA95FF000
|
stack
|
page read and write
|
||
|
20085C90000
|
trusted library allocation
|
page read and write
|
||
|
F27000
|
heap
|
page read and write
|
||
|
D20000
|
direct allocation
|
page execute and read and write
|
||
|
20081015000
|
heap
|
page read and write
|
||
|
B44000
|
unkown
|
page execute and read and write
|
||
|
28ADEA90000
|
trusted library allocation
|
page read and write
|
||
|
200860DD000
|
heap
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
28ADEA80000
|
trusted library allocation
|
page read and write
|
||
|
A90000
|
unkown
|
page readonly
|
||
|
31ED000
|
trusted library allocation
|
page read and write
|
||
|
9B0000
|
trusted library allocation
|
page read and write
|
||
|
20081102000
|
heap
|
page read and write
|
||
|
200860F4000
|
heap
|
page read and write
|
||
|
20080790000
|
trusted library allocation
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
20085E38000
|
trusted library allocation
|
page read and write
|
||
|
F5A000
|
heap
|
page read and write
|
||
|
20085F90000
|
remote allocation
|
page read and write
|
||
|
20DAFF000
|
stack
|
page read and write
|
||
|
20080874000
|
heap
|
page read and write
|
||
|
2008082A000
|
heap
|
page read and write
|
||
|
BCF000
|
unkown
|
page execute and read and write
|
||
|
20DB7F000
|
stack
|
page read and write
|
||
|
200860F1000
|
heap
|
page read and write
|
||
|
7BE000
|
stack
|
page read and write
|
||
|
EBA99FE000
|
stack
|
page read and write
|
||
|
20085F80000
|
trusted library allocation
|
page read and write
|
||
|
200860FA000
|
heap
|
page read and write
|
||
|
FCF000
|
heap
|
page read and write
|
||
|
3107000
|
trusted library allocation
|
page read and write
|
||
|
20081C83000
|
trusted library allocation
|
page read and write
|
||
|
7FB000
|
stack
|
page read and write
|
||
|
28ADED59000
|
heap
|
page read and write
|
||
|
2008083D000
|
heap
|
page read and write
|
||
|
2008608A000
|
heap
|
page read and write
|
||
|
2008089E000
|
heap
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
A90000
|
unkown
|
page readonly
|
||
|
200860AA000
|
heap
|
page read and write
|
||
|
28ADEB0A000
|
heap
|
page read and write
|
||
|
39B3000
|
trusted library allocation
|
page read and write
|
||
|
28ADED50000
|
heap
|
page read and write
|
||
|
28ADF950000
|
trusted library allocation
|
page read and write
|
||
|
20D87B000
|
stack
|
page read and write
|
||
|
20085E54000
|
trusted library allocation
|
page read and write
|
||
|
20086000000
|
heap
|
page read and write
|
||
|
20080902000
|
heap
|
page read and write
|
||
|
20081C90000
|
trusted library allocation
|
page read and write
|
||
|
2008601D000
|
heap
|
page read and write
|
||
|
28ADF710000
|
trusted library allocation
|
page read and write
|
||
|
EBA9A79000
|
stack
|
page read and write
|
||
|
20081730000
|
trusted library section
|
page readonly
|
||
|
20085E70000
|
trusted library allocation
|
page read and write
|
||
|
20DDFF000
|
stack
|
page read and write
|
||
|
1048000
|
heap
|
page read and write
|
||
|
20081720000
|
trusted library section
|
page readonly
|
||
|
200808FD000
|
heap
|
page read and write
|
||
|
20081740000
|
trusted library section
|
page readonly
|
||
|
28ADEAF9000
|
heap
|
page read and write
|
||
|
28ADEAB0000
|
heap
|
page read and write
|
||
|
100000
|
trusted library allocation
|
page read and write
|
||
|
20D677000
|
stack
|
page read and write
|
||
|
20085F90000
|
remote allocation
|
page read and write
|
||
|
28ADEB00000
|
heap
|
page read and write
|
||
|
20080690000
