Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
98765434567890.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\nsa22B8.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
modified
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Stempelpligtig93\X\Unsalty\Epithem.Dre
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Stempelpligtig93\X\Unsalty\libgiognutls.dll
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Stempelpligtig93\antagonizing\Trespassage\Importprisernes.Qui
|
data
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\98765434567890.exe
|
C:\Users\user\Desktop\98765434567890.exe
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Spaan\Pushfully
|
Trials101
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
840000
|
heap
|
page read and write
|
|
|
|
3410000
|
direct allocation
|
page execute and read and write
|
|
|
|
1ECE405C000
|
heap
|
page read and write
|
||
|
E6668FE000
|
stack
|
page read and write
|
||
|
C80D6FE000
|
stack
|
page read and write
|
||
|
27BD4646000
|
heap
|
page read and write
|
||
|
1ECE4056000
|
heap
|
page read and write
|
||
|
1373D8BE000
|
heap
|
page read and write
|
||
|
22C9DA29000
|
heap
|
page read and write
|
||
|
667B57D000
|
stack
|
page read and write
|
||
|
26FE4C37000
|
heap
|
page read and write
|
||
|
84CE8FE000
|
stack
|
page read and write
|
||
|
27BD4645000
|
heap
|
page read and write
|
||
|
635000
|
heap
|
page read and write
|
||
|
1373D800000
|
heap
|
page read and write
|
||
|
27DA4C43000
|
heap
|
page read and write
|
||
|
1373D8CF000
|
heap
|
page read and write
|
||
|
84CE6FE000
|
stack
|
page read and write
|
||
|
1ECE4102000
|
heap
|
page read and write
|
||
|
C80D1FE000
|
stack
|
page read and write
|
||
|
27DA4A70000
|
heap
|
page read and write
|
||
|
1373D8E2000
|
heap
|
page read and write
|
||
|
27DA4D13000
|
heap
|
page read and write
|
||
|
E66677F000
|
stack
|
page read and write
|
||
|
27DA55BC000
|
heap
|
page read and write
|
||
|
667ACEC000
|
stack
|
page read and write
|
||
|
24F4000
|
heap
|
page read and write
|
||
|
84CEBFF000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
13042FD000
|
stack
|
page read and write
|
||
|
27DA5522000
|
heap
|
page read and write
|
||
|
C80CFFB000
|
stack
|
page read and write
|
||
|
81B000
|
heap
|
page read and write
|
||
|
293F000
|
stack
|
page read and write
|
||
|
22C9DA62000
|
heap
|
page read and write
|
||
|
3210000
|
trusted library allocation
|
page read and write
|
||
|
780000
|
heap
|
page read and write
|
||
|
7E0000
|
heap
|
page read and write
|
||
|
26FE4C3A000
|
heap
|
page read and write
|
||
|
1303F7D000
|
stack
|
page read and write
|
||
|
22C9DA00000
|
heap
|
page read and write
|
||
|
2480000
|
trusted library allocation
|
page read and write
|
||
|
97000
|
stack
|
page read and write
|
||
|
E666C7A000
|
stack
|
page read and write
|
||
|
84CE67B000
|
stack
|
page read and write
|
||
|
27DA556D000
|
heap
|
page read and write
|
||
|
27DA5508000
|
heap
|
page read and write
|
||
|
C80D7FF000
|
stack
|
page read and write
|
||
|
1373D902000
|
heap
|
page read and write
|
||
|
10001000
|
unkown
|
page execute read
|
||
|
1ECE3E10000
|
heap
|
page read and write
|
||
|
7DE000
|
stack
|
