Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Swift Mesaj#U0131#09971.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\nsy4C6D.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Ydervgg\Superassume\dodecaheddra\Bikes\Bombekrater210\Cykelhandlerne.Sme
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Ydervgg\Superassume\dodecaheddra\Castrate\memstat.c
|
C source, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Ydervgg\Superassume\dodecaheddra\Coasting102.For
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Ydervgg\Superassume\dodecaheddra\Novelizes\selection-end-symbolic.symbolic.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Ydervgg\Superassume\dodecaheddra\libxml2-2.0.typelib
|
HTML document, ASCII text, with CRLF line terminators
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\Swift Mesaj#U0131#09971.exe
|
C:\Users\user\Desktop\Swift Mesaj#U0131#09971.exe
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
windowsupdatebg.s.llnwi.net
|
41.63.96.128
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Fivefoldness\Endosseringerne\Fouragen
|
Arigue
|
||
|
HKEY_CURRENT_USER\Software\Fruticeta\Lavandin\Kingliest\Ernringsenhed
|
Legating
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2AA0000
|
direct allocation
|
page execute and read and write
|
|
|
|
20C6000
|
heap
|
page read and write
|
||
|
786767D000
|
stack
|
page read and write
|
||
|
14E1A661000
|
heap
|
page read and write
|
||
|
2629407F000
|
heap
|
page read and write
|
||
|
14E1A673000
|
heap
|
page read and write
|
||
|
786737B000
|
stack
|
page read and write
|
||
|
146F8080000
|
heap
|
page read and write
|
||
|
19CD44E1000
|
heap
|
page read and write
|
||
|
14E1A625000
|
heap
|
page read and write
|
||
|
19CD4413000
|
heap
|
page read and write
|
||
|
4D0000
|
trusted library allocation
|
page read and write
|
||
|
29B7CE4A000
|
heap
|
page read and write
|
||
|
1B42E5C6000
|
heap
|
page read and write
|
||
|
14E1A65F000
|
heap
|
page read and write
|
||
|
14E1A660000
|
heap
|
page read and write
|
||
|
2970000
|
trusted library allocation
|
page read and write
|
||
|
1EF3C7E000
|
stack
|
page read and write
|
||
|
26294C10000
|
trusted library allocation
|
page read and write
|
||
|
2174000
|
heap
|
page read and write
|
||
|
1B42DC13000
|
heap
|
page read and write
|
||
|
1B42E5BC000
|
heap
|
page read and write
|
||
|
1BEA0602000
|
heap
|
page read and write
|
||
|
1B42E5D2000
|
heap
|
page read and write
|
||
|
1BEA0590000
|
heap
|
page read and write
|
||
|
1B42DC3C000
|
heap
|
page read and write
|
||
|
1BEA0600000
|
heap
|
page read and write
|
||
|
AFDEBFE000
|
stack
|
page read and write
|
||
|
1567A2E0000
|
heap
|
page read and write
|
||
|
1567A449000
|
heap
|
page read and write
|
||
|
19CD4360000
|
heap
|
page read and write
|
||
|
45C000
|
unkown
|
page read and write
|
||
|
14E1A662000
|
heap
|
page read and write
|
||
|
10001000
|
unkown
|
page execute read
|
||
|
1567C002000
|
trusted library allocation
|
page read and write
|
||
|
1B42DC57000
|
heap
|
page read and write
|
||
|
20C0000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
CCB8FE000
|
stack
|
page read and write
|
||
|
26294F40000
|
trusted library allocation
|
page read and write
|
||
|
29B7CE41000
|
heap
|
page read and write
|
||
|
1B42E502000
|
heap
|
page read and write
|
||
|
19CD44BD000
|
heap
|
page read and write
|
||
|
14E1A648000
|
heap
|
page read and write
|
||
|
19CD4350000
|
heap
|
page read and write
|
||
|
78672FD000
|
stack
|
page read and write
|
||
|
29FE89D0000
|
trusted library allocation
|
page read and write