|
heap
|
page read and write
|
||
|
7DC000
|
stack
|
page read and write
|
||
|
28ADEA70000
|
trusted library allocation
|
page read and write
|
||
|
F0000
|
heap
|
page read and write
|
||
|
EBA957B000
|
stack
|
page read and write
|
||
|
20085E3E000
|
trusted library allocation
|
page read and write
|
||
|
2008603D000
|
heap
|
page read and write
|
||
|
A80000
|
direct allocation
|
page execute and read and write
|
||
|
B9C000
|
unkown
|
page execute and read and write
|
||
|
20085E30000
|
trusted library allocation
|
page read and write
|
||
|
EE3000
|
heap
|
page read and write
|
||
|
101A000
|
heap
|
page read and write
|
||
|
32D4000
|
heap
|
page read and write
|
||
|
2008602B000
|
heap
|
page read and write
|
||
|
A00000
|
trusted library allocation
|
page read and write
|
||
|
20085F90000
|
trusted library allocation
|
page read and write
|
||
|
FB3000
|
heap
|
page read and write
|
||
|
28ADED40000
|
trusted library allocation
|
page read and write
|
||
|
20085E51000
|
trusted library allocation
|
page read and write
|
||
|
200808AE000
|
heap
|
page read and write
|
||
|
BD5000
|
unkown
|
page execute and write copy
|
||
|
20085CA0000
|
trusted library allocation
|
page read and write
|
||
|
200860E3000
|
heap
|
page read and write
|
||
|
20D77A000
|
stack
|
page read and write
|
||
|
20085D10000
|
trusted library allocation
|
page read and write
|
||
|
28ADF960000
|
trusted library allocation
|
page read and write
|
||
|
31E3000
|
trusted library allocation
|
page read and write
|
||
|
20080879000
|
heap
|
page read and write
|
||
|
20085F00000
|
trusted library allocation
|
page read and write
|
||
|
20085E74000
|
trusted library allocation
|
page read and write
|
||
|
20081C80000
|
trusted library allocation
|
page read and write
|
||
|
BD6000
|
unkown
|
page write copy
|
||
|
20085F50000
|
trusted library allocation
|
page read and write
|
||
|
20D97E000
|
stack
|
page read and write
|
||
|
EBA9AF9000
|
stack
|
page read and write
|
||
|
200860FD000
|
heap
|
page read and write
|
||
|
B80000
|
unkown
|
page execute and write copy
|
||
|
B4E000
|
unkown
|
page execute and read and write
|
||
|
20081710000
|
trusted library section
|
page readonly
|
||
|
20081113000
|
heap
|
page read and write
|
||
|
20081100000
|
heap
|
page read and write
|
||
|
20085E60000
|
trusted library allocation
|
page read and write
|
||
|
2008088D000
|
heap
|
page read and write
|
||
|
10EC000
|
heap
|
page read and write
|
||
|
1033000
|
heap
|
page read and write
|
||
|
20085F90000
|
remote allocation
|
page read and write
|
||
|
EBA9979000
|
stack
|
page read and write
|
||
|
2008609A000
|
heap
|
page read and write
|
||
|
32D0000
|
heap
|
page read and write
|
||
|
28ADEAB8000
|
heap
|
page read and write
|
||
|
28ADEB1B000
|
heap
|
page read and write
|
||
|
20DCFA000
|
stack
|
page read and write
|
||
|
9E0000
|
unkown
|
page read and write
|
||
|
28ADED60000
|
trusted library allocation
|
page read and write
|
||
|
E45000
|
heap
|
page read and write
|
||
|
20085F60000
|
trusted library allocation
|
page read and write
|
||
|
200860FA000
|
heap
|
page read and write
|
||
|
20081118000
|
heap
|
page read and write
|
||
|
D94000
|
heap
|
page read and write
|
||
|
20080856000
|
heap
|
page read and write
|
||
|
9D0000
|
direct allocation
|
page execute and read and write
|
||
|
1106000
|
heap
|
page read and write
|
||
|
20081118000
|
heap
|
page read and write
|
||
|
20080913000
|
heap
|
page read and write
|
||
|
20085E30000
|
trusted library allocation