page read and write
|
||
|
27BD4600000
|
heap
|
page read and write
|
||
|
27DA5402000
|
heap
|
page read and write
|
||
|
1ECE403D000
|
heap
|
page read and write
|
||
|
1ECE3DA0000
|
heap
|
page read and write
|
||
|
27DA4C58000
|
heap
|
page read and write
|
||
|
5B0000
|
trusted library allocation
|
page read and write
|
||
|
27BD4665000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
27DA5502000
|
heap
|
page read and write
|
||
|
22C9D9D0000
|
trusted library allocation
|
page read and write
|
||
|
46C000
|
unkown
|
page read and write
|
||
|
27DA4B70000
|
trusted library allocation
|
page read and write
|
||
|
1373D823000
|
heap
|
page read and write
|
||
|
27BD4677000
|
heap
|
page read and write
|
||
|
1373D8C6000
|
heap
|
page read and write
|
||
|
1373D88B000
|
heap
|
page read and write
|
||
|
26FE4B80000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
1303CFF000
|
stack
|
page read and write
|
||
|
2944000
|
trusted library allocation
|
page read and write
|
||
|
C80D5FF000
|
stack
|
page read and write
|
||
|
1373E300000
|
heap
|
page read and write
|
||
|
27DA4C83000
|
heap
|
page read and write
|
||
|
27BD4660000
|
heap
|
page read and write
|
||
|
E666B7F000
|
stack
|
page read and write
|
||
|
828000
|
heap
|
page read and write
|
||
|
42B000
|
unkown
|
page read and write
|
||
|
10003000
|
unkown
|
page readonly
|
||
|
27BD45A0000
|
heap
|
page read and write
|
||
|
27DA5613000
|
heap
|
page read and write
|
||
|
22C9E402000
|
trusted library allocation
|
page read and write
|
||
|
46E000
|
unkown
|
page readonly
|
||
|
27BD4702000
|
heap
|
page read and write
|
||
|
C80CEFE000
|
stack
|
page read and write
|
||
|
27DA5554000
|
heap
|
page read and write
|
||
|
C80D4FF000
|
stack
|
page read and write
|
||
|
27DA4C8A000
|
heap
|
page read and write
|
||
|
24F0000
|
heap
|
page read and write
|
||
|
27BD465A000
|
heap
|
page read and write
|
||
|
26FE5480000
|
trusted library allocation
|
page read and write
|
||
|
27DA4C3C000
|
heap
|
page read and write
|
||
|
1373D829000
|
heap
|
page read and write
|
||
|
27BD4684000
|
heap
|
page read and write
|
||
|
27DA4C00000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
27BD463D000
|
heap
|
page read and write
|
||
|
27DA4DB9000
|
heap
|
page read and write
|
||
|
1373D844000
|
heap
|
page read and write
|
||
|
27BD45D0000
|
trusted library allocation
|
page read and write
|
||
|
27DA4C43000
|
heap
|
page read and write
|
||
|
22C9DB13000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
C37B57E000
|
stack
|
page read and write
|
||
|
435000
|
unkown
|
page read and write
|
||
|
27BD467E000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
C80C9FC000
|
stack
|
page read and write
|
||
|
1ECE3F40000
|
remote allocation
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
26FE5602000
|
trusted library allocation
|
page read and write
|
||
|
630000
|
heap
|
page read and write
|
||
|
26FE4B90000
|
heap
|
page read and write
|
||
|
27DA5522000
|
heap
|
page read and write
|
||
|
27BD4662000
|
heap
|
page read and write
|
||
|
1ECE4023000
|
heap
|
page read and write
|
||
|
2310000
|
heap
|
page read and write
|
||
|
1ECE4000000
|
heap
|
page read and write
|
||
|
E6666FF000
|