|
||
|
AFDF0FF000
|
stack
|
page read and write
|
||
|
14E1A613000
|
heap
|
page read and write
|
||
|
C19DA7C000
|
stack
|
page read and write
|
||
|
14E1A669000
|
heap
|
page read and write
|
||
|
14E1A430000
|
heap
|
page read and write
|
||
|
437000
|
unkown
|
page read and write
|
||
|
26294ED0000
|
heap
|
page readonly
|
||
|
1567A448000
|
heap
|
page read and write
|
||
|
26293F80000
|
trusted library allocation
|
page read and write
|
||
|
10000000
|
unkown
|
page readonly
|
||
|
19CD4443000
|
heap
|
page read and write
|
||
|
1567A3D0000
|
remote allocation
|
page read and write
|
||
|
26294EF0000
|
trusted library allocation
|
page read and write
|
||
|
1B42E590000
|
heap
|
page read and write
|
||
|
14E1A657000
|
heap
|
page read and write
|
||
|
AFDEB7D000
|
stack
|
page read and write
|
||
|
26294C70000
|
trusted library allocation
|
page read and write
|
||
|
29B7CE3C000
|
heap
|
page read and write
|
||
|
3003E7A000
|
stack
|
page read and write
|
||
|
43F000
|
unkown
|
page read and write
|
||
|
29B7CE46000
|
heap
|
page read and write
|
||
|
14E1A640000
|
heap
|
page read and write
|
||
|
1B42E623000
|
heap
|
page read and write
|
||
|
26294C00000
|
trusted library allocation
|
page read and write
|
||
|
1567A42A000
|
heap
|
page read and write
|
||
|
26294220000
|
trusted library allocation
|
page read and write
|
||
|
78671FC000
|
stack
|
page read and write
|
||
|
19CD4513000
|
heap
|
page read and write
|
||
|
1567A459000
|
heap
|
page read and write
|
||
|
1B42DC76000
|
heap
|
page read and write
|
||
|
26294040000
|
heap
|
page read and write
|
||
|
1EF377C000
|
stack
|
page read and write
|
||
|
1B42E402000
|
heap
|
page read and write
|
||
|
1B42DDE5000
|
heap
|
page read and write
|
||
|
1BEA0613000
|
heap
|
page read and write
|
||
|
29B7CE37000
|
heap
|
page read and write
|
||
|
1BEA0700000
|
heap
|
page read and write
|
||
|
CCB9FE000
|
stack
|
page read and write
|
||
|
29FE8B02000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
303BC7B000
|
stack
|
page read and write
|
||
|
146F825A000
|
heap
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
1BEA0659000
|
heap
|
page read and write
|
||
|
26294078000
|
heap
|
page read and write
|
||
|
1567A502000
|
heap
|
page read and write
|
||
|
26294015000
|
heap
|
page read and write
|
||
|
14E1A66A000
|
heap
|
page read and write
|
||
|
19CD4D12000
|
heap
|
page read and write
|
||
|
1B42E56D000
|
heap
|
page read and write
|
||
|
2170000
|
heap
|
page read and write
|
||
|
1E8CA7B000
|
stack
|
page read and write
|
||
|
AFDEDFD000
|
stack
|
page read and write
|
||
|
261E000
|
stack
|
page read and write
|
||
|
14E1A658000
|
heap
|
page read and write
|
||
|
303C37E000
|
stack
|
page read and write
|
||
|
1B42DBB0000
|
trusted library allocation
|
page read and write
|
||
|
26293FE0000
|
heap
|
page read and write
|
||
|
29FE9202000
|
trusted library allocation
|
page read and write
|
||
|
14E1A63B000
|
heap
|
page read and write
|
||
|
1E8C67B000
|
stack
|
page read and write
|
||
|
146F8180000
|
trusted library allocation
|
page read and write
|
||
|
1B42E554000
|
heap
|
page read and write
|
||
|
146F8276000
|
heap
|
page read and write
|
||
|
300352C000
|
stack
|
page read and write
|
||
|
1567A3D0000
|
remote allocation
|
page read and write
|
||
|
1BEA0713000
|
heap
|
page read and write
|
||
|
7866A9B000
|
stack
|
page read and write
|
||
|
1BEA0702000
|
heap
|
page read and write
|
||
|
3003D7F000
|
stack
|
page read and write
|
||
|
CCB67E000
|
stack
|
page read and write
|
||
|
97000
|
stack
|
page read and write
|
||
|