|
page read and write
|
||
|
E51000
|
heap
|
page read and write
|
||
|
28ADEA00000
|
heap
|
page read and write
|
||
|
20081002000
|
heap
|
page read and write
|
||
|
20081000000
|
heap
|
page read and write
|
||
|
20081750000
|
trusted library section
|
page readonly
|
||
|
105C000
|
heap
|
page read and write
|
||
|
C08000
|
unkown
|
page read and write
|
||
|
A91000
|
unkown
|
page execute and read and write
|
||
|
20087000000
|
heap
|
page read and write
|
||
|
200860F0000
|
heap
|
page read and write
|
||
|
28ADF9B0000
|
trusted library allocation
|
page read and write
|
||
|
20081C61000
|
trusted library allocation
|
page read and write
|
||
|
3284000
|
trusted library allocation
|
page read and write
|
||
|
D68000
|
heap
|
page read and write
|
||
|
20085E60000
|
trusted library allocation
|
page read and write
|
||
|
20081700000
|
trusted library section
|
page readonly
|
||
|
D15000
|
heap
|
page read and write
|
||
|
20080892000
|
heap
|
page read and write
|
||
|
169000
|
stack
|
page read and write
|
||
|
20D47B000
|
stack
|
page read and write
|
||
|
20085F40000
|
trusted library allocation
|
page read and write
|
||
|
20086098000
|
heap
|
page read and write
|
||
|
20080876000
|
heap
|
page read and write
|
||
|
28ADEB01000
|
heap
|
page read and write
|
||
|
C08000
|
unkown
|
page write copy
|
||
|
28ADE8A0000
|
heap
|
page read and write
|
||
|
DE4000
|
heap
|
page read and write
|
||
|
EBA98F9000
|
stack
|
page read and write
|
||
|
20DBFF000
|
stack
|
page read and write
|
||
|
FA9000
|
heap
|
page read and write
|
||
|
7CE000
|
stack
|
page read and write
|
||
|
20080813000
|
heap
|
page read and write
|
||
|
2008604A000
|
heap
|
page read and write
|
||
|
3990000
|
trusted library allocation
|
page read and write
|
||
|
20085E50000
|
trusted library allocation
|
page read and write
|
||
|
28ADE8B0000
|
trusted library allocation
|
page read and write
|
||
|
322F000
|
trusted library allocation
|
page read and write
|
||
|
20DA7B000
|
stack
|
page read and write
|
||
|
3253000
|
trusted library allocation
|
page read and write
|
||
|
E03000
|
heap
|
page read and write
|
||
|
D30000
|
trusted library allocation
|
page read and write
|
||
|
200860EB000
|
heap
|
page read and write
|
||
|
FDC000
|
heap
|
page read and write
|
||
|
20DE7F000
|
stack
|
page read and write
|
||
|
20085F70000
|
trusted library allocation
|
page read and write
|
||
|
20DF7A000
|
stack
|
page read and write
|
||
|
20086061000
|
heap
|
page read and write
|
||
|
200807A0000
|
trusted library section
|
page read and write
|
||
|
BD6000
|
unkown
|
page read and write
|
||
|
28ADE9E0000
|
heap
|
page read and write
|
||
|
326A000
|
trusted library allocation
|
page read and write
|
||
|
20086054000
|
heap
|
page read and write
|
||
|
20081840000
|
trusted library allocation
|
page read and write
|
||
|
20080620000
|
heap
|
page read and write
|
||
|
20DD7E000
|
stack
|
page read and write
|
||
|
31D0000
|
trusted library allocation
|
page read and write
|
||
|
20085D20000
|
trusted library allocation
|
page read and write
|
||
|
28ADED55000
|
heap
|
page read and write
|
||
|
2008086F000
|
heap
|
page read and write
|
||
|
EBA987F000
|
stack
|
page read and write
|
||
|
20080630000
|
heap
|
page read and write
|
||
|
20080800000
|
heap
|
page read and write
|
||
|
20E17F000
|
stack
|
page read and write
|
||
|
28ADEB00000
|
heap
|
page read and write
|
||
|
28ADF940000
|
heap
|
page readonly
|
There are 186 hidden memdumps, click here to show them.