stack
|
page read and write
|
||
|
10005000
|
unkown
|
page readonly
|
||
|
46E000
|
unkown
|
page readonly
|
||
|
22C9DA70000
|
heap
|
page read and write
|
||
|
27DA5623000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
1373D869000
|
heap
|
page read and write
|
||
|
C37B07B000
|
stack
|
page read and write
|
||
|
1ECE4029000
|
heap
|
page read and write
|
||
|
C37B47E000
|
stack
|
page read and write
|
||
|
2470000
|
trusted library allocation
|
page read and write
|
||
|
246E000
|
stack
|
page read and write
|
||
|
2326000
|
heap
|
page read and write
|
||
|
3320000
|
heap
|
page read and write
|
||
|
22C9DA13000
|
heap
|
page read and write
|
||
|
27DA5627000
|
heap
|
page read and write
|
||
|
667B17F000
|
stack
|
page read and write
|
||
|
1373D813000
|
heap
|
page read and write
|
||
|
E6669FB000
|
stack
|
page read and write
|
||
|
27DA5590000
|
heap
|
page read and write
|
||
|
1373D872000
|
heap
|
page read and write
|
||
|
26FE4C3C000
|
heap
|
page read and write
|
||
|
84CE9FE000
|
stack
|
page read and write
|
||
|
1303FFB000
|
stack
|
page read and write
|
||
|
85A000
|
heap
|
page read and write
|
||
|
27BD4613000
|
heap
|
page read and write
|
||
|
C80D2FD000
|
stack
|
page read and write
|
||
|
26FE4C2F000
|
heap
|
page read and write
|
||
|
1ECE4058000
|
heap
|
page read and write
|
||
|
22C9DA37000
|
heap
|
page read and write
|
||
|
2320000
|
heap
|
page read and write
|
||
|
27DA4C7D000
|
heap
|
page read and write
|
||
|
27BD467A000
|
heap
|
page read and write
|
||
|
22C9D9A0000
|
heap
|
page read and write
|
||
|
80A000
|
heap
|
page read and write
|
||
|
26FE4D02000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
27DA4D8E000
|
heap
|
page read and write
|
||
|
84CEAFF000
|
stack
|
page read and write
|
||
|
26FE4C52000
|
heap
|
page read and write
|
||
|
27BD463A000
|
heap
|
page read and write
|
||
|
27BD4648000
|
heap
|
page read and write
|
||
|
27DA4C72000
|
heap
|
page read and write
|
||
|
27BD4667000
|
heap
|
page read and write
|
||
|
1303B7C000
|
stack
|
page read and write
|
||
|
26FE4BE0000
|
heap
|
page read and write
|
||
|
27DA5500000
|
heap
|
page read and write
|
||
|
27BD4540000
|
heap
|
page read and write
|
||
|
22C9DA40000
|
heap
|
page read and write
|
||
|
27BD4657000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
E666A79000
|
stack
|
page read and write
|
||
|
1ECE3F10000
|
trusted library allocation
|
page read and write
|
||
|
27DA4DE5000
|
heap
|
page read and write
|
||
|
C37B27E000
|
stack
|
page read and write
|
||
|
E666D7E000
|
stack
|
page read and write
|
||
|
C80D3FF000
|
stack
|
page read and write
|
||
|
667B1FC000
|
stack
|
page read and write
|
||
|
26FE4C45000
|
heap
|
page read and write
|
||
|
27DA4A10000
|
heap
|
page read and write
|
||
|
22C9D940000
|
heap
|
page read and write
|
||
|
27BD4658000
|
heap
|
page read and write
|
||
|
27DA5602000
|
heap
|
page read and write
|
||
|
E66636B000
|
stack
|
page read and write
|
||
|
27DA4B90000
|
trusted library allocation
|
page read and write
|
||
|
85D000
|
heap
|
page read and write
|
||
|
667B3FD000
|
stack
|
page read and write
|
||
|
27DA4A00000
|
heap
|
page read and write
|
||
|
27DA4C29000
|
heap
|
page read and write