146F8267000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
19CD4502000
|
heap
|
page read and write
|
||
|
1EF37FE000
|
stack
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
214E000
|
stack
|
page read and write
|
||
|
14E1A66C000
|
heap
|
page read and write
|
||
|
473000
|
unkown
|
page read and write
|
||
|
26294030000
|
heap
|
page read and write
|
||
|
14E1A67C000
|
heap
|
page read and write
|
||
|
1B42DC5A000
|
heap
|
page read and write
|
||
|
617000
|
heap
|
page read and write
|
||
|
1B42DC69000
|
heap
|
page read and write
|
||
|
14E1A602000
|
heap
|
page read and write
|
||
|
146F8229000
|
heap
|
page read and write
|
||
|
14E1A65C000
|
heap
|
page read and write
|
||
|
1BEA063D000
|
heap
|
page read and write
|
||
|
303C57E000
|
stack
|
page read and write
|
||
|
303BD7F000
|
stack
|
page read and write
|
||
|
14E1A64E000
|
heap
|
page read and write
|
||
|
29FE9130000
|
remote allocation
|
page read and write
|
||
|
303C27F000
|
stack
|
page read and write
|
||
|
1567BEB0000
|
trusted library allocation
|
page read and write
|
||
|
303C17E000
|
stack
|
page read and write
|
||
|
146F8A02000
|
trusted library allocation
|
page read and write
|
||
|
29FE8A02000
|
heap
|
page read and write
|
||
|
14E1AB90000
|
trusted library allocation
|
page read and write
|
||
|
1567A459000
|
heap
|
page read and write
|
||
|
300397E000
|
stack
|
page read and write
|
||
|
1B42E543000
|
heap
|
page read and write
|
||
|
26293F70000
|
heap
|
page read and write
|
||
|
29FE8940000
|
heap
|
page read and write
|
||
|
3003BFB000
|
stack
|
page read and write
|
||
|
1B42DDB9000
|
heap
|
page read and write
|
||
|
10003000
|
unkown
|
page readonly
|
||
|
14E1A666000
|
heap
|
page read and write
|
||
|
29FE8A29000
|
heap
|
page read and write
|
||
|
CCB7FE000
|
stack
|
page read and write
|
||
|
1B42DB80000
|
heap
|
page read and write
|
||
|
1B42DC91000
|
heap
|
page read and write
|
||
|
431000
|
unkown
|
page read and write
|
||
|
26294019000
|
heap
|
page read and write
|
||
|
29B7CE13000
|
heap
|
page read and write
|
||
|
29FE8A3D000
|
heap
|
page read and write
|
||
|
303C07D000
|
stack
|
page read and write
|
||
|
14E1A67A000
|
heap
|
page read and write
|
||
|
1B42DB20000
|
heap
|
page read and write
|
||
|
146F8313000
|
heap
|
page read and write
|
||
|
1BEA0E02000
|
trusted library allocation
|
page read and write
|
||
|
14E1A659000
|
heap
|
page read and write
|
||
|
7866EFB000
|
stack
|
page read and write
|
||
|
CCBDFC000
|
stack
|
page read and write
|
||
|
29FE8A00000
|
heap
|
page read and write
|
||
|
1BEA0530000
|
heap
|
page read and write
|
||
|
2629409D000
|
heap
|
page read and write
|
||
|
19CD43F0000
|
trusted library allocation
|
page read and write
|
||
|
146F8254000
|
heap
|
page read and write
|
||
|
26294010000
|
heap
|
page read and write
|
||
|
1567A500000
|
heap
|
page read and write
|
||
|
1567A464000
|
heap
|
page read and write
|
||
|
14E1A664000
|
heap
|
page read and write
|
||
|
29B7D602000
|
trusted library allocation
|
page read and write
|
||
|
1B42DC82000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1567A48A000
|
heap
|
page read and write
|
||
|
786777F000
|
stack
|
page read and write
|
||
|
300407A000
|
stack
|
page read and write
|
||
|
19CD4D00000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
14E1A67D000
|
heap
|
page read and write
|
||
|
786747D000
|
stack
|
page read and write
|
||
|
29B7CC50000
|
heap
|
page read and write
|
||
|
1567A380000
|
trusted library allocation
|
page read and write
|
||
|
14E1A65A000
|
heap
|
page read and write
|
||
|
29B7CBF0000
|
heap
|
page read and write
|
||
|
14E1A629000
|
heap
|
page read and write
|
||
|
786717F000
|
stack
|
page read and write
|
||
|
1B42E602000
|
heap
|
page read and write
|
||
|
25BF000
|
stack
|
page read and write
|
||
|
C19DE79000
|
stack
|
page read and write
|
||
|
29B7CE00000
|
heap
|
page read and write
|
||
|
1B42DC8F000
|
heap
|
page read and write
|
||
|
1567A513000
|
heap
|
page read and write
|
||
|
1B42E613000
|
heap
|
page read and write
|
||
|
3003C79000
|
stack
|
page read and write
|
||
|
1B42E5B0000
|
heap
|
page read and write
|
||
|
C19DF7F000
|
stack
|
page read and write
|
||
|
1B42E500000
|
heap
|
page read and write
|
||
|
14E1AC02000
|
trusted library allocation
|
page read and write
|
||
|
1BEA0628000
|
heap
|
page read and write
|
||
|
1B42E522000
|
heap
|
page read and write
|
||
|
40A000
|
unkown
|
page write copy
|
||
|
14E1A683000
|
heap
|
page read and write
|
||
|
14E1A3C0000
|
heap
|
page read and write
|
||
|
14E1A702000
|
heap
|
page read and write
|
||
|
1B42DC43000
|
heap
|
page read and write
|
||
|
29FE9130000
|
remote allocation
|
page read and write
|
||
|
14E1A632000
|
heap
|
page read and write
|
||
|
1B42E630000
|
heap
|
page read and write
|
||
|
1B42DBD0000
|
trusted library allocation
|
page read and write
|
||
|
19CD4429000
|
heap
|
page read and write
|
||
|
610000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
26294038000
|
heap
|
page read and write
|
||
|
14E1A600000
|
heap
|
page read and write
|
||
|
786707F000
|
stack
|
page read and write
|
||
|
29FE89A0000
|
heap
|
page read and write
|
||
|
CE2CB7E000
|
stack
|
page read and write
|
||
|
2950000
|
trusted library allocation
|
page read and write
|
||
|
29FE9130000
|
remote allocation
|
page read and write
|
||
|
19CD4400000
|
heap
|
page read and write
|
||
|
2629407F000
|
heap
|
page read and write
|
||
|
19CD446D000
|
heap
|
page read and write
|
||
|
26294EE0000
|
trusted library allocation
|
page read and write
|
||
|
659000
|
heap
|
page read and write
|
||
|
146F8213000
|
heap
|
page read and write
|
||
|
14E1A646000
|
heap
|
page read and write
|
||
|
1B42DC00000
|
heap
|
page read and write
|
||
|
29B7CE29000
|
heap
|
page read and write
|
||
|
30038FE000
|
stack
|
page read and write
|
||
|
14E1A641000
|
heap
|
page read and write
|
||
|
14E1A63D000
|
heap
|
page read and write
|
||
|
1B42DD8E000
|
heap
|
page read and write
|
||
|
CE2C71C000
|
stack
|
page read and write
|
||
|
CCBBFC000
|
stack
|
page read and write
|
||
|
1567A440000
|
heap
|
page read and write
|
||
|
C19DC7F000
|
stack
|
page read and write
|
||
|
303BA7C000
|
stack
|
page read and write
|
||
|
40A000
|
unkown
|
page read and write
|
||
|
639000
|
heap
|
page read and write
|
||
|
CCBAFC000
|
stack
|
page read and write
|
||
|
3003AFF000
|
stack
|
page read and write
|
||
|
1567A458000
|
heap
|
page read and write
|
||
|
1BEA0669000
|
heap
|
page read and write
|
||
|
26294C80000
|
trusted library allocation
|
page read and write
|
||
|
271F000
|
stack
|
page read and write
|
||
|
303C47F000
|
stack
|
page read and write
|
||
|
1BEA066B000
|
heap
|
page read and write
|
||
|
19CD4489000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
CE2CAF9000
|
stack
|
page read and write
|
||
|
1567A400000
|
heap
|
page read and write
|
||
|
1B42DC29000
|
heap
|
page read and write
|
||
|
1B42E627000
|
heap
|
page read and write
|
||
|
648000
|
heap
|
page read and write
|
||
|
786757E000
|
stack
|
page read and write
|
||
|
14E1A66E000
|
heap
|
page read and write
|
||
|
14E1A663000
|
heap
|
page read and write
|
||
|
1BEA05C0000
|