|
||
|
1303DFE000
|
stack
|
page read and write
|
||
|
26FE4C29000
|
heap
|
page read and write
|
||
|
27DA5600000
|
heap
|
page read and write
|
||
|
27DA5543000
|
heap
|
page read and write
|
||
|
27BD465F000
|
heap
|
page read and write
|
||
|
1373D710000
|
heap
|
page read and write
|
||
|
27BD4530000
|
heap
|
page read and write
|
||
|
27DA4C90000
|
heap
|
page read and write
|
||
|
22C9DA5A000
|
heap
|
page read and write
|
||
|
130370B000
|
stack
|
page read and write
|
||
|
27BD466A000
|
heap
|
page read and write
|
||
|
84CE77E000
|
stack
|
page read and write
|
||
|
22C9DA3E000
|
heap
|
page read and write
|
||
|
27BD465C000
|
heap
|
page read and write
|
||
|
C80CDFB000
|
stack
|
page read and write
|
||
|
27BD467B000
|
heap
|
page read and write
|
||
|
26FE4C13000
|
heap
|
page read and write
|
||
|
26FE4C02000
|
heap
|
page read and write
|
||
|
1ECE3F40000
|
remote allocation
|
page read and write
|
||
|
42D000
|
unkown
|
page read and write
|
||
|
C37B37A000
|
stack
|
page read and write
|
||
|
27DA4C90000
|
heap
|
page read and write
|
||
|
1373D770000
|
heap
|
page read and write
|
||
|
427000
|
unkown
|
page read and write
|
||
|
27DA4C13000
|
heap
|
page read and write
|
||
|
22C9D930000
|
heap
|
page read and write
|
||
|
86F000
|
heap
|
page read and write
|
||
|
27DA55B0000
|
heap
|
page read and write
|
||
|
1ECE3F40000
|
remote allocation
|
page read and write
|
||
|
13041FE000
|
stack
|
page read and write
|
||
|
10000000
|
unkown
|
page readonly
|
||
|
667B6FC000
|
stack
|
page read and write
|
||
|
1ECE4802000
|
trusted library allocation
|
page read and write
|
||
|
242F000
|
stack
|
page read and write
|
||
|
7E7000
|
heap
|
page read and write
|
||
|
22C9DB02000
|
heap
|
page read and write
|
||
|
22C9DA02000
|
heap
|
page read and write
|
||
|
1ECE4002000
|
heap
|
page read and write
|
||
|
27BD4640000
|
heap
|
page read and write
|
||
|
1ECE4013000
|
heap
|
page read and write
|
||
|
13043FF000
|
stack
|
page read and write
|
||
|
E666E7A000
|
stack
|
page read and write
|
||
|
27BD466B000
|
heap
|
page read and write
|
||
|
27BD466D000
|
heap
|
page read and write
|
||
|
27BD4642000
|
heap
|
page read and write
|
||
|
27BD4631000
|
heap
|
page read and write
|
||
|
1373D913000
|
heap
|
page read and write
|
||
|
27BD5002000
|
trusted library allocation
|
page read and write
|
||
|
3310000
|
heap
|
page read and write
|
||
|
1373E202000
|
heap
|
page read and write
|
||
|
1373D7A0000
|
trusted library allocation
|
page read and write
|
||
|
2978000
|
trusted library allocation
|
page read and write
|
||
|
27BD4629000
|
heap
|
page read and write
|
||
|
667B47F000
|
stack
|
page read and write
|
||
|
27BD4663000
|
heap
|
page read and write
|
||
|
C37B679000
|
stack
|
page read and write
|
||
|
26FE4C00000
|
heap
|
page read and write
|
||
|
27DA5630000
|
heap
|
page read and write
|
||
|
1303E7C000
|
stack
|
page read and write
|
||
|
13040FD000
|
stack
|
page read and write
|
||
|
27BD4632000
|
heap
|
page read and write
|
||
|
1ECE3DB0000
|
heap
|
page read and write
|
||
|
27BD464E000
|
heap
|
page read and write
|
||
|
1373D700000
|
heap
|
page read and write
|
There are 242 hidden memdumps, click here to show them.