trusted library allocation
|
page read and write
|
||
|
146F8010000
|
heap
|
page read and write
|
||
|
1B42DD13000
|
heap
|
page read and write
|
||
|
CCB47B000
|
stack
|
page read and write
|
||
|
26294200000
|
heap
|
page read and write
|
||
|
29FE8930000
|
heap
|
page read and write
|
||
|
1E8C97B000
|
stack
|
page read and write
|
||
|
1EF3E7E000
|
stack
|
page read and write
|
||
|
19CD44C6000
|
heap
|
page read and write
|
||
|
1E8CC7F000
|
stack
|
page read and write
|
||
|
19CD44CE000
|
heap
|
page read and write
|
||
|
19CD4D3A000
|
heap
|
page read and write
|
||
|
146F8202000
|
heap
|
page read and write
|
||
|
C19DD7A000
|
stack
|
page read and write
|
||
|
303BE7B000
|
stack
|
page read and write
|
||
|
1BEA0520000
|
heap
|
page read and write
|
||
|
476000
|
unkown
|
page readonly
|
||
|
1B42DC79000
|
heap
|
page read and write
|
||
|
29B7CE02000
|
heap
|
page read and write
|
||
|
19CD4C02000
|
heap
|
page read and write
|
||
|
1EF3D7F000
|
stack
|
page read and write
|
||
|
146F8020000
|
heap
|
page read and write
|
||
|
29B7CC00000
|
heap
|
page read and write
|
||
|
14E1A674000
|
heap
|
page read and write
|
||
|
1567A2F0000
|
heap
|
page read and write
|
||
|
146F8200000
|
heap
|
page read and write
|
||
|
1567A449000
|
heap
|
page read and write
|
||
|
AFDEE7F000
|
stack
|
page read and write
|
||
|
14E1A667000
|
heap
|
page read and write
|
||
|
1B42DB10000
|
heap
|
page read and write
|
||
|
1B42DC43000
|
heap
|
page read and write
|
||
|
14E1A645000
|
heap
|
page read and write
|
||
|
1567A350000
|
heap
|
page read and write
|
||
|
CE2CC79000
|
stack
|
page read and write
|
||
|
1567A3A0000
|
trusted library allocation
|
page read and write
|
||
|
1567BE70000
|
trusted library allocation
|
page read and write
|
||
|
14E1A65E000
|
heap
|
page read and write
|
||
|
2100000
|
heap
|
page read and write
|
||
|
19CD43C0000
|
heap
|
page read and write
|
||
|
1567A413000
|
heap
|
page read and write
|
||
|
14E1A642000
|
heap
|
page read and write
|
||
|
AFDE69B000
|
stack
|
page read and write
|
||
|
146F8240000
|
heap
|
page read and write
|
||
|
29B7CD50000
|
trusted library allocation
|
page read and write
|
||
|
1B42E522000
|
heap
|
page read and write
|
||
|
26294EC0000
|
trusted library allocation
|
page read and write
|
||
|
1567A518000
|
heap
|
page read and write
|
||
|
146F8302000
|
heap
|
page read and write
|
||
|
476000
|
unkown
|
page readonly
|
||
|
1B42E600000
|
heap
|
page read and write
|
||
|
29B7CE2F000
|
heap
|
page read and write
|
||
|
29FE8A13000
|
heap
|
page read and write
|
||
|
29B7CE52000
|
heap
|
page read and write
|
||
|
10005000
|
unkown
|
page readonly
|
||
|
1BEA067E000
|
heap
|
page read and write
|
||
|
1EF3A7E000
|
stack
|
page read and write
|
||
|
1567A402000
|
heap
|
page read and write
|
||
|
AFDEF7D000
|
stack
|
page read and write
|
||
|
29FE8A5C000
|
heap
|
page read and write
|
||
|
19CD4463000
|
heap
|
page read and write
|
||
|
2629407F000
|
heap
|
page read and write
|
||
|
14E1A3D0000
|
heap
|
page read and write
|
||
|
1B42E5D0000
|
heap
|
page read and write
|
||
|
3003F7E000
|
stack
|
page read and write
|
||
|
1E8CB7E000
|
stack
|
page read and write
|
||
|
29B7CF02000
|
heap
|
page read and write
|
||
|
2960000
|
trusted library allocation
|
page read and write
|
||
|
42F000
|
unkown
|
page read and write
|
||
|
CE2CBFE000
|
stack
|
page read and write
|
||
|
14E1A644000
|
heap
|
page read and write
|
||
|
1567A3D0000
|
remote allocation
|
page read and write
|
||
|
43C000
|
unkown
|
page read and write
|
There are 329 hidden memdumps, click here to show them.